mirror of https://github.com/openssl/openssl
convert tabs to spaces in two distributed Perl scripts
Also fix indentation in c_rehash.in to 4 spaces, where a mixture of 4 and 8 spaces was used before, in addition to tabs. CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16459)
This commit is contained in:
parent
6d56fcd86a
commit
ea0d79db9b
|
@ -21,10 +21,10 @@ sub read_body {
|
||||||
my $return_data = "";
|
my $return_data = "";
|
||||||
my $data_len = length ${$state->{data}};
|
my $data_len = length ${$state->{data}};
|
||||||
if ($state->{bytes} < $data_len) {
|
if ($state->{bytes} < $data_len) {
|
||||||
$data_len = $data_len - $state->{bytes};
|
$data_len = $data_len - $state->{bytes};
|
||||||
$data_len = $maxlength if $data_len > $maxlength;
|
$data_len = $maxlength if $data_len > $maxlength;
|
||||||
$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
|
$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
|
||||||
$state->{bytes} += $data_len;
|
$state->{bytes} += $data_len;
|
||||||
}
|
}
|
||||||
return $return_data;
|
return $return_data;
|
||||||
}
|
}
|
||||||
|
@ -53,8 +53,8 @@ sub create_curl {
|
||||||
$curl->setopt(CURLOPT_UPLOAD, 1);
|
$curl->setopt(CURLOPT_UPLOAD, 1);
|
||||||
$curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
|
$curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
|
||||||
$curl->setopt(CURLOPT_HTTPHEADER,
|
$curl->setopt(CURLOPT_HTTPHEADER,
|
||||||
["Content-Type: application/timestamp-query",
|
["Content-Type: application/timestamp-query",
|
||||||
"Accept: application/timestamp-reply,application/timestamp-response"]);
|
"Accept: application/timestamp-reply,application/timestamp-response"]);
|
||||||
$curl->setopt(CURLOPT_READFUNCTION, \&read_body);
|
$curl->setopt(CURLOPT_READFUNCTION, \&read_body);
|
||||||
$curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
|
$curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
|
||||||
|
|
||||||
|
@ -63,8 +63,8 @@ sub create_curl {
|
||||||
|
|
||||||
# SSL related options.
|
# SSL related options.
|
||||||
$curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
|
$curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
|
||||||
$curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate.
|
$curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate.
|
||||||
$curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN.
|
$curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN.
|
||||||
$curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
|
$curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
|
||||||
$curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
|
$curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
|
||||||
$curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
|
$curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
|
||||||
|
@ -101,15 +101,15 @@ sub get_timestamp {
|
||||||
my $error_string;
|
my $error_string;
|
||||||
if ($error_code != 0) {
|
if ($error_code != 0) {
|
||||||
my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
|
my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
|
||||||
$error_string = "could not get timestamp";
|
$error_string = "could not get timestamp";
|
||||||
$error_string .= ", http code: $http_code" unless $http_code == 0;
|
$error_string .= ", http code: $http_code" unless $http_code == 0;
|
||||||
$error_string .= ", curl code: $error_code";
|
$error_string .= ", curl code: $error_code";
|
||||||
$error_string .= " ($::error_buf)" if defined($::error_buf);
|
$error_string .= " ($::error_buf)" if defined($::error_buf);
|
||||||
} else {
|
} else {
|
||||||
my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
|
my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
|
||||||
if (lc($ct) ne "application/timestamp-reply"
|
if (lc($ct) ne "application/timestamp-reply"
|
||||||
&& lc($ct) ne "application/timestamp-response") {
|
&& lc($ct) ne "application/timestamp-response") {
|
||||||
$error_string = "unexpected content type returned: $ct";
|
$error_string = "unexpected content type returned: $ct";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return ($ts_body, $error_string);
|
return ($ts_body, $error_string);
