diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/test/certs/embeddedSCTs1_issuer-key.pem openssl_h3/test/certs/embeddedSCTs1_issuer-key.pem *** openssl/test/certs/embeddedSCTs1_issuer-key.pem 1970-01-01 08:00:00.000000000 +0800 --- openssl_h3/test/certs/embeddedSCTs1_issuer-key.pem 2022-08-26 11:49:22.296000000 +0800 *************** *** 0 **** --- 1,15 ---- + -----BEGIN RSA PRIVATE KEY----- + MIICXAIBAAKBgQDVimhTYhCicRmTbneDIRgcKkATxtB7jHbrkVfT0PtLO1FuzsvR + yY2RxS90P6tjXVUJnNE6uvMa5UFEJFGnTHgW8iQ8+EjPKDHM5nugSlojgZ88ujfm + JNnDvbKZuDnd/iYx0ss6hPx7srXFL8/BT/9Ab1zURmnLsvfP34b7arnRsQIDAQAB + AoGAJLR6xEJp+5IXRFlLn7WTkFvO0ddtxJ7bXhiIkTctyruyfqp7LF9Jv1G2m3PK + QPUtBc73w/GYkfnwIwdfJbOmPHL7XyEGHZYmEXgIgEtw6LXvAv0G5JpUnNwsSBfL + GfSQqI5Z5ytyzlJXkMcTGA2kTgNAYc73h4EnU+pwUnDPdAECQQD2aj+4LtYk1XPq + r3gjgI6MoGvgYJfPmAtZhxxVbhXQKciFUCAcBiwlQdHIdLWE9j65ctmZRWidKifr + 4O4nz+TBAkEA3djNW/rTQq5fKZy+mCF1WYnIU/3yhJaptzRqLm7AHqe7+hdrGXJw + +mCtU8T3L/Ms8bH1yFBZhmkp1PbR8gl48QJAQo70YyWThiN5yfxXcQ96cZWrTdIJ + b3NcLXSHPLQdhDqlBQ1dfvRT3ERpC8IqfZ2d162kBPhwh3MpkVcSPQK0gQJAC/dY + xGBYKt2a9nSk9zG+0bCT5Kvq++ngh6hFHfINXNnxUsEWns3EeEzkrIMQTj7QqszN + lBt5aL2dawZRNrv6EQJBAOo4STF9KEwQG0HLC/ryh1FeB0OBA5yIepXze+eJVKei + T0cCECOQJKfWHEzYJYDJhyEFF/sYp9TXwKSDjOifrsU= + -----END RSA PRIVATE KEY----- diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/test/certs/embeddedSCTs1_issuer.pem openssl_h3/test/certs/embeddedSCTs1_issuer.pem *** openssl/test/certs/embeddedSCTs1_issuer.pem 2022-08-26 11:49:44.720000000 +0800 --- openssl_h3/test/certs/embeddedSCTs1_issuer.pem 2022-08-26 11:49:22.296000000 +0800 *************** *** 1,18 **** -----BEGIN CERTIFICATE----- ! MIIC0DCCAjmgAwIBAgIBADANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJHQjEk MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX ! YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAeFw0xMjA2MDEwMDAwMDBaFw0yMjA2MDEw ! MDAwMDBaMFUxCzAJBgNVBAYTAkdCMSQwIgYDVQQKExtDZXJ0aWZpY2F0ZSBUcmFu ! c3BhcmVuY3kgQ0ExDjAMBgNVBAgTBVdhbGVzMRAwDgYDVQQHEwdFcncgV2VuMIGf ! MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVimhTYhCicRmTbneDIRgcKkATxtB7 ! jHbrkVfT0PtLO1FuzsvRyY2RxS90P6tjXVUJnNE6uvMa5UFEJFGnTHgW8iQ8+EjP ! KDHM5nugSlojgZ88ujfmJNnDvbKZuDnd/iYx0ss6hPx7srXFL8/BT/9Ab1zURmnL ! svfP34b7arnRsQIDAQABo4GvMIGsMB0GA1UdDgQWBBRfnYgNyHPmVNT4DdjmsMEk ! tEfDVTB9BgNVHSMEdjB0gBRfnYgNyHPmVNT4DdjmsMEktEfDVaFZpFcwVTELMAkG ! A1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRyYW5zcGFyZW5jeSBDQTEO ! MAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW6CAQAwDAYDVR0TBAUwAwEB ! /zANBgkqhkiG9w0BAQUFAAOBgQAGCMxKbWTyIF4UbASydvkrDvqUpdryOvw4BmBt ! OZDQoeojPUApV2lGOwRmYef6HReZFSCa6i4Kd1F2QRIn18ADB8dHDmFYT9czQiRy ! f1HWkLxHqd81TbD26yWVXeGJPE3VICskovPkQNJ0tU4b03YmnKliibduyqQQkOFP ! OwqULg== -----END CERTIFICATE----- --- 1,18 ---- -----BEGIN CERTIFICATE----- ! MIIC0jCCAjugAwIBAgIBADANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJHQjEk MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX ! YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAgFw0yMjA2MDExMDM4MDJaGA8yMTIyMDUw ! ODEwMzgwMlowVTELMAkGA1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRy ! YW5zcGFyZW5jeSBDQTEOMAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW4w ! gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANWKaFNiEKJxGZNud4MhGBwqQBPG ! 0HuMduuRV9PQ+0s7UW7Oy9HJjZHFL3Q/q2NdVQmc0Tq68xrlQUQkUadMeBbyJDz4 ! SM8oMczme6BKWiOBnzy6N+Yk2cO9spm4Od3+JjHSyzqE/HuytcUvz8FP/0BvXNRG ! acuy98/fhvtqudGxAgMBAAGjga8wgawwHQYDVR0OBBYEFF+diA3Ic+ZU1PgN2Oaw ! wSS0R8NVMH0GA1UdIwR2MHSAFF+diA3Ic+ZU1PgN2OawwSS0R8NVoVmkVzBVMQsw ! CQYDVQQGEwJHQjEkMCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENB ! MQ4wDAYDVQQIEwVXYWxlczEQMA4GA1UEBxMHRXJ3IFdlboIBADAMBgNVHRMEBTAD ! AQH/MA0GCSqGSIb3DQEBCwUAA4GBAD0aYh9OkFYfXV7kBfhrtD0PJG2U47OV/1qq ! +uFpqB0S1WO06eJT0pzYf1ebUcxjBkajbJZm/FHT85VthZ1lFHsky87aFD8XlJCo ! 2IOhKOkvvWKPUdFLoO/ZVXqEVKkcsS1eXK1glFvb07eJZya3JVG0KdMhV2YoDg6c ! Doud4XrO -----END CERTIFICATE----- diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/test/certs/embeddedSCTs1-key.pem openssl_h3/test/certs/embeddedSCTs1-key.pem *** openssl/test/certs/embeddedSCTs1-key.pem 2022-08-26 11:49:44.720000000 +0800 --- openssl_h3/test/certs/embeddedSCTs1-key.pem 2022-08-26 11:49:22.296000000 +0800 *************** *** 1,15 **** -----BEGIN RSA PRIVATE KEY----- ! MIICWwIBAAKBgQC+75jnwmh3rjhfdTJaDB0ym+3xj6r015a/BH634c4VyVui+A7k ! WL19uG+KSyUhkaeb1wDDjpwDibRc1NyaEgqyHgy0HNDnKAWkEM2cW9tdSSdyba8X ! EPYBhzd+olsaHjnu0LiBGdwVTcaPfajjDK8VijPmyVCfSgWwFAn/Xdh+tQIDAQAB ! AoGAK/daG0vt6Fkqy/hdrtSJSKUVRoGRmS2nnba4Qzlwzh1+x2kdbMFuaOu2a37g ! PvmeQclheKZ3EG1+Jb4yShwLcBCV6pkRJhOKuhvqGnjngr6uBH4gMCjpZVj7GDMf ! flYHhdJCs3Cz/TY0wKN3o1Fldil2DHR/AEOc1nImeSp5/EUCQQDjKS3W957kYtTU ! X5BeRjvg03Ug8tJq6IFuhTFvUJ+XQ5bAc0DmxAbQVKqRS7Wje59zTknVvS+MFdeQ ! pz4dGuV7AkEA1y0X2yarIls+0A/S1uwkvwRTIkfS+QwFJ1zVya8sApRdKAcidIzA ! b70hkKLilU9+LrXg5iZdFp8l752qJiw9jwJAXjItN/7mfH4fExGto+or2kbVQxxt ! 9LcFNPc2UJp2ExuL37HrL8YJrUnukOF8KJaSwBWuuFsC5GwKP4maUCdfEQJAUwBR ! 83c3DEmmMRvpeH4erpA8gTyzZN3+HvDwhpvLnjMcvBQEdnDUykVqbSBnxrCjO+Fs ! n1qtDczWFVf8Cj2GgQJAQ14Awx32Cn9sF+3M+sEVtlAf6CqiEbkYeYdSCbsplMmZ ! 1UoaxiwXY3z+B7epsRnnPR3KaceAlAxw2/zQJMFNOQ== -----END RSA PRIVATE KEY----- --- 1,27 ---- -----BEGIN RSA PRIVATE KEY----- ! MIIEpQIBAAKCAQEAuIjpA4/iCpDA2mjywI5zG6IBX6bNcRQYDsB7Cv0VonNXtJBw ! XxMENP4jVpvEmWpJ5iMBknGHV+XWBkngYapczIsY4LGn6aMU6ySABBVQpNOQSRfT ! 