diff options
Diffstat (limited to 'lib/mk-ca-bundle.vbs')
| -rwxr-xr-x | lib/mk-ca-bundle.vbs | 95 |
1 files changed, 55 insertions, 40 deletions
diff --git a/lib/mk-ca-bundle.vbs b/lib/mk-ca-bundle.vbs index 5a4b4ed9..2d82e7d8 100755 --- a/lib/mk-ca-bundle.vbs +++ b/lib/mk-ca-bundle.vbs @@ -5,7 +5,7 @@ '* | (__| |_| | _ <| |___
'* \___|\___/|_| \_\_____|
'*
-'* Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+'* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
'*
'* This software is licensed as described in the file COPYING, which
'* you should have received as part of this distribution. The terms
@@ -26,16 +26,16 @@ '* Hacked by Guenter Knauf
'***************************************************************************
Option Explicit
-Const myVersion = "0.3.5"
-
-Const myUrl = "http://mxr.mozilla.org/firefox/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1"
+Const myVersion = "0.3.9"
+Const myUrl = "http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt"
Const myOpenssl = "openssl.exe"
Const myCdSavF = FALSE ' Flag: save downloaded data to file certdata.txt
Const myCaBakF = TRUE ' Flag: backup existing ca-bundle certificate
Const myAskLiF = TRUE ' Flag: display certdata.txt license agreement
Const myAskTiF = TRUE ' Flag: ask to include certificate text info
+Const myWrapLe = 76 ' Default length of base64 output lines
'******************* Nothing to configure below! *******************
Dim objShell, objNetwork, objFSO, objHttp
@@ -47,7 +47,7 @@ Set objHttp = WScript.CreateObject("WinHttp.WinHttpRequest.5.1") If objHttp Is Nothing Then Set objHttp = WScript.CreateObject("WinHttp.WinHttpRequest")
myBase = Left(WScript.ScriptFullName, InstrRev(WScript.ScriptFullName, "\"))
mySelf = Left(WScript.ScriptName, InstrRev(WScript.ScriptName, ".") - 1) & " " & myVersion
-myCdFile = Mid(myUrl, InstrRev(myUrl, "/") + 1, InstrRev(myUrl, "?") - InstrRev(myUrl, "/") - 1)
+myCdFile = Mid(myUrl, InstrRev(myUrl, "/") + 1)
myCaFile = "ca-bundle.crt"
myTmpName = InputBox("Enter output filename:", mySelf, myCaFile)
If Not (myTmpName = "") Then
@@ -59,8 +59,8 @@ objHttp.SetTimeouts 0, 5000, 10000, 10000 objHttp.Open "GET", myUrl, FALSE
objHttp.setRequestHeader "User-Agent", WScript.ScriptName & "/" & myVersion
objHttp.Send ""
-If Not (objHttp.statusText = "OK") Then
- MsgBox("Failed to download '" & myCdFile & "': " & objHttp.statusText), vbCritical, mySelf
+If Not (objHttp.Status = 200) Then
+ MsgBox("Failed to download '" & myCdFile & "': " & objHttp.Status & " - " & objHttp.StatusText), vbCritical, mySelf
WScript.Quit 1
End If
' Convert data from ResponseBody instead of using ResponseText because of UTF-8
@@ -96,8 +96,10 @@ If (myAskTiF = TRUE) Then End If
End If
' Process the received data
-Dim myLines, myPattern, myInsideCert, myInsideLicense, myLicenseText, myNumCerts
-Dim myLabel, myOctets, myData, myPem, myRev, j
+Dim myLines, myPattern, myInsideCert, myInsideLicense, myLicenseText, myNumCerts, myNumSkipped
+Dim myLabel, myOctets, myData, myPem, myRev, myUntrusted, j
+myNumSkipped = 0
+myNumCerts = 0
myData = ""
myLines = Split(myCdData, vbLf, -1)
Set myFh = objFSO.OpenTextFile(myCaFile, 2, TRUE)
@@ -109,7 +111,7 @@ myFh.Write "##" & vbLf myFh.Write "## This is a bundle of X.509 certificates of public Certificate Authorities" & vbLf
myFh.Write "## (CA). These were automatically extracted from Mozilla's root certificates" & vbLf
myFh.Write "## file (certdata.txt). This file can be found in the mozilla source tree:" & vbLf
-myFh.Write "## '/mozilla/security/nss/lib/ckfw/builtins/certdata.txt'" & vbLf
+myFh.Write "## '/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt'" & vbLf
myFh.Write "##" & vbLf
myFh.Write "## It contains the certificates in PEM format and therefore" & vbLf
myFh.Write "## can be directly used with curl / libcurl / php_curl, or with" & vbLf
