• file
• revisions
• annotate
• diff
• comparison
• raw

ca-certificates/mkcabundle.pl@d4b4127cd2bb (annotated)

ca-certificates/mkcabundle.pl

Fri, 11 Mar 2011 21:41:16 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Fri, 11 Mar 2011 21:41:16 +0100

changeset 3

d4b4127cd2bb

permissions

-rw-r--r--

Import unmodified vendor specs for introduction into repository.

michael@3	1	#!/usr/bin/perl -w
michael@3	2	#
michael@3	3	# Used to regenerate ca-bundle.crt from the Mozilla certdata.txt.
michael@3	4	# Run as ./mkcabundle.pl > ca-bundle.crt
michael@3	5	#
michael@3	6
michael@3	7	my $cvsroot = ':pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot';
michael@3	8	my $certdata = 'mozilla/security/nss/lib/ckfw/builtins/certdata.txt';
michael@3	9
michael@3	10	open(IN, "cvs -d $cvsroot co -p $certdata|")
michael@3	11	|| die "could not check out certdata.txt";
michael@3	12
michael@3	13	my $incert = 0;
michael@3	14
michael@3	15	print<<EOH;
michael@3	16	# This is a bundle of X.509 certificates of public Certificate
michael@3	17	# Authorities. It was generated from the Mozilla root CA list.
michael@3	18	#
michael@3	19	# Source: $certdata
michael@3	20	#
michael@3	21	EOH
michael@3	22
michael@3	23	while (<IN>) {
michael@3	24	if (/^CKA_VALUE MULTILINE_OCTAL/) {
michael@3	25	$incert = 1;
michael@3	26	open(OUT, "|openssl x509 -text -inform DER -fingerprint")
michael@3	27	|| die "could not pipe to openssl x509";
michael@3	28	} elsif (/^END/ && $incert) {
michael@3	29	close(OUT);
michael@3	30	$incert = 0;
michael@3	31	print "\n\n";
michael@3	32	} elsif ($incert) {
michael@3	33	my @bs = split(/\\/);
michael@3	34	foreach my $b (@bs) {
michael@3	35	chomp $b;
michael@3	36	printf(OUT "%c", oct($b)) unless $b eq '';
michael@3	37	}
michael@3	38	} elsif (/^CVS_ID.*Revision: ([^ ]*).*/) {
michael@3	39	print "# Generated from certdata.txt RCS revision $1\n#\n";
michael@3	40	}
michael@3	41	}