diff options
Diffstat (limited to 'lib')
| -rwxr-xr-x | lib/mk-ca-bundle.pl | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl index 01a552e0b..34497230d 100755 --- a/lib/mk-ca-bundle.pl +++ b/lib/mk-ca-bundle.pl @@ -225,33 +225,33 @@ sub parse_csv_param($$@) { return @values; } -sub sha1 { +sub sha256 { my $result; if ($Digest::SHA::VERSION || $Digest::SHA::PurePerl::VERSION) { open(FILE, $_[0]) or die "Can't open '$_[0]': $!"; binmode(FILE); - $result = $MOD_SHA->new(1)->addfile(*FILE)->hexdigest; + $result = $MOD_SHA->new(256)->addfile(*FILE)->hexdigest; close(FILE); } else { # Use OpenSSL command if Perl Digest::SHA modules not available - $result = (split(/ |\r|\n/,`$openssl dgst -sha1 $_[0]`))[1]; + $result = (split(/ |\r|\n/,`$openssl dgst -sha256 $_[0]`))[1]; } return $result; } -sub oldsha1 { - my $sha1 = ""; +sub oldhash { + my $hash = ""; open(C, "<$_[0]") || return 0; while(<C>) { chomp; - if($_ =~ /^\#\# SHA1: (.*)/) { - $sha1 = $1; + if($_ =~ /^\#\# SHA256: (.*)/) { + $hash = $1; last; } } close(C); - return $sha1; + return $hash; } if ( $opt_p !~ m/:/ ) { @@ -283,9 +283,9 @@ my $stdout = $crt eq '-'; my $resp; my $fetched; -my $oldsha1 = oldsha1($crt); +my $oldhash = oldhash($crt); -report "SHA1 of old file: $oldsha1"; +report "SHA256 of old file: $oldhash"; report "Downloading '$txt' ..."; @@ -328,14 +328,14 @@ if(!$filedate) { } # get the hash from the download file -my $newsha1= sha1($txt); +my $newhash= sha256($txt); -if(!$opt_f && $oldsha1 eq $newsha1) { +if(!$opt_f && $oldhash eq $newhash) { report "Downloaded file identical to previous run\'s source file. Exiting"; exit; } -report "SHA1 of new file: $newsha1"; +report "SHA256 of new file: $newhash"; my $currentdate = scalar gmtime($filedate); @@ -362,7 +362,7 @@ print CRT <<EOT; ## Just configure this file as the SSLCACertificateFile. ## ## Conversion done with mk-ca-bundle.pl version $version. -## SHA1: $newsha1 +## SHA256: $newhash ## EOT |