forked from pool/ca-certificates-mozilla
Ludwig Nussel
100a07b249
* new: AddTrust_Qualified_Certificates_Root.pem * new: Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem * new: Chambers_of_Commerce_Root_2008.pem * new: Global_Chambersign_Root_2008.pem * new: Izenpe_com.pem * new: TC_TrustCenter_Universal_CA_III.pem OBS-URL: https://build.opensuse.org/package/show/Base:System/ca-certificates-mozilla?expand=0&rev=13
46 lines
1.0 KiB
Bash
46 lines
1.0 KiB
Bash
#!/bin/bash
|
|
# print fingerprints of new or changed certificates
|
|
set -e
|
|
cleanup()
|
|
{
|
|
rm -rf new{,.files} old{,.files}
|
|
}
|
|
showcert()
|
|
{
|
|
openssl x509 -in "$1" -noout -subject -fingerprint -nameopt multiline,utf8,-esc_msb \
|
|
| sed -ne 's/ *commonName *= / CN: /p; s/.*Fingerprint=/ sha1: /p'
|
|
}
|
|
cleanup
|
|
trap cleanup EXIT
|
|
mkdir old new
|
|
cd old
|
|
echo old...
|
|
VERBOSE=1 ../extractcerts.pl --trustbits < ../.osc/certdata.txt > tmp
|
|
sort < tmp > ../old.files
|
|
rm -f tmp
|
|
cd ..
|
|
cd new
|
|
echo new...
|
|
VERBOSE=1 ../extractcerts.pl --trustbits < ../certdata.txt > tmp
|
|
sort < tmp > ../new.files
|
|
rm -f tmp
|
|
cd ..
|
|
echo '----------------------------'
|
|
while read line; do
|
|
IFS='#' eval set -- \$line
|
|
old="$1"
|
|
new="$2"
|
|
common="$3"
|
|
if [ -n "$old" ]; then
|
|
echo "$old has been deleted"
|
|
elif [ -n "$new" ]; then
|
|
echo "new: $new"
|
|
showcert new/$new
|
|
elif ! cmp "old/$common" "new/$common"; then
|
|
echo "*** $common differs!"
|
|
showcert old/$common
|
|
showcert new/$common
|
|
diff -u old/$common new/$common || true
|
|
fi
|
|
done < <(comm --output-delimiter='#' old.files new.files)
|