Attachment #214734 for bug #246614

View | Details | Raw Unified | Return to bug 246614
Collapse All | Expand All




	fi
}

get_serial()
{
	local checkdir hash serial

	checkdir=$1
	hash=$2
	serial=0

	while [ -e "$CERTDESTDIR/$hash.$serial" ]; do
		serial=$((serial + 1))
	done

	echo ${serial}
	return 0
}

create_trusted_link()
{
	local hash
	local serial

	hash=$( do_hash "$1" ) || return
	# XXX Should look at $hash.[0-9] and compare
	if [ -e "$BLACKLISTDESTDIR/$hash.0" ]; then
		echo "Skipping blacklisted certificate $1 ($BLACKLISTDESTDIR/$hash.0)"
		return 1
	fi
	serial=$(get_serial "$CERTDESTDIR" "$hash")
	[ $VERBOSE -gt 0 ] && echo "Adding $hash.$serial to trust store"
	[ $NOOP -eq 0 ] && \
		install -lrs $(realpath "$1") "$CERTDESTDIR/$hash.$serial"
}

create_blacklisted()
{
	local hash srcfile filename
	local serial

	# If it exists as a file, we'll try that; otherwise, we'll scan
	if [ -e "$1" ]; then
		hash=$( do_hash "$1" ) || return
		srcfile=$(realpath "$1")
		serial=$(get_serial "$CERTDESTDIR" "$hash")
		filename="$hash.$serial"
	elif [ -e "${CERTDESTDIR}/$1" ];  then
		srcfile=$(realpath "${CERTDESTDIR}/$1")
		filename="$1"

	for BFILE in "$@"; do
		if [ -s "$BFILE" ]; then
			hash=$( do_hash "$BFILE" )
			# XXX .0?
			echo "Removing $hash.0 from blacklist"
			[ $NOOP -eq 0 ] && rm -f "$BLACKLISTDESTDIR/$hash.0"
		elif [ -e "$BLACKLISTDESTDIR/$BFILE" ]; then

Return to bug 246614

Lines 59-86 do_hash() Link Here

(-)b/usr.sbin/certctl/certctl.sh (-3 / +26 lines)
59	fi	59	fi
60	}	60	}
61		61
		62	get_serial()
		63	{
		64	local checkdir hash serial
		65
		66	checkdir=$1
		67	hash=$2
		68	serial=0
		69
		70	while [ -e "$CERTDESTDIR/$hash.$serial" ]; do
		71	serial=$((serial + 1))
		72	done
		73
		74	echo ${serial}
		75	return 0
		76	}
		77
62	create_trusted_link()	78	create_trusted_link()
63	{	79	{
64	local hash	80	local hash
		81	local serial
65		82
66	hash=$( do_hash "$1" ) \|\| return	83	hash=$( do_hash "$1" ) \|\| return
		84	# XXX Should look at $hash.[0-9] and compare
67	if [ -e "$BLACKLISTDESTDIR/$hash.0" ]; then	85	if [ -e "$BLACKLISTDESTDIR/$hash.0" ]; then
68	echo "Skipping blacklisted certificate $1 ($BLACKLISTDESTDIR/$hash.0)"	86	echo "Skipping blacklisted certificate $1 ($BLACKLISTDESTDIR/$hash.0)"
69	return 1	87	return 1
70	fi	88	fi
71	[ $VERBOSE -gt 0 ] && echo "Adding $hash.0 to trust store"	89	serial=$(get_serial "$CERTDESTDIR" "$hash")
72	[ $NOOP -eq 0 ] && install -lrs $(realpath "$1") "$CERTDESTDIR/$hash.0"	90	[ $VERBOSE -gt 0 ] && echo "Adding $hash.$serial to trust store"
		91	[ $NOOP -eq 0 ] && \
		92	install -lrs $(realpath "$1") "$CERTDESTDIR/$hash.$serial"
73	}	93	}
74		94
75	create_blacklisted()	95	create_blacklisted()
76	{	96	{
77	local hash srcfile filename	97	local hash srcfile filename
		98	local serial
78		99
79	# If it exists as a file, we'll try that; otherwise, we'll scan	100	# If it exists as a file, we'll try that; otherwise, we'll scan
80	if [ -e "$1" ]; then	101	if [ -e "$1" ]; then
81	hash=$( do_hash "$1" ) \|\| return	102	hash=$( do_hash "$1" ) \|\| return
82	srcfile=$(realpath "$1")	103	srcfile=$(realpath "$1")
83	filename="$hash.0"	104	serial=$(get_serial "$CERTDESTDIR" "$hash")
		105	filename="$hash.$serial"
84	elif [ -e "${CERTDESTDIR}/$1" ]; then	106	elif [ -e "${CERTDESTDIR}/$1" ]; then
85	srcfile=$(realpath "${CERTDESTDIR}/$1")	107	srcfile=$(realpath "${CERTDESTDIR}/$1")
86	filename="$1"	108	filename="$1"
Lines 183-188 cmd_unblacklist() Link Here
183	for BFILE in "$@"; do	205	for BFILE in "$@"; do
184	if [ -s "$BFILE" ]; then	206	if [ -s "$BFILE" ]; then
185	hash=$( do_hash "$BFILE" )	207	hash=$( do_hash "$BFILE" )
		208	# XXX .0?
186	echo "Removing $hash.0 from blacklist"	209	echo "Removing $hash.0 from blacklist"
187	[ $NOOP -eq 0 ] && rm -f "$BLACKLISTDESTDIR/$hash.0"	210	[ $NOOP -eq 0 ] && rm -f "$BLACKLISTDESTDIR/$hash.0"
188	elif [ -e "$BLACKLISTDESTDIR/$BFILE" ]; then	211	elif [ -e "$BLACKLISTDESTDIR/$BFILE" ]; then