ca-certificates/mkcabundle.pl@d4b4127cd2bb
ca-certificates/mkcabundle.pl
Fri, 11 Mar 2011 21:41:16 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Fri, 11 Mar 2011 21:41:16 +0100
- changeset 3
- d4b4127cd2bb
- permissions
- -rw-r--r--
Import unmodified vendor specs for introduction into repository.
1 #!/usr/bin/perl -w
2 #
3 # Used to regenerate ca-bundle.crt from the Mozilla certdata.txt.
4 # Run as ./mkcabundle.pl > ca-bundle.crt
5 #
7 my $cvsroot = ':pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot';
8 my $certdata = 'mozilla/security/nss/lib/ckfw/builtins/certdata.txt';
10 open(IN, "cvs -d $cvsroot co -p $certdata|")
11 || die "could not check out certdata.txt";
13 my $incert = 0;
15 print<<EOH;
16 # This is a bundle of X.509 certificates of public Certificate
17 # Authorities. It was generated from the Mozilla root CA list.
18 #
19 # Source: $certdata
20 #
21 EOH
23 while (<IN>) {
24 if (/^CKA_VALUE MULTILINE_OCTAL/) {
25 $incert = 1;
26 open(OUT, "|openssl x509 -text -inform DER -fingerprint")
27 || die "could not pipe to openssl x509";
28 } elsif (/^END/ && $incert) {
29 close(OUT);
30 $incert = 0;
31 print "\n\n";
32 } elsif ($incert) {
33 my @bs = split(/\\/);
34 foreach my $b (@bs) {
35 chomp $b;
36 printf(OUT "%c", oct($b)) unless $b eq '';
37 }
38 } elsif (/^CVS_ID.*Revision: ([^ ]*).*/) {
39 print "# Generated from certdata.txt RCS revision $1\n#\n";
40 }
41 }
