1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
From: Antonio Radici <antonio@debian.org>
Date: Thu, 27 Feb 2014 17:03:15 +0100
Subject: 547980-smime_keys-chaining
To suppose certificate chaining in smime_keys,
see upstream http://bugs.mutt.org/3339
Gbp-Pq: Topic upstream
---
smime_keys.pl | 57 ++++++++++++++++++++++++++++++++++++++++++++++++---------
1 file changed, 48 insertions(+), 9 deletions(-)
diff --git a/smime_keys.pl b/smime_keys.pl
index 2f4544a..2a78e39 100755
--- a/smime_keys.pl
+++ b/smime_keys.pl
@@ -81,6 +81,30 @@ if ( -d $root_certs_path) {
# OPS
#
+
+sub get_certs {
+ my $file = shift;
+ return undef unless (defined($file) && -e $file);
+
+ open IN, "<$file";
+
+ my @certs = ();
+ my $in_cert = 0;
+ my $cert = q{};
+ while ( <IN> ) {
+ $in_cert = 1 if ( /^-----BEGIN CERTIFICATE-----$/ );
+ $cert .= $_;
+
+ if ( /^-----END CERTIFICATE-----$/ ) {
+ push @certs, $cert;
+ $cert = q{};
+ $in_cert = 0;
+ }
+ }
+
+ return @certs;
+}
+
if(@ARGV == 1 and $ARGV[0] eq "init") {
init_paths;
}
@@ -91,13 +115,27 @@ elsif(@ARGV == 2 and $ARGV[0] eq "label") {
change_label($ARGV[1]);
}
elsif(@ARGV == 2 and $ARGV[0] eq "add_cert") {
- my $format = -B $ARGV[1] ? 'DER' : 'PEM';
- my $cmd = "$opensslbin x509 -noout -hash -in $ARGV[1] -inform $format";
- my $cert_hash = `$cmd`;
- $? and die "'$cmd' returned $?";
- chomp($cert_hash);
- my $label = query_label;
- &add_certificate($ARGV[1], \$cert_hash, 1, $label, '?');
+ foreach my $cert ( get_certs( $ARGV[1] ) ) {
+
+ my $file = sprintf( '/tmp/smime-%d.%d', $$, int(rand( 999999 ) ) );
+ print STDERR "TMPFILE: $file\n";
+ if ( -e $file ) {
+ die( "ERROR: TMPFILE $file existss?!?!" );
+ }
+ open OUT, ">$file";
+ print OUT $cert;
+ close OUT;
+
+ my $format = -B $file ? 'DER' : 'PEM';
+ my $cmd = "$opensslbin x509 -noout -hash -in $file -inform $format";
+
+ my $cert_hash = `$cmd`;
+ $? and die "'$cmd' returned $?";
+ chomp($cert_hash);
+ my $label = query_label;
+ &add_certificate($ARGV[1], \$cert_hash, 1, $label, '?');
+ unlink $file;
+ }
}
elsif(@ARGV == 2 and $ARGV[0] eq "add_pem") {
-e $ARGV[1] and -s $ARGV[1] or die("$ARGV[1] is nonexistent or empty.");
@@ -381,9 +419,10 @@ sub query_label () {
print "the key ID. This has to be _one_ word (no whitespaces).\n\n";
print "Enter label: ";
- chomp($input = <STDIN>);
+ $input = <STDIN>;
+ chomp($input) if ( defined($input) );
- my ($label, $junk) = split(/\s/, $input, 2);
+ my ($label, $junk) = split(/\s/, $input, 2) if ( defined($input) );
defined $junk
and print "\nUsing '$label' as label; ignoring '$junk'\n";
|