You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

547980-smime_keys-chaining.patch 2.8KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495
  1. From: Antonio Radici <antonio@debian.org>
  2. Date: Thu, 27 Feb 2014 17:03:15 +0100
  3. Subject: 547980-smime_keys-chaining
  4. To suppose certificate chaining in smime_keys,
  5. see upstream http://bugs.mutt.org/3339
  6. Gbp-Pq: Topic upstream
  7. ---
  8. smime_keys.pl | 57 ++++++++++++++++++++++++++++++++++++++++++++++++---------
  9. 1 file changed, 48 insertions(+), 9 deletions(-)
  10. diff --git a/smime_keys.pl b/smime_keys.pl
  11. index 2f4544a..2a78e39 100755
  12. --- a/smime_keys.pl
  13. +++ b/smime_keys.pl
  14. @@ -81,6 +81,30 @@ if ( -d $root_certs_path) {
  15. # OPS
  16. #
  17. +
  18. +sub get_certs {
  19. + my $file = shift;
  20. + return undef unless (defined($file) && -e $file);
  21. +
  22. + open IN, "<$file";
  23. +
  24. + my @certs = ();
  25. + my $in_cert = 0;
  26. + my $cert = q{};
  27. + while ( <IN> ) {
  28. + $in_cert = 1 if ( /^-----BEGIN CERTIFICATE-----$/ );
  29. + $cert .= $_;
  30. +
  31. + if ( /^-----END CERTIFICATE-----$/ ) {
  32. + push @certs, $cert;
  33. + $cert = q{};
  34. + $in_cert = 0;
  35. + }
  36. + }
  37. +
  38. + return @certs;
  39. +}
  40. +
  41. if(@ARGV == 1 and $ARGV[0] eq "init") {
  42. init_paths;
  43. }
  44. @@ -91,13 +115,27 @@ elsif(@ARGV == 2 and $ARGV[0] eq "label") {
  45. change_label($ARGV[1]);
  46. }
  47. elsif(@ARGV == 2 and $ARGV[0] eq "add_cert") {
  48. - my $format = -B $ARGV[1] ? 'DER' : 'PEM';
  49. - my $cmd = "$opensslbin x509 -noout -hash -in $ARGV[1] -inform $format";
  50. - my $cert_hash = `$cmd`;
  51. - $? and die "'$cmd' returned $?";
  52. - chomp($cert_hash);
  53. - my $label = query_label;
  54. - &add_certificate($ARGV[1], \$cert_hash, 1, $label, '?');
  55. + foreach my $cert ( get_certs( $ARGV[1] ) ) {
  56. +
  57. + my $file = sprintf( '/tmp/smime-%d.%d', $$, int(rand( 999999 ) ) );
  58. + print STDERR "TMPFILE: $file\n";
  59. + if ( -e $file ) {
  60. + die( "ERROR: TMPFILE $file existss?!?!" );
  61. + }
  62. + open OUT, ">$file";
  63. + print OUT $cert;
  64. + close OUT;
  65. +
  66. + my $format = -B $file ? 'DER' : 'PEM';
  67. + my $cmd = "$opensslbin x509 -noout -hash -in $file -inform $format";
  68. +
  69. + my $cert_hash = `$cmd`;
  70. + $? and die "'$cmd' returned $?";
  71. + chomp($cert_hash);
  72. + my $label = query_label;
  73. + &add_certificate($ARGV[1], \$cert_hash, 1, $label, '?');
  74. + unlink $file;
  75. + }
  76. }
  77. elsif(@ARGV == 2 and $ARGV[0] eq "add_pem") {
  78. -e $ARGV[1] and -s $ARGV[1] or die("$ARGV[1] is nonexistent or empty.");
  79. @@ -381,9 +419,10 @@ sub query_label () {
  80. print "the key ID. This has to be _one_ word (no whitespaces).\n\n";
  81. print "Enter label: ";
  82. - chomp($input = <STDIN>);
  83. + $input = <STDIN>;
  84. + chomp($input) if ( defined($input) );
  85. - my ($label, $junk) = split(/\s/, $input, 2);
  86. + my ($label, $junk) = split(/\s/, $input, 2) if ( defined($input) );
  87. defined $junk
  88. and print "\nUsing '$label' as label; ignoring '$junk'\n";