48xGGPR9mzOBG/yplmpFOVq1j+b65lskvAXKYaLFpFn3oY/pBSdcCNBP8LypVXAJ ! b3IqEXsBL/ErgHG9bgIRP8VxBAaryCz77kLzAXkfHL2LfSGIfNONyEKB3xI94S4L ! eouOSoWL1VkEfJs87vG4G5xoXw3KOHyiueQUUlMnu8p+Bx0xPVKPEsLje3R9k0rG ! a5ca7dXAn9UypKKp25x4NXpnjGX5txVEYfNvqQIDAQABAoIBAE0zqhh9Z5n3+Vbm ! tTht4CZdXqm/xQ9b0rzJNjDgtN5j1vuJuhlsgUQSVoJzZIqydvw7BPtZV8AkPagf ! 3Cm/9lb0kpHegVsziRrfCFes+zIZ+LE7sMAKxADIuIvnvkoRKHnvN8rI8lCj16/r ! zbCD06mJSZp6sSj8ZgZr8wsU63zRGt1TeGM67uVW4agphfzuKGlXstPLsSMwknpF ! nxFS2TYbitxa9oH76oCpEk5fywYsYgUP4TdzOzfVAgMzNSu0FobvWl0CECB+G3RQ ! XQ5VWbYkFoj5XbE5kYz6sYHMQWL1NQpglUp+tAQ1T8Nca0CvbSpD77doRGm7UqYw ! ziVQKokCgYEA6BtHwzyD1PHdAYtOcy7djrpnIMaiisSxEtMhctoxg8Vr2ePEvMpZ ! S1ka8A1Pa9GzjaUk+VWKWsTf+VkmMHGtpB1sv8S7HjujlEmeQe7p8EltjstvLDmi ! BhAA7ixvZpXXjQV4GCVdUVu0na6gFGGueZb2FHEXB8j1amVwleJj2lcCgYEAy4f3 ! 2wXqJfz15+YdJPpG9BbH9d/plKJm5ID3p2ojAGo5qvVuIJMNJA4elcfHDwzCWVmn ! MtR/WwtxYVVmy1BAnmk6HPSYc3CStvv1800vqN3fyJWtZ1P+8WBVZWZzIQdjdiaU ! JSRevPnjQGc+SAZQQIk1yVclbz5790yuXsdIxf8CgYEApqlABC5lsvfga4Vt1UMn ! j57FAkHe4KmPRCcZ83A88ZNGd/QWhkD9kR7wOsIz7wVqWiDkxavoZnjLIi4jP9HA ! jwEZ3zER8wl70bRy0IEOtZzj8A6fSzAu6Q+Au4RokU6yse3lZ+EcepjQvhBvnXLu ! ZxxAojj6AnsHzVf9WYJvlI0CgYEAoATIw/TEgRV/KNHs/BOiEWqP0Co5dVix2Nnk ! 3EVAO6VIrbbE3OuAm2ZWeaBWSujXLHSmVfpoHubCP6prZVI1W9aTkAxmh+xsDV3P ! o3h+DiBTP1seuGx7tr7spQqFXeR3OH9gXktYCO/W0d3aQ7pjAjpehWv0zJ+ty2MI ! fQ/lkXUCgYEAgbP+P5UmY7Fqm/mi6TprEJ/eYktji4Ne11GDKGFQCfjF5RdKhdw1 ! 5+elGhZes+cpzu5Ak6zBDu4bviT+tRTWJu5lVLEzlHHv4nAU7Ks5Aj67ApH21AnP ! RtlATdhWOt5Dkdq1WSpDfz5bvWgvyBx9D66dSmQdbKKe2dH327eQll4= -----END RSA PRIVATE KEY----- diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/test/certs/embeddedSCTs1.pem openssl_h3/test/certs/embeddedSCTs1.pem *** openssl/test/certs/embeddedSCTs1.pem 2022-08-26 11:49:44.720000000 +0800 --- openssl_h3/test/certs/embeddedSCTs1.pem 2022-08-26 11:49:22.296000000 +0800 *************** *** 1,20 **** -----BEGIN CERTIFICATE----- ! MIIDWTCCAsKgAwIBAgIBBzANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJHQjEk MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX ! YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAeFw0xMjA2MDEwMDAwMDBaFw0yMjA2MDEw ! MDAwMDBaMFIxCzAJBgNVBAYTAkdCMSEwHwYDVQQKExhDZXJ0aWZpY2F0ZSBUcmFu ! c3BhcmVuY3kxDjAMBgNVBAgTBVdhbGVzMRAwDgYDVQQHEwdFcncgV2VuMIGfMA0G ! CSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+75jnwmh3rjhfdTJaDB0ym+3xj6r015a/ ! BH634c4VyVui+A7kWL19uG+KSyUhkaeb1wDDjpwDibRc1NyaEgqyHgy0HNDnKAWk ! EM2cW9tdSSdyba8XEPYBhzd+olsaHjnu0LiBGdwVTcaPfajjDK8VijPmyVCfSgWw ! FAn/Xdh+tQIDAQABo4IBOjCCATYwHQYDVR0OBBYEFCAxVBryXAX/2GWLaEN5T16Q ! Nve0MH0GA1UdIwR2MHSAFF+diA3Ic+ZU1PgN2OawwSS0R8NVoVmkVzBVMQswCQYD ! VQQGEwJHQjEkMCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4w ! DAYDVQQIEwVXYWxlczEQMA4GA1UEBxMHRXJ3IFdlboIBADAJBgNVHRMEAjAAMIGK ! BgorBgEEAdZ5AgQCBHwEegB4AHYA3xwuwRUAlFJHqWFoMl3cXHlZ6PfG04j8AC4L ! vT9012QAAAE92yffkwAABAMARzBFAiBIL2dRrzXbplQ2vh/WZA89v5pBQpSVkkUw ! KI+j5eI+BgIhAOTtwNs6xXKx4vXoq2poBlOYfc9BAn3+/6EFUZ2J7b8IMA0GCSqG ! SIb3DQEBBQUAA4GBAIoMS+8JnUeSea+goo5on5HhxEIb4tJpoupspOghXd7dyhUE ! oR58h8S3foDw6XkDUmjyfKIOFmgErlVvMWmB+Wo5Srer/T4lWsAERRP+dlcMZ5Wr ! 