isaacpittman-hitachi / rpms / openssl

Forked from rpms/openssl 2 years ago
Clone
727bdf
diff --git a/tools/c_rehash.in b/tools/c_rehash.in
727bdf
index d51d8856d7..a630773a02 100644
727bdf
--- a/tools/c_rehash.in
727bdf
+++ b/tools/c_rehash.in
727bdf
@@ -152,6 +152,23 @@ sub check_file {
727bdf
     return ($is_cert, $is_crl);
727bdf
 }
727bdf
 
727bdf
+sub compute_hash {
727bdf
+    my $fh;
727bdf
+    if ( $^O eq "VMS" ) {
727bdf
+        # VMS uses the open through shell
727bdf
+        # The file names are safe there and list form is unsupported
727bdf
+        if (!open($fh, "-|", join(' ', @_))) {
727bdf
+            print STDERR "Cannot compute hash on '$fname'\n";
727bdf
+            return;
727bdf
+        }
727bdf
+    } else {
727bdf
+        if (!open($fh, "-|", @_)) {
727bdf
+            print STDERR "Cannot compute hash on '$fname'\n";
727bdf
+            return;
727bdf
+        }
727bdf
+    }
727bdf
+    return (<$fh>, <$fh>);
727bdf
+}
727bdf
 
727bdf
 # Link a certificate to its subject name hash value, each hash is of
727bdf
 # the form <hash>.<n> where n is an integer. If the hash value already exists
727bdf
@@ -161,10 +178,12 @@ sub check_file {
727bdf
 
727bdf
 sub link_hash_cert {
727bdf
     my $fname = $_[0];
727bdf
-    $fname =~ s/\"/\\\"/g;
727bdf
-    my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
727bdf
+    my ($hash, $fprint) = compute_hash($openssl, "x509", $x509hash,
727bdf
+                                       "-fingerprint", "-noout",
727bdf
+                                       "-in", $fname);
727bdf
     chomp $hash;
727bdf
     chomp $fprint;
727bdf
+    return if !$hash;
727bdf
     $fprint =~ s/^.*=//;
727bdf
     $fprint =~ tr/://d;
727bdf
     my $suffix = 0;
727bdf
@@ -202,10 +221,12 @@ sub link_hash_cert {
727bdf
 
727bdf
 sub link_hash_crl {
727bdf
     my $fname = $_[0];
727bdf
-    $fname =~ s/'/'\\''/g;
727bdf
-    my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
727bdf
+    my ($hash, $fprint) = compute_hash($openssl, "crl", $crlhash,
727bdf
+                                       "-fingerprint", "-noout",
727bdf
+                                       "-in", $fname);
727bdf
     chomp $hash;
727bdf
     chomp $fprint;
727bdf
+    return if !$hash;
727bdf
     $fprint =~ s/^.*=//;
727bdf
     $fprint =~ tr/://d;
727bdf
     my $suffix = 0;