comparison: ca-certificates/mkcabundle.pl
ca-certificates/mkcabundle.pl
- changeset 3
- d4b4127cd2bb
equal
deleted
inserted
replaced
| -1:000000000000 | 0:68d5e1d231b5 |
|---|---|
| 1 #!/usr/bin/perl -w | |
| 2 # | |
| 3 # Used to regenerate ca-bundle.crt from the Mozilla certdata.txt. | |
| 4 # Run as ./mkcabundle.pl > ca-bundle.crt | |
| 5 # | |
| 6 | |
| 7 my $cvsroot = ':pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot'; | |
| 8 my $certdata = 'mozilla/security/nss/lib/ckfw/builtins/certdata.txt'; | |
| 9 | |
| 10 open(IN, "cvs -d $cvsroot co -p $certdata|") | |
| 11 || die "could not check out certdata.txt"; | |
| 12 | |
| 13 my $incert = 0; | |
| 14 | |
| 15 print<<EOH; | |
| 16 # This is a bundle of X.509 certificates of public Certificate | |
| 17 # Authorities. It was generated from the Mozilla root CA list. | |
| 18 # | |
| 19 # Source: $certdata | |
| 20 # | |
| 21 EOH | |
| 22 | |
| 23 while (<IN>) { | |
| 24 if (/^CKA_VALUE MULTILINE_OCTAL/) { | |
| 25 $incert = 1; | |
| 26 open(OUT, "|openssl x509 -text -inform DER -fingerprint") | |
| 27 || die "could not pipe to openssl x509"; | |
| 28 } elsif (/^END/ && $incert) { | |
| 29 close(OUT); | |
| 30 $incert = 0; | |
| 31 print "\n\n"; | |
| 32 } elsif ($incert) { | |
| 33 my @bs = split(/\\/); | |
| 34 foreach my $b (@bs) { | |
| 35 chomp $b; | |
| 36 printf(OUT "%c", oct($b)) unless $b eq ''; | |
| 37 } | |
| 38 } elsif (/^CVS_ID.*Revision: ([^ ]*).*/) { | |
| 39 print "# Generated from certdata.txt RCS revision $1\n#\n"; | |
| 40 } | |
| 41 } |