5HAxM9MD+J86+mu8/FFzGd/ZW5NCQSEfY0A1w9B4MHpoxgdaLiDInza4kQyg -----END CERTIFICATE----- --- 1,21 ---- -----BEGIN CERTIFICATE----- ! MIIDeDCCAuGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJHQjEk MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX ! YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAgFw0yMDAxMjUxMTUwMTNaGA8yMTIwMDEy ! NjExNTAxM1owGTEXMBUGA1UEAwwOc2VydmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3 ! DQEBAQUAA4IBDwAwggEKAoIBAQC4iOkDj+IKkMDaaPLAjnMbogFfps1xFBgOwHsK ! /RWic1e0kHBfEwQ0/iNWm8SZaknmIwGScYdX5dYGSeBhqlzMixjgsafpoxTrJIAE ! FVCk05BJF9PjzEYY9H2bM4Eb/KmWakU5WrWP5vrmWyS8BcphosWkWfehj+kFJ1wI ! 0E/wvKlVcAlvcioRewEv8SuAcb1uAhE/xXEEBqvILPvuQvMBeR8cvYt9IYh8043I ! QoHfEj3hLgt6i45KhYvVWQR8mzzu8bgbnGhfDco4fKK55BRSUye7yn4HHTE9Uo8S ! wuN7dH2TSsZrlxrt1cCf1TKkoqnbnHg1emeMZfm3FURh82+pAgMBAAGjggEMMIIB ! CDAdBgNVHQ4EFgQUtMa8XD5ylrF9AqCdnPEhXa63H2owHwYDVR0jBBgwFoAUX52I ! Dchz5lTU+A3Y5rDBJLRHw1UwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcD ! ATCBigYKKwYBBAHWeQIEAgR8BHoAeAB2AN8cLsEVAJRSR6lhaDJd3Fx5Wej3xtOI ! /AAuC70/dNdkAAABb15m6AAAAAQDAEcwRQIgfDPo8RArm/vcSEZ608Q1u+XQ55QB ! u67SZEuZxLpbUM0CIQDRsgcTud4PDy8Cgg+lHeAS7UxgSKBbWAznYOuorwNewzAZ ! BgNVHREEEjAQgg5zZXJ2ZXIuZXhhbXBsZTANBgkqhkiG9w0BAQsFAAOBgQCWFKKR ! RNkDRzB25NK07OLkbzebhnpKtbP4i3blRx1HAvTSamf/3uuHI7kfiPJorJymJpT1 ! IuJvSVKyMu1qONWBimiBfiyGL7+le1izHEJIP5lVTbddfzSIBIvrlHHcWIOL3H+W ! YT6yTEIzJuO07Xp61qnB1CE2TrinUWlyC46Zkw== -----END CERTIFICATE----- diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/test/certs/embeddedSCTs1.sct openssl_h3/test/certs/embeddedSCTs1.sct *** openssl/test/certs/embeddedSCTs1.sct 2022-08-26 11:49:44.720000000 +0800 --- openssl_h3/test/certs/embeddedSCTs1.sct 2022-08-26 11:49:22.296000000 +0800 *************** *** 2,12 **** Version : v1 (0x0) Log ID : DF:1C:2E:C1:15:00:94:52:47:A9:61:68:32:5D:DC:5C: 79:59:E8:F7:C6:D3:88:FC:00:2E:0B:BD:3F:74:D7:64 ! Timestamp : Apr 5 17:04:16.275 2013 GMT Extensions: none Signature : ecdsa-with-SHA256 ! 30:45:02:20:48:2F:67:51:AF:35:DB:A6:54:36:BE:1F: ! D6:64:0F:3D:BF:9A:41:42:94:95:92:45:30:28:8F:A3: ! E5:E2:3E:06:02:21:00:E4:ED:C0:DB:3A:C5:72:B1:E2: ! F5:E8:AB:6A:68:06:53:98:7D:CF:41:02:7D:FE:FF:A1: ! 05:51:9D:89:ED:BF:08 \ No newline at end of file --- 2,12 ---- Version : v1 (0x0) Log ID : DF:1C:2E:C1:15:00:94:52:47:A9:61:68:32:5D:DC:5C: 79:59:E8:F7:C6:D3:88:FC:00:2E:0B:BD:3F:74:D7:64 ! Timestamp : Jan 1 00:00:00.000 2020 GMT Extensions: none Signature : ecdsa-with-SHA256 ! 