Fixed certificate serial detection

master
Thomas Hooge 5 years ago
parent f237416bcb
commit bf26fd7c03
  1. 21
      lib/OpenSSL.pm

@ -557,6 +557,8 @@ sub parsecert {
my $tmp = {}; my $tmp = {};
my (@lines, $dn, $i, $c, $v, $k, $cmd, $crl, $time, $t, $ext, $ret, $pid); my (@lines, $dn, $i, $c, $v, $k, $cmd, $crl, $time, $t, $ext, $ret, $pid);
my($rdfh, $wtfh);
$time = time(); $time = time();
$force && delete($self->{'CACHE'}->{$file}); $force && delete($self->{'CACHE'}->{$file});
@ -632,6 +634,21 @@ sub parsecert {
} }
} }
# no serial yet? get it now the direct way
if(!defined $tmp->{'SERIAL'}){
$cmd = "$self->{'bin'} x509 -noout -serial -in $file";
$ext = "$cmd\n\n";
$pid = open3($wtfh, $rdfh, $rdfh, $cmd);
while(<$rdfh>){
$ext .= $_;
($k, $v) = split(/=/);
$tmp->{'SERIAL'} = $v if($k =~ /serial/i);
chomp($tmp->{'SERIAL'});
}
waitpid($pid, 0);
$ret = $? >> 8;
}
# parse subject DN # parse subject DN
$dn = HELPERS::parse_dn($tmp->{'DN'}); $dn = HELPERS::parse_dn($tmp->{'DN'});
foreach(keys(%$dn)) { foreach(keys(%$dn)) {
@ -646,7 +663,6 @@ sub parsecert {
# get fingerprint # get fingerprint
$cmd = "$self->{'bin'} x509 -noout -fingerprint -md5 -in $file"; $cmd = "$self->{'bin'} x509 -noout -fingerprint -md5 -in $file";
my($rdfh, $wtfh);
$ext = "$cmd\n\n"; $ext = "$cmd\n\n";
$pid = open3($wtfh, $rdfh, $rdfh, $cmd); $pid = open3($wtfh, $rdfh, $rdfh, $cmd);
while(<$rdfh>){ while(<$rdfh>){
@ -1059,6 +1075,9 @@ sub _set_expired {
close IN; close IN;
# Format of OpenSSl index db
# E|R|V<tab>Expiry<tab>[RevocationDate]<tab>Serial<tab>unknown<tab>SubjectDN
open(OUT, ">$index") || do { open(OUT, ">$index") || do {
my $t = sprintf(_("Can't write index %s: %s"), $index, $!); my $t = sprintf(_("Can't write index %s: %s"), $index, $!);
GUI::HELPERS::print_warning($t); GUI::HELPERS::print_warning($t);