Up to [local] / src / usr.bin / openssl
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: OPENBSD_5_7_BASE
Revision 1.2 / (download) - annotate - [select for diffs], Tue Feb 10 15:29:34 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.1: +3 -1 lines
Diff to previous 1.1 (colored)
Introduce an openssl(1) certhash command. This is effectively a reimplementation of the functionality provided by the previously removed c_rehash Perl script. The c_rehash script had a number of known issues, including the fact that it needs to run openssl(1) multiple times and that it starts by removing all symlinks before putting them back, creating atomicity issues/race conditions, even when nothing has changed. certhash is self-contained and is intended to be stable - no changes should be made unless something has actually changed. This means it can be run regularly in a production environment without causing certificate lookup failures. Further testing and improvements will happen in tree. Discussed with tedu@