113498266Sopenharmony_ci#!/bin/sh
213498266Sopenharmony_ci# ***************************************************************************
313498266Sopenharmony_ci# *                                  _   _ ____  _
413498266Sopenharmony_ci# *  Project                     ___| | | |  _ \| |
513498266Sopenharmony_ci# *                             / __| | | | |_) | |
613498266Sopenharmony_ci# *                            | (__| |_| |  _ <| |___
713498266Sopenharmony_ci# *                             \___|\___/|_| \_\_____|
813498266Sopenharmony_ci# *
913498266Sopenharmony_ci# * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
1013498266Sopenharmony_ci# *
1113498266Sopenharmony_ci# * This software is licensed as described in the file COPYING, which
1213498266Sopenharmony_ci# * you should have received as part of this distribution. The terms
1313498266Sopenharmony_ci# * are also available at https://curl.se/docs/copyright.html.
1413498266Sopenharmony_ci# *
1513498266Sopenharmony_ci# * You may opt to use, copy, modify, merge, publish, distribute and/or sell
1613498266Sopenharmony_ci# * copies of the Software, and permit persons to whom the Software is
1713498266Sopenharmony_ci# * furnished to do so, under the terms of the COPYING file.
1813498266Sopenharmony_ci# *
1913498266Sopenharmony_ci# * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
2013498266Sopenharmony_ci# * KIND, either express or implied.
2113498266Sopenharmony_ci# *
2213498266Sopenharmony_ci# * SPDX-License-Identifier: curl
2313498266Sopenharmony_ci# *
2413498266Sopenharmony_ci# ***************************************************************************
2513498266Sopenharmony_ci# This shell script creates a fresh ca-bundle.crt file for use with libcurl.
2613498266Sopenharmony_ci# It extracts all ca certs it finds in the local Firefox database and converts
2713498266Sopenharmony_ci# them all into PEM format.
2813498266Sopenharmony_ci#
2913498266Sopenharmony_cidb=$(ls -1d $HOME/.mozilla/firefox/*default*)
3013498266Sopenharmony_ciout=$1
3113498266Sopenharmony_ci
3213498266Sopenharmony_ciif test -z "$out"; then
3313498266Sopenharmony_ci  out="ca-bundle.crt" # use a sensible default
3413498266Sopenharmony_cifi
3513498266Sopenharmony_ci
3613498266Sopenharmony_cicurrentdate=$(date)
3713498266Sopenharmony_ci
3813498266Sopenharmony_cicat >$out <<EOF
3913498266Sopenharmony_ci##
4013498266Sopenharmony_ci## Bundle of CA Root Certificates
4113498266Sopenharmony_ci##
4213498266Sopenharmony_ci## Converted at: ${currentdate}
4313498266Sopenharmony_ci## These were converted from the local Firefox directory by the db2pem script.
4413498266Sopenharmony_ci##
4513498266Sopenharmony_ciEOF
4613498266Sopenharmony_ci
4713498266Sopenharmony_ci
4813498266Sopenharmony_cicertutil -L -h 'Builtin Object Token' -d "$db" | \
4913498266Sopenharmony_cigrep ' *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$' | \
5013498266Sopenharmony_cised -e 's/ *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$//' -e 's/\(.*\)/"\1"/' | \
5113498266Sopenharmony_cisort | \
5213498266Sopenharmony_ciwhile read -r nickname; \
5313498266Sopenharmony_ci do echo "$nickname" | sed -e "s/Builtin Object Token://g"; \
5413498266Sopenharmony_cieval certutil -d "$db" -L -n "$nickname" -a ; \
5513498266Sopenharmony_cidone >> $out
56