|
||||||
|
@ -163,15 +163,15 @@ REQUEST: foreach (@ARGV) {
|
||||||
# Read request.
|
# Read request.
|
||||||
my $body;
|
my $body;
|
||||||
if ($input eq "-") {
|
if ($input eq "-") {
|
||||||
# Read the request from STDIN;
|
# Read the request from STDIN;
|
||||||
$body = <STDIN>;
|
$body = <STDIN>;
|
||||||
} else {
|
} else {
|
||||||
# Read the request from file.
|
# Read the request from file.
|
||||||
open INPUT, "<" . $input
|
open INPUT, "<" . $input
|
||||||
or warn("$input: could not open input file: $!\n"), next REQUEST;
|
or warn("$input: could not open input file: $!\n"), next REQUEST;
|
||||||
$body = <INPUT>;
|
$body = <INPUT>;
|
||||||
close INPUT
|
close INPUT
|
||||||
or warn("$input: could not close input file: $!\n"), next REQUEST;
|
or warn("$input: could not close input file: $!\n"), next REQUEST;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Send request.
|
# Send request.
|
||||||
|
@ -179,21 +179,21 @@ REQUEST: foreach (@ARGV) {
|
||||||
|
|
||||||
my ($ts_body, $error) = get_timestamp $curl, \$body;
|
my ($ts_body, $error) = get_timestamp $curl, \$body;
|
||||||
if (defined($error)) {
|
if (defined($error)) {
|
||||||
die "$input: fatal error: $error\n";
|
die "$input: fatal error: $error\n";
|
||||||
}
|
}
|
||||||
STDERR->printflush(", reply received") if $options{v};
|
STDERR->printflush(", reply received") if $options{v};
|
||||||
|
|
||||||
# Write response.
|
# Write response.
|
||||||
if ($output eq "-") {
|
if ($output eq "-") {
|
||||||
# Write to STDOUT.
|
# Write to STDOUT.
|
||||||
print $ts_body;
|
print $ts_body;
|
||||||
} else {
|
} else {
|
||||||
# Write to file.
|
# Write to file.
|
||||||
open OUTPUT, ">", $output
|
open OUTPUT, ">", $output
|
||||||
or warn("$output: could not open output file: $!\n"), next REQUEST;
|
or warn("$output: could not open output file: $!\n"), next REQUEST;
|
||||||
print OUTPUT $ts_body;
|
print OUTPUT $ts_body;
|
||||||
close OUTPUT
|
close OUTPUT
|
||||||
or warn("$output: could not close output file: $!\n"), next REQUEST;
|
or warn("$output: could not close output file: $!\n"), next REQUEST;
|
||||||
}
|
}
|
||||||
STDERR->printflush(", $output written.\n") if $options{v};
|
STDERR->printflush(", $output written.\n") if $options{v};
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,35 +28,35 @@ while ( $ARGV[0] =~ /^-/ ) {
|
||||||
my $flag = shift @ARGV;
|
my $flag = shift @ARGV;
|
||||||
last if ( $flag eq '--');
|
last if ( $flag eq '--');
|
||||||
if ( $flag eq '-old') {
|
if ( $flag eq '-old') {
|
||||||
$x509hash = "-subject_hash_old";
|
$x509hash = "-subject_hash_old";
|
||||||
$crlhash = "-hash_old";
|
$crlhash = "-hash_old";
|
||||||
} elsif ( $flag eq '-h' || $flag eq '-help' ) {
|
} elsif ( $flag eq '-h' || $flag eq '-help' ) {
|
||||||
help();
|
help();
|
||||||
} elsif ( $flag eq '-n' ) {
|
} elsif ( $flag eq '-n' ) {
|
||||||
$removelinks = 0;
|
$removelinks = 0;
|
||||||
} elsif ( $flag eq '-v' ) {
|
} elsif ( $flag eq '-v' ) {
|
||||||
$verbose++;
|
$verbose++;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
print STDERR "Usage error; try -h.\n";
|
print STDERR "Usage error; try -h.\n";
|
||||||
exit 1;
|
exit 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sub help {
|
sub help {
|
||||||
print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";
|
print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";
|
||||||
print " -old use old-style digest\n";
|
print " -old use old-style digest\n";
|
||||||
print " -h or -help print this help text\n";
|
print " -h or -help print this help text\n";
|
||||||
print " -v print files removed and linked\n";
|
print " -v print files removed and linked\n";
|
||||||
exit 0;
|
exit 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
eval "require Cwd";
|
eval "require Cwd";
|
||||||
if (defined(&Cwd::getcwd)) {
|
if (defined(&Cwd::getcwd)) {
|
||||||
$pwd=Cwd::getcwd();
|
$pwd=Cwd::getcwd();
|
||||||
} else {
|
} else {
|
||||||
$pwd=`pwd`;
|
$pwd=`pwd`;
|
||||||
chomp($pwd);
|
chomp($pwd);
