Refuse to accept both --cafile and --capath.
Prior to this commit, the code accepts both the --cafile and the --capath options, as that's how it's always behaved. This patch corrects that, refusing to proceed if the options are provided. Technically, openssl permits the use of both the -CAfile and -CApath options. However, cipherscan itself can only make use of one of the two options, and does not currently support "one or both" scenarios. So this patch ensures that users are not caught unaware when they specify --capath and --cafile and the script refuses to honor the latter.
This commit is contained in:
Richard Soderberg
parent
e35a6155bc
commit
5dc692566a
|
|
@ -1340,6 +1340,11 @@ do
|
|||
esac
|
||||
done
|
||||
|
||||
if [[ -n $CAPATH && -n $CACERTS ]]; then
|
||||
echo "Both directory and file with CA certificates specified" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# echo parameters left: $@
|
||||
|
||||
TEMPTARGET=$(sed -e 's/^.* //'<<<"${@}")
|
||||
|
|
|
|||
Loading…
Reference in New Issue