30:45:02:20:7C:33:E8:F1:10:2B:9B:FB:DC:48:46:7A: ! D3:C4:35:BB:E5:D0:E7:94:01:BB:AE:D2:64:4B:99:C4: ! BA:5B:50:CD:02:21:00:D1:B2:07:13:B9:DE:0F:0F:2F: ! 02:82:0F:A5:1D:E0:12:ED:4C:60:48:A0:5B:58:0C:E7: ! 60:EB:A8:AF:03:5E:C3 \ No newline at end of file diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/test/ct_test.c openssl_h3/test/ct_test.c *** openssl/test/ct_test.c 2022-08-26 11:49:44.728000000 +0800 --- openssl_h3/test/ct_test.c 2022-08-26 11:49:22.304000000 +0800 *************** *** 63,69 **** if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) goto end; fixture->test_case_name = test_case_name; ! fixture->epoch_time_in_ms = 1473269626000ULL; /* Sep 7 17:33:46 2016 GMT */ if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new()) || !TEST_int_eq( CTLOG_STORE_load_default_file(fixture->ctlog_store), 1)) --- 63,69 ---- if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) goto end; fixture->test_case_name = test_case_name; ! fixture->epoch_time_in_ms = 1580335307000ULL; /* Wed 29 Jan 2020 10:01:47 PM UTC */ if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new()) || !TEST_int_eq( CTLOG_STORE_load_default_file(fixture->ctlog_store), 1)) diff -crN '--exclude=.git' '--exclude=.gitee' '--exclude=.vscode' openssl/tools/c_rehash.in openssl_h3/tools/c_rehash.in *** openssl/tools/c_rehash.in 2022-08-26 11:49:44.860000000 +0800 --- openssl_h3/tools/c_rehash.in 2022-08-26 11:49:22.452000000 +0800 *************** *** 104,157 **** } exit($errorcount); sub hash_dir { ! my %hashlist; ! print "Doing $_[0]\n"; ! chdir $_[0]; ! opendir(DIR, "."); ! my @flist = sort readdir(DIR); ! closedir DIR; ! if ( $removelinks ) { ! # Delete any existing symbolic links ! foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) { ! if (-l $_) { ! print "unlink $_" if $verbose; ! unlink $_ || warn "Can't unlink $_, $!\n"; ! } ! } ! } ! FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) { ! # Check to see if certificates and/or CRLs present. ! my ($cert, $crl) = check_file($fname); ! if (!$cert && !$crl) { ! print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n"; ! next; ! } ! link_hash_cert($fname) if ($cert); ! link_hash_crl($fname) if ($crl); ! } } sub check_file { ! my ($is_cert, $is_crl) = (0,0); ! my $fname = $_[0]; ! open IN, $fname; ! while() { ! if (/^-----BEGIN (.