LittleNellie/cipherscan
2
0
Fork 0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 14:23:41 +01:00
Code Issues Releases Wiki Activity

Attempt to use /etc/ssl/certs/ca-certificates.crt if no CACERTS

Browse Source 
are available. On Debian, this is the default location for
system-wide trust anchors.
This commit is contained in:
Simon Deziel 2014-07-25 10:01:31 -04:00
parent 273211f025
commit 7dee967dd7
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cipherscan
View File

@ -8,7 +8,14 @@
DOBENCHMARK=0 DOBENCHMARK=0
BENCHMARKITER=30 BENCHMARKITER=30
OPENSSLBIN="$(dirname $0)/openssl" OPENSSLBIN="$(dirname $0)/openssl"
CACERTS=${CACERTS:-/etc/pki/tls/certs/ca-bundle.crt} if [ -z "$CACERTS" ]; then
for f in /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt; do
if [ -e "$f" ]; then
CACERTS="$f"
break
fi
done
fi
if [ ! -e "$CACERTS" ]; then if [ ! -e "$CACERTS" ]; then
echo "Warning: CA Certificates not found at $CACERTS, export CACERTS variable with location of your trust anchors" 1>&2 echo "Warning: CA Certificates not found at $CACERTS, export CACERTS variable with location of your trust anchors" 1>&2
fi fi
@ -326,6 +333,7 @@ do
done done
if [ $VERBOSE != 0 ] ; then if [ $VERBOSE != 0 ] ; then
[ -n "$CACERTS" ] && echo "Using trust anchors from $CACERTS"
echo "Loading $($OPENSSLBIN ciphers -v $CIPHERSUITE 2>/dev/null|grep Kx|wc -l) ciphersuites from $(echo -n $($OPENSSLBIN version 2>/dev/null))" echo "Loading $($OPENSSLBIN ciphers -v $CIPHERSUITE 2>/dev/null|grep Kx|wc -l) ciphersuites from $(echo -n $($OPENSSLBIN version 2>/dev/null))"
$OPENSSLBIN ciphers ALL 2>/dev/null $OPENSSLBIN ciphers ALL 2>/dev/null
fi fi