|
||||||
}
|
}
|
||||||
|
|
||||||
# DOS/Win32 or Unix delimiter? Prefix our installdir, then search.
|
# DOS/Win32 or Unix delimiter? Prefix our installdir, then search.
|
||||||
|
@ -64,92 +64,92 @@ my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
|
||||||
$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
|
$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
|
||||||
|
|
||||||
if (! -x $openssl) {
|
if (! -x $openssl) {
|
||||||
my $found = 0;
|
my $found = 0;
|
||||||
foreach (split /$path_delim/, $ENV{PATH}) {
|
foreach (split /$path_delim/, $ENV{PATH}) {
|
||||||
if (-x "$_/$openssl") {
|
if (-x "$_/$openssl") {
|
||||||
$found = 1;
|
$found = 1;
|
||||||
$openssl = "$_/$openssl";
|
$openssl = "$_/$openssl";
|
||||||
last;
|
last;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($found == 0) {
|
if ($found == 0) {
|
||||||
print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
|
print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
|
||||||
exit 0;
|
exit 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (@ARGV) {
|
if (@ARGV) {
|
||||||
@dirlist = @ARGV;
|
@dirlist = @ARGV;
|
||||||
} elsif ($ENV{SSL_CERT_DIR}) {
|
} elsif ($ENV{SSL_CERT_DIR}) {
|
||||||
@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
|
@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
|
||||||
} else {
|
} else {
|
||||||
$dirlist[0] = "$dir/certs";
|
$dirlist[0] = "$dir/certs";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (-d $dirlist[0]) {
|
if (-d $dirlist[0]) {
|
||||||
chdir $dirlist[0];
|
chdir $dirlist[0];
|
||||||
$openssl="$pwd/$openssl" if (!-x $openssl);
|
$openssl="$pwd/$openssl" if (!-x $openssl);
|
||||||
chdir $pwd;
|
chdir $pwd;
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach (@dirlist) {
|
foreach (@dirlist) {
|
||||||
if (-d $_ ) {
|
if (-d $_ ) {
|
||||||
if ( -w $_) {
|
if ( -w $_) {
|
||||||
hash_dir($_);
|
hash_dir($_);
|
||||||
} else {
|
} else {
|
||||||
print "Skipping $_, can't write\n";
|
print "Skipping $_, can't write\n";
|
||||||
$errorcount++;
|
$errorcount++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
exit($errorcount);
|
exit($errorcount);
|
||||||
|
|
||||||
sub hash_dir {
|
sub hash_dir {
|
||||||
my %hashlist;
|
my %hashlist;
|
||||||
print "Doing $_[0]\n";
|
print "Doing $_[0]\n";
|
||||||
chdir $_[0];
|
chdir $_[0];
|
||||||
opendir(DIR, ".");
|
opendir(DIR, ".");
|
||||||
my @flist = sort readdir(DIR);
|
my @flist = sort readdir(DIR);
|
||||||
closedir DIR;
|
closedir DIR;
|
||||||
if ( $removelinks ) {
|
if ( $removelinks ) {
|
||||||
# Delete any existing symbolic links
|
# Delete any existing symbolic links
|
||||||
foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
|
foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
|
||||||
if (-l $_) {
|
if (-l $_) {
|
||||||
print "unlink $_" if $verbose;
|
print "unlink $_" if $verbose;
|
||||||
unlink $_ || warn "Can't unlink $_, $!\n";
|
unlink $_ || warn "Can't unlink $_, $!\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
