wok annotate cacerts/stuff/remove-expired-certs.sh @ rev 19639

slitaz-boot-scripts: update deps
author Pascal Bellard <pascal.bellard@slitaz.org>
date Fri Jan 20 16:19:33 2017 +0100 (2017-01-20)
parents d805d3de4546
children
rev   line source
al@14468 1 #!/bin/sh
al@17865 2 # Begin remove-expired-certs.sh
al@14468 3 #
al@14468 4 # Version 20120211
al@14468 5
al@14468 6 # Make sure the date is parsed correctly on all systems
al@14468 7 mydate()
al@14468 8 {
al@14468 9 local y=$( echo $1 | cut -d" " -f4 )
al@14468 10 local M=$( echo $1 | cut -d" " -f1 )
al@14468 11 local d=$( echo $1 | cut -d" " -f2 )
al@14468 12 local m
al@14468 13
al@14468 14 if [ ${d} -lt 10 ]; then d="0${d}"; fi
al@14468 15
al@14468 16 case $M in
al@14468 17 Jan) m="01";;
al@14468 18 Feb) m="02";;
al@14468 19 Mar) m="03";;
al@14468 20 Apr) m="04";;
al@14468 21 May) m="05";;
al@14468 22 Jun) m="06";;
al@14468 23 Jul) m="07";;
al@14468 24 Aug) m="08";;
al@14468 25 Sep) m="09";;
al@14468 26 Oct) m="10";;
al@14468 27 Nov) m="11";;
al@14468 28 Dec) m="12";;
al@14468 29 esac
al@14468 30
al@14468 31 certdate="${y}${m}${d}"
al@14468 32 }
al@14468 33
al@14468 34 OPENSSL=/usr/bin/openssl
al@14468 35 DIR=$DESTDIR/etc/ssl/certs
al@14468 36
al@14468 37 if [ $# -gt 0 ]; then
al@14468 38 DIR="$1"
al@14468 39 fi
al@14468 40
al@14468 41 certs=$( find ${DIR} -type f -name "*.pem" -o -name "*.crt" )
al@14468 42 today=$( date +%Y%m%d )
al@14468 43
al@14468 44 for cert in $certs; do
al@14468 45 notafter=$( $OPENSSL x509 -enddate -in "${cert}" -noout )
al@14468 46 date=$( echo ${notafter} | sed 's/^notAfter=//' )
al@14468 47 mydate "$date"
al@14468 48
al@14468 49 if [ ${certdate} -lt ${today} ]; then
al@14468 50 echo "${cert} expired on ${certdate}! Removing..."
al@14468 51 rm -f "${cert}"
al@14468 52 fi
al@14468 53 done