source: main/trunk/greenstone3/bin/windows/openssl/bin/c_rehash.pl@ 32476

Last change on this file since 32476 was 32476, checked in by ak19, 6 years ago

Compiled up 32 bit OpenSSL v 1.1.1 on Windows to use in place of ZeroSSL to generate keys. Works on 64 bit to generate keys. Committing just the products (with folder structure) we need for generating keys, as that's all we'll be using openSSL for on Windows, to save on binary size. Instructions on compiling OpenSSL (32 and 64 bit targets, openSSL versions 1.0.2p and 1.1.1) and instructions on packaging up it up for SVN are at internal wiki page Compiling OpenSSL on Windows
File size: 6.4 KB
RevLine 
[32476]1#!/usr/bin/env perl
2
3# WARNING: do not edit!
4# Generated by makefile from tools\c_rehash.in
5# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
6#
7# Licensed under the OpenSSL license (the "License"). You may not use
8# this file except in compliance with the License. You can obtain a copy
9# in the file LICENSE in the source distribution or at
10# https://www.openssl.org/source/license.html
11
12# Perl c_rehash script, scan all files in a directory
13# and add symbolic links to their hash values.
14
15my $dir = "C:\\Users\\Anupama\\OpenSSL\\Build-VC-32-release_1-1-1\\SSL";
16my $prefix = "C:\\Users\\Anupama\\OpenSSL\\Build-VC-32-release_1-1-1";
17
18my $errorcount = 0;
19my $openssl = $ENV{OPENSSL} || "openssl";
20my $pwd;
21my $x509hash = "-subject_hash";
22my $crlhash = "-hash";
23my $verbose = 0;
24my $symlink_exists=eval {symlink("",""); 1};
25my $removelinks = 1;
26
27## Parse flags.
28while ( $ARGV[0] =~ /^-/ ) {
29 my $flag = shift @ARGV;
30 last if ( $flag eq '--');
31 if ( $flag eq '-old') {
32 $x509hash = "-subject_hash_old";
33 $crlhash = "-hash_old";
34 } elsif ( $flag eq '-h' || $flag eq '-help' ) {
35 help();
36 } elsif ( $flag eq '-n' ) {
37 $removelinks = 0;
38 } elsif ( $flag eq '-v' ) {
39 $verbose++;
40 }
41 else {
42 print STDERR "Usage error; try -h.\n";
43 exit 1;
44 }
45}
46
47sub help {
48 print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";
49 print " -old use old-style digest\n";
50 print " -h or -help print this help text\n";
51 print " -v print files removed and linked\n";
52 exit 0;
53}
54
55eval "require Cwd";
56if (defined(&Cwd::getcwd)) {
57 $pwd=Cwd::getcwd();
58} else {
59 $pwd=`pwd`;
60 chomp($pwd);
61}
62
63# DOS/Win32 or Unix delimiter? Prefix our installdir, then search.
64my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
65$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
66
67if (! -x $openssl) {
68 my $found = 0;
69 foreach (split /$path_delim/, $ENV{PATH}) {
70 if (-x "$_/$openssl") {
71 $found = 1;
72 $openssl = "$_/$openssl";
73 last;
74 }
75 }
76 if ($found == 0) {
77 print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
78 exit 0;
79 }
80}
81
82if (@ARGV) {
83 @dirlist = @ARGV;
84} elsif ($ENV{SSL_CERT_DIR}) {
85 @dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
86} else {
87 $dirlist[0] = "$dir/certs";
88}
89
90if (-d $dirlist[0]) {
91 chdir $dirlist[0];
92 $openssl="$pwd/$openssl" if (!-x $openssl);
93 chdir $pwd;
94}
95
96foreach (@dirlist) {
97 if (-d $_ ) {
98 if ( -w $_) {
99 hash_dir($_);
100 } else {
101 print "Skipping $_, can't write\n";
102 $errorcount++;
103 }
104 }
105}
106exit($errorcount);
107
108sub hash_dir {
109 my %hashlist;
110 print "Doing $_[0]\n";
111 chdir $_[0];
112 opendir(DIR, ".");
113 my @flist = sort readdir(DIR);
114 closedir DIR;
115 if ( $removelinks ) {
116 # Delete any existing symbolic links
117 foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
118 if (-l $_) {
119 print "unlink $_" if $verbose;
120 unlink $_ || warn "Can't unlink $_, $!\n";
121 }
122 }
123 }
124 FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
125 # Check to see if certificates and/or CRLs present.