|
FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
|
||||||
# Check to see if certificates and/or CRLs present.
|
# Check to see if certificates and/or CRLs present.
|
||||||
my ($cert, $crl) = check_file($fname);
|
my ($cert, $crl) = check_file($fname);
|
||||||
if (!$cert && !$crl) {
|
if (!$cert && !$crl) {
|
||||||
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
|
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
|
||||||
next;
|
next;
|
||||||
}
|
}
|
||||||
link_hash_cert($fname) if ($cert);
|
link_hash_cert($fname) if ($cert);
|
||||||
link_hash_crl($fname) if ($crl);
|
link_hash_crl($fname) if ($crl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sub check_file {
|
sub check_file {
|
||||||
my ($is_cert, $is_crl) = (0,0);
|
my ($is_cert, $is_crl) = (0,0);
|
||||||
my $fname = $_[0];
|
my $fname = $_[0];
|
||||||
open IN, $fname;
|
open IN, $fname;
|
||||||
while(<IN>) {
|
while(<IN>) {
|
||||||
if (/^-----BEGIN (.*)-----/) {
|
if (/^-----BEGIN (.*)-----/) {
|
||||||
my $hdr = $1;
|
my $hdr = $1;
|
||||||
if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
|
if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
|
||||||
$is_cert = 1;
|
$is_cert = 1;
|
||||||
last if ($is_crl);
|
last if ($is_crl);
|
||||||
} elsif ($hdr eq "X509 CRL") {
|
} elsif ($hdr eq "X509 CRL") {
|
||||||
$is_crl = 1;
|
$is_crl = 1;
|
||||||
last if ($is_cert);
|
last if ($is_cert);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
close IN;
|
close IN;
|
||||||
return ($is_cert, $is_crl);
|
return ($is_cert, $is_crl);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -160,72 +160,72 @@ sub check_file {
|
||||||
# certificate fingerprints
|
# certificate fingerprints
|
||||||
|
|
||||||
sub link_hash_cert {
|
sub link_hash_cert {
|
||||||
my $fname = $_[0];
|
my $fname = $_[0];
|
||||||
$fname =~ s/\"/\\\"/g;
|
$fname =~ s/\"/\\\"/g;
|
||||||
my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
|
my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
|
||||||
chomp $hash;
|
chomp $hash;
|
||||||
chomp $fprint;
|
chomp $fprint;
|
||||||
$fprint =~ s/^.*=//;
|
$fprint =~ s/^.*=//;
|
||||||
$fprint =~ tr/://d;
|
$fprint =~ tr/://d;
|
||||||
my $suffix = 0;
|
my $suffix = 0;
|
||||||
# Search for an unused hash filename
|
# Search for an unused hash filename
|
||||||
while(exists $hashlist{"$hash.$suffix"}) {
|
while(exists $hashlist{"$hash.$suffix"}) {
|
||||||
# Hash matches: if fingerprint matches its a duplicate cert
|
# Hash matches: if fingerprint matches its a duplicate cert
|
||||||
if ($hashlist{"$hash.$suffix"} eq $fprint) {
|
if ($hashlist{"$hash.$suffix"} eq $fprint) {
|
||||||
print STDERR "WARNING: Skipping duplicate certificate $fname\n";
|
print STDERR "WARNING: Skipping duplicate certificate $fname\n";
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$suffix++;
|
$suffix++;
|
||||||
}
|
}
|
||||||
$hash .= ".$suffix";
|
$hash .= ".$suffix";
|
||||||
if ($symlink_exists) {
|
if ($symlink_exists) {
|
