echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

checkremotecerts.sh: explicit check that cert exists

Browse Source
This commit is contained in:
kytv
2014-05-08 17:56:37 +00:00
parent 1b5a2ddef3
commit 47b10e9771
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/scripts/checkremotecerts.sh
View File

@ -65,6 +65,7 @@ for HOST in $RESEEDHOSTS; do
# If we end up here it's for one of two probable reasons:
# 1) the the CN in the certificate doesn't match the hostname.
# 2) the certificate is invalid
if [ -e "$CERTHOME/ssl/$HOST.crt" ]; then
openssl x509 -in "$CERTHOME/ssl/$HOST.crt" -fingerprint -noout > "$WORK/$HOST.expected.finger"
openssl x509 -in "$WORK/$HOST.test" -fingerprint -noout > "$WORK/$HOST.real.finger"
if [ "$(cat "$WORK/$HOST.expected.finger")" != "$(cat "$WORK/$HOST.real.finger")" ]; then
@ -72,6 +73,11 @@ for HOST in $RESEEDHOSTS; do
FAIL=1
echo $HOST >> $WORK/bad
fi
else
echo "Untrusted certficate and certificate not found at $CERTHOME/ssl" >&2
FAIL=1
echo $HOST >> $WORK/bad
fi
fi
echo
done