openssl/tools/c_rehash
1999-01-02 15:52:11 +00:00

62 lines
1.1 KiB
Bash

#!/bin/sh
#
# redo the hashes for the certificates in your cert path or the ones passed
# on the command line.
#
if [ "$OPENSSL"x = "x" -o ! -x "$OPENSSL" ]; then
OPENSSL='openssl'
export OPENSSL
fi
DIR=/usr/local/ssl
PATH=$DIR/bin:$PATH
if [ ! -f "$OPENSSL" ]; then
found=0
for dir in . `echo $PATH | sed -e 's/:/ /g'`; do
if [ -f "$dir/$OPENSSL" ]; then
found=1
break
fi
done
if [ $found = 0 ]; then
echo "c_rehash: rehashing skipped ('openssl' program still not available)" 1>&2
exit 0
fi
fi
SSL_DIR=$DIR/certs
if [ "$*" = "" ]; then
CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}}
else
CERTS=$*
fi
IFS=': '
for i in $CERTS
do
(
IFS=' '
if [ -d $i -a -w $i ]; then
cd $i
echo "Doing $i"
for i in *.pem
do
if [ $i != '*.pem' ]; then
h=`$OPENSSL x509 -hash -noout -in $i`
if [ "x$h" = "x" ]; then
echo $i does not contain a certificate
else
if [ -f $h.0 ]; then
/bin/rm -f $h.0
fi
echo "$i => $h.0"
ln -s $i $h.0
fi
fi
done
fi
)
done