||||||
print "link $fname -> $hash\n" if $verbose;
|
print "link $fname -> $hash\n" if $verbose;
|
||||||
symlink $fname, $hash || warn "Can't symlink, $!";
|
symlink $fname, $hash || warn "Can't symlink, $!";
|
||||||
} else {
|
} else {
|
||||||
print "copy $fname -> $hash\n" if $verbose;
|
print "copy $fname -> $hash\n" if $verbose;
|
||||||
if (open($in, "<", $fname)) {
|
if (open($in, "<", $fname)) {
|
||||||
if (open($out,">", $hash)) {
|
if (open($out,">", $hash)) {
|
||||||
print $out $_ while (<$in>);
|
print $out $_ while (<$in>);
|
||||||
close $out;
|
close $out;
|
||||||
} else {
|
} else {
|
||||||
warn "can't open $hash for write, $!";
|
warn "can't open $hash for write, $!";
|
||||||
}
|
}
|
||||||
close $in;
|
close $in;
|
||||||
} else {
|
} else {
|
||||||
warn "can't open $fname for read, $!";
|
warn "can't open $fname for read, $!";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$hashlist{$hash} = $fprint;
|
$hashlist{$hash} = $fprint;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
|
# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
|
||||||
|
|
||||||
sub link_hash_crl {
|
sub link_hash_crl {
|
||||||
my $fname = $_[0];
|
my $fname = $_[0];
|
||||||
$fname =~ s/'/'\\''/g;
|
$fname =~ s/'/'\\''/g;
|
||||||
my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
|
my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
|
||||||
chomp $hash;
|
chomp $hash;
|
||||||
chomp $fprint;
|
chomp $fprint;
|
||||||
$fprint =~ s/^.*=//;
|
$fprint =~ s/^.*=//;
|
||||||
$fprint =~ tr/://d;
|
$fprint =~ tr/://d;
|
||||||
my $suffix = 0;
|
my $suffix = 0;
|
||||||
# Search for an unused hash filename
|
# Search for an unused hash filename
|
||||||
while(exists $hashlist{"$hash.r$suffix"}) {
|
while(exists $hashlist{"$hash.r$suffix"}) {
|
||||||
# Hash matches: if fingerprint matches its a duplicate cert
|
# Hash matches: if fingerprint matches its a duplicate cert
|
||||||
if ($hashlist{"$hash.r$suffix"} eq $fprint) {
|
if ($hashlist{"$hash.r$suffix"} eq $fprint) {
|
||||||
print STDERR "WARNING: Skipping duplicate CRL $fname\n";
|
print STDERR "WARNING: Skipping duplicate CRL $fname\n";
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$suffix++;
|
$suffix++;
|
||||||
}
|
}
|
||||||
$hash .= ".r$suffix";
|
$hash .= ".r$suffix";
|
||||||
if ($symlink_exists) {
|
if ($symlink_exists) {
|
||||||
print "link $fname -> $hash\n" if $verbose;
|
print "link $fname -> $hash\n" if $verbose;
|
||||||
symlink $fname, $hash || warn "Can't symlink, $!";
|
symlink $fname, $hash || warn "Can't symlink, $!";
|
||||||
} else {
|
} else {
|
||||||
print "cp $fname -> $hash\n" if $verbose;
|
print "cp $fname -> $hash\n" if $verbose;
|
||||||
system ("cp", $fname, $hash);
|
system ("cp", $fname, $hash);
|
||||||
warn "Can't copy, $!" if ($? >> 8) != 0;
|
warn "Can't copy, $!" if ($? >> 8) != 0;
|
||||||
}
|
}
|
||||||
$hashlist{$hash} = $fprint;
|
$hashlist{$hash} = $fprint;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue