2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-04 15:03:41 +01:00

Refuse to accept both --cafile and --capath.

Prior to this commit, the code accepts both the --cafile and the
--capath options, as that's how it's always behaved. This patch corrects
that, refusing to proceed if the options are provided.

Technically, openssl permits the use of both the -CAfile and -CApath
options. However, cipherscan itself can only make use of one of the two
options, and does not currently support "one or both" scenarios.

So this patch ensures that users are not caught unaware when they
specify --capath and --cafile and the script refuses to honor the
latter.
This commit is contained in:
Richard Soderberg 2015-09-05 00:34:24 -07:00
parent e35a6155bc
commit 5dc692566a

View File

@ -1340,6 +1340,11 @@ do
esac
done
if [[ -n $CAPATH && -n $CACERTS ]]; then
echo "Both directory and file with CA certificates specified" 1>&2
exit 1
fi
# echo parameters left: $@
TEMPTARGET=$(sed -e 's/^.* //'<<<"${@}")