@@ -125,36 +127,45 @@ For i = 0 To UBound(myLines) If (myInsideCert = TRUE) Then
If InstrRev(myLines(i), "END") Then
myInsideCert = FALSE
- myFh.Write myLabel & vbLf
- myFh.Write String(Len(myLabel), "=") & vbLf
- myPem = "-----BEGIN CERTIFICATE-----" & vbLf & _
- Base64Encode(myData) & vbLf & _
- "-----END CERTIFICATE-----" & vbLf
- If (myOptTxt = FALSE) Then
- myFh.Write myPem & vbLf
+ While (i < UBound(myLines)) And Not (myLines(i) = "#")
+ i = i + 1
+ If InstrRev(myLines(i), "CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR") Then
+ myUntrusted = FALSE
+ End If
+ Wend
+ If (myUntrusted = TRUE) Then
+ myNumSkipped = myNumSkipped + 1
Else
- Dim myCmd, myRval, myTmpIn, myTmpOut
- myTmpIn = objFSO.GetSpecialFolder(2).Path & "\" & objFSO.GetTempName
- myTmpOut = objFSO.GetSpecialFolder(2).Path & "\" & objFSO.GetTempName
- Set myTmpFh = objFSO.OpenTextFile(myTmpIn, 2, TRUE)
- myTmpFh.Write myPem
- myTmpFh.Close
- myCmd = myOpenssl & " x509 -md5 -fingerprint -text -inform PEM" & _
- " -in " & myTmpIn & " -out " & myTmpOut
- myRval = objShell.Run (myCmd, 0, TRUE)
- objFSO.DeleteFile myTmpIn, TRUE
- If Not (myRval = 0) Then
- MsgBox("Failed to process PEM cert with OpenSSL commandline!"), vbCritical, mySelf
+ myFh.Write myLabel & vbLf
+ myFh.Write String(Len(myLabel), "=") & vbLf
+ myPem = "-----BEGIN CERTIFICATE-----" & vbLf & _
+ Base64Encode(myData) & vbLf & _
+ "-----END CERTIFICATE-----" & vbLf
+ If (myOptTxt = FALSE) Then
+ myFh.Write myPem & vbLf
+ Else
+ Dim myCmd, myRval, myTmpIn, myTmpOut
+ myTmpIn = objFSO.GetSpecialFolder(2).Path & "\" & objFSO.GetTempName
+ myTmpOut = objFSO.GetSpecialFolder(2).Path & "\" & objFSO.GetTempName
+ Set myTmpFh = objFSO.OpenTextFile(myTmpIn, 2, TRUE)
+ myTmpFh.Write myPem
+ myTmpFh.Close
+ myCmd = myOpenssl & " x509 -md5 -fingerprint -text -inform PEM" & _
+ " -in " & myTmpIn & " -out " & myTmpOut
+ myRval = objShell.Run (myCmd, 0, TRUE)
+ objFSO.DeleteFile myTmpIn, TRUE
+ If Not (myRval = 0) Then
+ MsgBox("Failed to process PEM cert with OpenSSL commandline!"), vbCritical, mySelf
+ objFSO.DeleteFile myTmpOut, TRUE
+ WScript.Quit 3
+ End If
+ Set myTmpFh = objFSO.OpenTextFile(myTmpOut, 1)
+ myFh.Write myTmpFh.ReadAll & vbLf
+ myTmpFh.Close
objFSO.DeleteFile myTmpOut, TRUE
- WScript.Quit 3
End If
- Set myTmpFh = objFSO.OpenTextFile(myTmpOut, 1)
- myFh.Write myTmpFh.ReadAll & vbLf
- myTmpFh.Close
- objFSO.DeleteFile myTmpOut, TRUE
+ myNumCerts = myNumCerts + 1
End If
- myData = ""
- myNumCerts = myNumCerts + 1
Else
myOctets = Split(myLines(i), "\")
For j = 1 To UBound(myOctets)
@@ -169,6 +180,8 @@ For i = 0 To UBound(myLines) End If
If InstrRev(myLines(i), "CKA_VALUE MULTILINE_OCTAL") Then
myInsideCert = TRUE
+ myUntrusted = TRUE
+ myData = ""
End If
If InstrRev(myLines(i), "***** BEGIN LICENSE BLOCK *****") Then
myInsideLicense = TRUE
@@ -191,7 +204,8 @@ For i = 0 To UBound(myLines) End If
Next
myFh.Close
-objShell.PopUp "Done (" & myNumCerts & " CA certs processed).", 20, mySelf, vbInformation
+objShell.PopUp "Done (" & myNumCerts & " CA certs processed, " & myNumSkipped & _
+ " untrusted skipped).", 20, mySelf, vbInformation
WScript.Quit 0
Function ConvertBinaryData(arrBytes)
@@ -224,7 +238,8 @@ End Function Function Base64Encode(inData)
Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
- Dim cOut, sOut, I
+ Dim cOut, sOut, lWrap, I
+ lWrap = Int(myWrapLe * 3 / 4)
'For each group of 3 bytes
For I = 1 To Len(inData) Step 3
@@ -250,9 +265,9 @@ Function Base64Encode(inData) 'Add the part To OutPut string
sOut = sOut + pOut
- 'Add a new line For Each 76 chars In dest (76*3/4 = 57)
+ 'Add a new line For Each myWrapLe chars In dest
If (I < Len(inData) - 2) Then
- If (I + 2) Mod 57 = 0 Then sOut = sOut & vbLf
+ If (I + 2) Mod lWrap = 0 Then sOut = sOut & vbLf
End If
Next
Select Case Len(inData) Mod 3
|