[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Richard Levitte
levitte at openssl.org
Thu Apr 12 13:36:31 UTC 2018
The branch OpenSSL_1_1_0-stable has been updated
via e7bc92bc782b995231dbf855970f206ebc65c75d (commit)
via f93f6a3bbcd253cd90a280ce7ba598908eed1489 (commit)
from 9e8554fca5019b81ed7659d97f103f388ea3a2bf (commit)
- Log -----------------------------------------------------------------
commit e7bc92bc782b995231dbf855970f206ebc65c75d
Author: Richard Levitte <levitte at openssl.org>
Date: Thu Apr 12 13:30:57 2018 +0200
openssl rehash: use libcrypto variables for default dir
X509_get_default_cert_dir_env() returns the default environment
variable to check for certificate directories.
X509_get_default_cert_dir() returns the default configured certificate
directory.
Use these instead of hard coding our own values, and thereby be more
integrated with the rest of OpenSSL.
Reviewed-by: Andy Polyakov <appro at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5937)
(cherry picked from commit 362ff3c39703633ac53ba9130c7acc02177bedc5)
commit f93f6a3bbcd253cd90a280ce7ba598908eed1489
Author: Richard Levitte <levitte at openssl.org>
Date: Thu Apr 12 13:30:21 2018 +0200
openssl rehash: document -compat
Fixes #5902
Reviewed-by: Andy Polyakov <appro at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5937)
(cherry picked from commit adaf3cfad2319fe5c0d6fe179c726cc85eebf2d3)
-----------------------------------------------------------------------
Summary of changes:
apps/rehash.c | 7 ++++---
doc/apps/rehash.pod | 6 ++++++
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/apps/rehash.c b/apps/rehash.c
index 273ad74..19e24d9 100644
--- a/apps/rehash.c
+++ b/apps/rehash.c
@@ -502,13 +502,14 @@ int rehash_main(int argc, char **argv)
if (*argv) {
while (*argv)
errs += do_dir(*argv++, h);
- } else if ((env = getenv("SSL_CERT_DIR")) != NULL) {
+ } else if ((env = getenv(X509_get_default_cert_dir_env())) != NULL) {
+ char lsc[2] = { LIST_SEPARATOR_CHAR, '\0' };
m = OPENSSL_strdup(env);
- for (e = strtok(m, ":"); e != NULL; e = strtok(NULL, ":"))
+ for (e = strtok(m, lsc); e != NULL; e = strtok(NULL, lsc))
errs += do_dir(e, h);
OPENSSL_free(m);
} else {
- errs += do_dir("/etc/ssl/certs", h);
+ errs += do_dir(X509_get_default_cert_dir(), h);
}
end:
diff --git a/doc/apps/rehash.pod b/doc/apps/rehash.pod
index 79268d4..0a192e9 100644
--- a/doc/apps/rehash.pod
+++ b/doc/apps/rehash.pod
@@ -99,6 +99,12 @@ Note that current versions will not use the old style.
Do not remove existing links.
This is needed when keeping new and old-style links in the same directory.
+=item B<-compat>
+
+Generate links for both old-style (MD5) and new-style (SHA1) hashing.
+This allows releases before 1.0.0 to use these links along-side newer
+releases.
+
=item B<-v>
Print messages about old links removed and new links created.
More information about the openssl-commits
mailing list