You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 lines
1.8 KiB
76 lines
1.8 KiB
:
|
|
eval 'exec perl -S $0 ${1+"$@"}'
|
|
if $running_under_some_shell;
|
|
|
|
##
|
|
## Generate the KDE CA list TDEConfig file
|
|
##
|
|
|
|
%CERT = ();
|
|
open(IDX, "<cert.index") || die;
|
|
while (<IDX>) {
|
|
if (m|^(\S+):\s+(.+)\s*$|) {
|
|
$CERT{$2} = $1;
|
|
}
|
|
}
|
|
close(IDX);
|
|
|
|
$date = `date`;
|
|
$date =~ s|\n$||;
|
|
open(BDL, ">ksslcalist") || die;
|
|
foreach $cert (sort(keys(%CERT))) {
|
|
$file = $CERT{$cert};
|
|
print STDERR "Bundling: $cert ($file)\n";
|
|
$pem = `openssl x509 -in $file -inform DER -outform PEM`;
|
|
$pem =~ s|[\n\r]||g;
|
|
$pem =~ s|-----BEGIN CERTIFICATE-----||;
|
|
$pem =~ s|-----END CERTIFICATE-----||;
|
|
$subj = `openssl x509 -in $file -inform DER -noout -subject`;
|
|
$_ = $subj;
|
|
# We don't trust this anymore, so we keep our own copy
|
|
if ( /TrustCenter/ ) {
|
|
continue;
|
|
}
|
|
if ( /[Oo]bject/ || /[Cc]ode/ ) {
|
|
$codeSubj = 1;
|
|
} else {
|
|
$codeSubj = 0;
|
|
}
|
|
$subj =~ s|\n$||;
|
|
$subj =~ s/^subject= //;
|
|
$purpose = `openssl x509 -in $file -inform DER -noout -purpose`;
|
|
print BDL "\n";
|
|
print BDL "[$subj]\n";
|
|
print BDL "x509=$pem\n";
|
|
#
|
|
$_ = $purpose;
|
|
if ( /server CA : Yes\n/ || /client CA : Yes\n/ || (/Any Purpose CA : Yes\n/ && (/client : Yes\n/ || /server : Yes\n/ ))) {
|
|
$v_site="true";
|
|
} else {
|
|
$v_site="false";
|
|
}
|
|
#
|
|
if ( /MIME signing CA : Yes\n/ || /MIME encryption CA : Yes\n/ ) {
|
|
$v_email="true";
|
|
} else {
|
|
$v_email="false";
|
|
}
|
|
#
|
|
if ( /Any Purpose CA : Yes\n/ && $codeSubj == 1) {
|
|
$v_code="true";
|
|
} else {
|
|
$v_code="false";
|
|
}
|
|
|
|
# are some certificates really broken?
|
|
if ($v_code == "false" && $v_email == "false") {
|
|
$v_site = "true";
|
|
}
|
|
|
|
print BDL "site=$v_site\n";
|
|
print BDL "email=$v_email\n";
|
|
print BDL "code=$v_code\n";
|
|
}
|
|
close(BDL);
|
|
|