git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-11 12:01:42 +08:00
Code Issues Actions 14 Packages Projects Releases Wiki Activity

genserv.pl: fail with a message if openssl is missing or failing

Browse Source 
Reported-by: Tomas Volf
Fixes #16926
Follow-up to 44341e736a #16824
Ref: #16928
Co-authored-by: Daniel Stenberg
Closes #16929
This commit is contained in:
Viktor Szakats 2025-04-02 23:40:14 +02:00
parent 78710ee955
commit 3d4e4a1874
No known key found for this signature in database
GPG Key ID: B5ABD165E2AEF201
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
tests/certs/genserv.pl
View File

@ -29,6 +29,12 @@ use warnings;
use File::Basename;
use File::Spec;
sub opensslfail {
die "Missing or broken 'openssl' tool. openssl 1.0.2+ is required. ".
"Without it, this script cannot generate the necessary certificates ".
"the curl test suite needs for all its TLS related tests.";
}
my $OPENSSL = 'openssl';
if(-f '/usr/local/ssl/bin/openssl') {
$OPENSSL = '/usr/local/ssl/bin/openssl';
@ -44,20 +50,25 @@ my $PREFIX;
my $CAPREFIX = shift @ARGV;
if(!$CAPREFIX) {
print "Usage: genserv.pl <caprefix> [<prefix> ...]\n";
print 'Usage: genserv.pl <caprefix> [<prefix> ...]\n';
exit 1;
} elsif(! -f "$CAPREFIX-ca.cacert" ||
! -f "$CAPREFIX-ca.key") {
if($OPENSSL eq basename($OPENSSL)) { # has no dir component
# find openssl in PATH
my $found = 0;
foreach(File::Spec->path()) {
my $file = File::Spec->catfile($_, $OPENSSL);
if(-f $file) {
$OPENSSL = $file;
$found = 1;
last;
}
}
if(!$found) {
opensslfail();
}
}
print "$OPENSSL\n";
@ -66,8 +77,10 @@ if(!$CAPREFIX) {
$PREFIX = $CAPREFIX;
$DURATION = 6000;
system("$OPENSSL genpkey -algorithm EC -pkeyopt ec_paramgen_curve:$KEYSIZE -pkeyopt ec_param_enc:named_curve " .
"-out $PREFIX-ca.key -pass pass:secret");
if(system("$OPENSSL genpkey -algorithm EC -pkeyopt ec_paramgen_curve:$KEYSIZE -pkeyopt ec_param_enc:named_curve " .
"-out $PREFIX-ca.key -pass pass:secret") != 0) {
opensslfail();
}
system("$OPENSSL req -config $SRCDIR/$PREFIX-ca.prm -new -key $PREFIX-ca.key -out $PREFIX-ca.csr -passin pass:secret 2>$dev_null");
system("$OPENSSL x509 -sha256 -extfile $SRCDIR/$PREFIX-ca.prm -days $DURATION " .
"-req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-ca.raw-cacert");