diff options
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/certs/cert-check | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/scripts/certs/cert-check b/scripts/certs/cert-check index d349933..b3b66f7 100755 --- a/scripts/certs/cert-check +++ b/scripts/certs/cert-check @@ -91,24 +91,24 @@ cert_pick_url_selfsigned() { [ "$(guess_cmd "${cont}")" = "x509" ] || return $? { echo -e "GET /${cont} HTTP/1.0\nHost: ${machine}\n"; sleep 2; } \ | openssl s_client -connect "${machine}:${port}" -crlf 2>/dev/null \ - | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/{p;d};/^\r$/,/-BEGIN CERTIFICATE-/{/-BEGIN CERTIFICATE-/d;p}' \ + | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/{/-END CERTIFICATE-/{s|^\(-\+[A-Z ]\+-\+\).*|\1|};s|\r||g;p;d}' \ + -e '/^\r$/,/-BEGIN CERTIFICATE-/{/-BEGIN CERTIFICATE-/p;d}' \ | { local tmpfile=$(mktemp /tmp/.XXXXXX) cat >${tmpfile} # try converting DER to PEM and appending to the original file - awk '/-END CERTIFICATE-/{++i;next;}{if(i > 0){print;};}' ${tmpfile} \ - | tail -n+2 \ + awk '/-BEGIN CERTIFICATE-/{++i;}{if(i > 1){print;}}' ${tmpfile} \ | openssl x509 -inform DER -in /dev/stdin >${tmpfile}.1 cat ${tmpfile}.1 >> ${tmpfile} rm ${tmpfile}.1 [ $i -eq 1 ] \ || openssl verify -CAfile \ - <(cat "${HOMEBUNDLE}" "${outtmpfile}") \ - <(awk '/-BEGIN CERTIFICATE-/{++i;}{if(i > 1){print;}}' ${tmpfile}) >&2 + <(cat "${HOMEBUNDLE}" "${outtmpfile}") \ + <(awk '/-BEGIN CERTIFICATE-/{++i;}{if(i > 1){print;}}' ${tmpfile}) >&2 ret=$? - #echo "i: $i, ret: $ret; $outtmpfile, $tmpfile" >&2 + echo "i: $i, ret: $ret; $outtmpfile, $tmpfile" >&2 [ $ret -eq 0 ] \ - && openssl x509 -inform "${inform}" -in \ - <(awk '/-BEGIN CERTIFICATE-/{++i;}{if(i > 1){print;}}' ${tmpfile}) >>${outtmpfile} + && openssl x509 -inform "${inform}" -in \ + <(awk '/-BEGIN CERTIFICATE-/{++i;}{if(i > 1){print;}}' ${tmpfile}) >>${outtmpfile} [ $i -eq $# ] \ && { awk '/-END CERTIFICATE-/{print; exit;}{print;}' ${tmpfile} \ |