126 my ($cert, $crl) = check_file($fname);
127 if (!$cert && !$crl) {
128 print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
129 next;
130 }
131 link_hash_cert($fname) if ($cert);
132 link_hash_crl($fname) if ($crl);
133 }
134}
135
136sub check_file {
137 my ($is_cert, $is_crl) = (0,0);
138 my $fname = $_[0];
139 open IN, $fname;
140 while(<IN>) {
141 if (/^-----BEGIN (.*)-----/) {
142 my $hdr = $1;
143 if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
144 $is_cert = 1;
145 last if ($is_crl);
146 } elsif ($hdr eq "X509 CRL") {
147 $is_crl = 1;
148 last if ($is_cert);
149 }
150 }
151 }
152 close IN;
153 return ($is_cert, $is_crl);
154}
155
156
157# Link a certificate to its subject name hash value, each hash is of
158# the form <hash>.<n> where n is an integer. If the hash value already exists
159# then we need to up the value of n, unless its a duplicate in which
160# case we skip the link. We check for duplicates by comparing the
161# certificate fingerprints
162
163sub link_hash_cert {
164 my $fname = $_[0];
165 $fname =~ s/'/'\\''/g;
166 my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
167 chomp $hash;
168 chomp $fprint;
169 $fprint =~ s/^.*=//;
170 $fprint =~ tr/://d;
171 my $suffix = 0;
172 # Search for an unused hash filename
173 while(exists $hashlist{"$hash.$suffix"}) {
174 # Hash matches: if fingerprint matches its a duplicate cert
175 if ($hashlist{"$hash.$suffix"} eq $fprint) {
176 print STDERR "WARNING: Skipping duplicate certificate $fname\n";
177 return;
178 }
179 $suffix++;
180 }
181 $hash .= ".$suffix";
182 if ($symlink_exists) {
183 print "link $fname -> $hash\n" if $verbose;
184 symlink $fname, $hash || warn "Can't symlink, $!";
185 } else {
186 print "copy $fname -> $hash\n" if $verbose;
187 if (open($in, "<", $fname)) {
188 if (open($out,">", $hash)) {
189 print $out $_ while (<$in>);
190 close $out;
191 } else {
192 warn "can't open $hash for write, $!";
193 }
194 close $in;
195 } else {
196 warn "can't open $fname for read, $!";
197 }
198 }
199 $hashlist{$hash} = $fprint;
200}
201
202# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
203
204sub link_hash_crl {
205 my $fname = $_[0];
206 $fname =~ s/'/'\\''/g;
207 my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
208 chomp $hash;
209 chomp $fprint;
210 $fprint =~ s/^.*=//;
211 $fprint =~ tr/://d;
212 my $suffix = 0;
213 # Search for an unused hash filename
214 while(exists $hashlist{"$hash.r$suffix"}) {
215 # Hash matches: if fingerprint matches its a duplicate cert
216 if ($hashlist{"$hash.r$suffix"} eq $fprint) {
217 print STDERR "WARNING: Skipping duplicate CRL $fname\n";
218 return;
219 }
220 $suffix++;
221 }
222 $hash .= ".r$suffix";
223 if ($symlink_exists) {
224 print "link $fname -> $hash\n" if $verbose;
225 symlink $fname, $hash || warn "Can't symlink, $!";
226 } else {
227 print "cp $fname -> $hash\n" if $verbose;
228 system ("cp", $fname, $hash);
229 warn "Can't copy, $!" if ($? >> 8) != 0;
230 }
231 $hashlist{$hash} = $fprint;
232}
Note: See TracBrowser for help on using the repository browser.