*)-----/) { ! my $hdr = $1; ! if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) { ! $is_cert = 1; ! last if ($is_crl); ! } elsif ($hdr eq "X509 CRL") { ! $is_crl = 1; ! last if ($is_cert); ! } ! } ! } ! close IN; ! return ($is_cert, $is_crl); } # Link a certificate to its subject name hash value, each hash is of # the form . where n is an integer. If the hash value already exists --- 104,200 ---- } exit($errorcount); + sub copy_file { + my ($src_fname, $dst_fname) = @_; + + if (open(my $in, "<", $src_fname)) { + if (open(my $out, ">", $dst_fname)) { + print $out $_ while (<$in>); + close $out; + } else { + warn "Cannot open $dst_fname for write, $!"; + } + close $in; + } else { + warn "Cannot open $src_fname for read, $!"; + } + } + sub hash_dir { ! my $dir = shift; ! my %hashlist; ! ! print "Doing $dir\n"; ! ! if (!chdir $dir) { ! print STDERR "WARNING: Cannot chdir to '$dir', $!\n"; ! return; ! } ! ! opendir(DIR, ".") || print STDERR "WARNING: Cannot opendir '.', $!\n"; ! my @flist = sort readdir(DIR); ! closedir DIR; ! if ( $removelinks ) { ! # Delete any existing symbolic links ! foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) { ! if (-l $_) { ! print "unlink $_\n" if $verbose; ! unlink $_ || warn "Can't unlink $_, $!\n"; ! } ! } ! } ! FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) { ! # Check to see if certificates and/or CRLs present. ! my ($cert, $crl) = check_file($fname); ! if (!$cert && !$crl) { ! print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n"; ! next; ! } ! link_hash_cert($fname) if ($cert); ! link_hash_crl($fname) if ($crl); ! } ! ! chdir $pwd; } sub check_file { ! my ($is_cert, $is_crl) = (0,0); ! my $fname = $_[0]; ! ! open(my $in, "<", $fname); ! while(<$in>) { ! if (/^-----BEGIN (.*)-----/) { ! my $hdr = $1; ! if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) { ! $is_cert = 1; ! last if ($is_crl); ! } elsif ($hdr eq "X509 CRL") { ! $is_crl = 1; ! last if ($is_cert); ! } ! } ! } ! close $in; ! return ($is_cert, $is_crl); } + sub compute_hash { + my $fh; + if ( $^O eq "VMS" ) { + # VMS uses the open through shell + # The file names are safe there and list form is unsupported + if (!open($fh, "-|", join(' ', @_))) { + print STDERR "Cannot compute hash on '$fname'\n"; + return; + } + } else { + if (!open($fh, "-|", @_)) { + print STDERR "Cannot compute hash on '$fname'\n"; + return; + } + } + return (<$fh>, <$fh>); + } # Link a certificate to its subject name hash value, each hash is of # the form . where n is an integer. If the hash value already exists *************** *** 160,231 **** # certificate fingerprints sub link_hash_cert { ! my $fname = $_[0]; ! $fname =~ s/\"/\\\"/g; ! my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; ! chomp $hash; ! chomp $fprint; ! $fprint =~ s/^.*=//; ! $fprint =~ tr/://d; ! my $suffix = 0; ! # Search for an unused hash filename ! while(exists $hashlist{"$hash.$suffix"}) { ! # Hash matches: if fingerprint matches its a duplicate cert ! if ($hashlist{"$hash.