I2P Address: [http://git.idk.i2p]

Skip to content
Snippets Groups Projects
Commit 47b10e97 authored by kytv's avatar kytv
Browse files

checkremotecerts.sh: explicit check that cert exists

parent 1b5a2dde
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
tests/scripts/checkremotecerts.sh
+ 10
4
View file @ 47b10e97
...@@ -65,10 +65,16 @@ for HOST in $RESEEDHOSTS; do ...@@ -65,10 +65,16 @@ for HOST in $RESEEDHOSTS; do
# If we end up here it's for one of two probable reasons: # If we end up here it's for one of two probable reasons:
# 1) the the CN in the certificate doesn't match the hostname. # 1) the the CN in the certificate doesn't match the hostname.
# 2) the certificate is invalid # 2) the certificate is invalid
openssl x509 -in "$CERTHOME/ssl/$HOST.crt" -fingerprint -noout > "$WORK/$HOST.expected.finger" if [ -e "$CERTHOME/ssl/$HOST.crt" ]; then
openssl x509 -in "$WORK/$HOST.test" -fingerprint -noout > "$WORK/$HOST.real.finger" openssl x509 -in "$CERTHOME/ssl/$HOST.crt" -fingerprint -noout > "$WORK/$HOST.expected.finger"
if [ "$(cat "$WORK/$HOST.expected.finger")" != "$(cat "$WORK/$HOST.real.finger")" ]; then openssl x509 -in "$WORK/$HOST.test" -fingerprint -noout > "$WORK/$HOST.real.finger"
echo -n "invalid certificate for $HOST" if [ "$(cat "$WORK/$HOST.expected.finger")" != "$(cat "$WORK/$HOST.real.finger")" ]; then
echo -n "invalid certificate for $HOST"
FAIL=1
echo $HOST >> $WORK/bad
fi
else
echo "Untrusted certficate and certificate not found at $CERTHOME/ssl" >&2
FAIL=1 FAIL=1
echo $HOST >> $WORK/bad echo $HOST >> $WORK/bad
fi fi
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Base32 Address: [http://7qeve4v2chmjdqlwpa3vl7aojf3nodbku7vepnjwrsxljzqipz6a.b32.i2p] Onion Address: [http://47ggr2fa3vnwfyhvgskzdmr3i32eijwymxohtxsls45dulmriwxszjad.onion]