From: Joni Hahkala Date: Fri, 25 May 2012 15:24:49 +0000 (+0000) Subject: add copies of CAs in case the openssl is new to make the openssl s_client work X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=0a2529e01968bc6389173ef04b1e5365446ca0e7;p=glite-security-test-utils.git add copies of CAs in case the openssl is new to make the openssl s_client work --- diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh index 4fb5617..ab69ff0 100755 --- a/bin/generate-test-certificates.sh +++ b/bin/generate-test-certificates.sh @@ -515,11 +515,13 @@ function add_ca_grid_sec { mkdir -p 'grid-security/certificates-slashwithoutnamespaces' fi if [ x"`openssl version`" \< x"OpenSSL 1.0.0" ]; then - hash=$(openssl x509 -hash -noout -in $1-ca/$1.cert) + hash=$(openssl x509 -subject_hash -noout -in $1-ca/$1.cert) else - if [ ${USENEWHASH} == 'no' ]; then - hash=$(openssl x509 -subject_hash_old -noout -in $1-ca/$1.cert) - fi + echo new openssl + hash=$(openssl x509 -subject_hash_old -noout -in $1-ca/$1.cert) + hash2=$(openssl x509 -subject_hash -noout -in $1-ca/$1.cert) + echo old hash $hash + echo new hash $hash2 fi cp $1-ca/$1.cert grid-security/certificates/${hash}.0 cp $1-ca/$1.crl grid-security/certificates/${hash}.r0 @@ -701,6 +703,23 @@ EOF cp grid-security/certificates/${hash}.* grid-security/certificates-withoutCrl rm grid-security/certificates-withoutCrl/*.r0 + +# copy all certs to their new hash if the openssl is using new hashes + if [ x${hash2} != "x" ]; then + for oldCa in `find grid-security -name ${hash}.0`; do + echo cp ${oldCa} `dirname ${oldCa}`/${hash2}.0 + cp ${oldCa} `dirname ${oldCa}`/${hash2}.0 + done + for oldCa in `find grid-security -name ${hash}.r0`; do + cp ${oldCa} `dirname ${oldCa}`/${hash2}.r0 + done + for oldCa in `find grid-security -name ${hash}.signing_policy`; do + cp ${oldCa} `dirname ${oldCa}`/${hash2}.signing_policy + done + for oldCa in `find grid-security -name ${hash}.namespaces`; do + cp ${oldCa} `dirname ${oldCa}`/${hash2}.namespaces + done + fi }