$suffix"} eq $fprint) { ! print STDERR "WARNING: Skipping duplicate certificate $fname\n"; ! return; ! } ! $suffix++; ! } ! $hash .= ".$suffix"; ! if ($symlink_exists) { ! print "link $fname -> $hash\n" if $verbose; ! symlink $fname, $hash || warn "Can't symlink, $!"; ! } else { ! print "copy $fname -> $hash\n" if $verbose; ! if (open($in, "<", $fname)) { ! if (open($out,">", $hash)) { ! print $out $_ while (<$in>); ! close $out; ! } else { ! warn "can't open $hash for write, $!"; ! } ! close $in; ! } else { ! warn "can't open $fname for read, $!"; ! } ! } ! $hashlist{$hash} = $fprint; } # Same as above except for a CRL. CRL links are of the form .r sub link_hash_crl { ! my $fname = $_[0]; ! $fname =~ s/'/'\\''/g; ! my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; ! chomp $hash; ! chomp $fprint; ! $fprint =~ s/^.*=//; ! $fprint =~ tr/://d; ! my $suffix = 0; ! # Search for an unused hash filename ! while(exists $hashlist{"$hash.r$suffix"}) { ! # Hash matches: if fingerprint matches its a duplicate cert ! if ($hashlist{"$hash.r$suffix"} eq $fprint) { ! print STDERR "WARNING: Skipping duplicate CRL $fname\n"; ! return; ! } ! $suffix++; ! } ! $hash .= ".r$suffix"; ! if ($symlink_exists) { ! print "link $fname -> $hash\n" if $verbose; ! symlink $fname, $hash || warn "Can't symlink, $!"; ! } else { ! print "cp $fname -> $hash\n" if $verbose; ! system ("cp", $fname, $hash); ! warn "Can't copy, $!" if ($? >> 8) != 0; ! } ! $hashlist{$hash} = $fprint; } --- 203,250 ---- # certificate fingerprints sub link_hash_cert { ! link_hash($_[0], 'cert'); } # Same as above except for a CRL. CRL links are of the form .r sub link_hash_crl { ! link_hash($_[0], 'crl'); ! } ! ! sub link_hash { ! my ($fname, $type) = @_; ! my $is_cert = $type eq 'cert'; ! ! my ($hash, $fprint) = compute_hash($openssl, ! $is_cert ? "x509" : "crl", ! $is_cert ? $x509hash : $crlhash, ! "-fingerprint", "-noout", ! "-in", $fname); ! chomp $hash; ! chomp $fprint; ! return if !$hash; ! $fprint =~ s/^.*=//; ! $fprint =~ tr/://d; ! my $suffix = 0; ! # Search for an unused hash filename ! my $crlmark = $is_cert ? "" : "r"; ! while(exists $hashlist{"$hash.$crlmark$suffix"}) { ! # Hash matches: if fingerprint matches its a duplicate cert ! if ($hashlist{"$hash.$crlmark$suffix"} eq $fprint) { ! my $what = $is_cert ? 'certificate' : 'CRL'; ! print STDERR "WARNING: Skipping duplicate $what $fname\n"; ! return; ! } ! $suffix++; ! } ! $hash .= ".$crlmark$suffix"; ! if ($symlink_exists) { ! print "link $fname -> $hash\n" if $verbose; ! symlink $fname, $hash || warn "Can't symlink, $!"; ! } else { ! print "copy $fname -> $hash\n" if $verbose; ! copy_file($fname, $hash); ! } ! $hashlist{$hash} = $fprint; }