quickjs-tart

quickjs-based runtime for wallet-core logic
Log | Files | Refs | README | LICENSE

firefox-db2pem.sh (2107B)

      1 #!/bin/sh
      2 # ***************************************************************************
      3 # *                                  _   _ ____  _
      4 # *  Project                     ___| | | |  _ \| |
      5 # *                             / __| | | | |_) | |
      6 # *                            | (__| |_| |  _ <| |___
      7 # *                             \___|\___/|_| \_\_____|
      8 # *
      9 # * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
     10 # *
     11 # * This software is licensed as described in the file COPYING, which
     12 # * you should have received as part of this distribution. The terms
     13 # * are also available at https://curl.se/docs/copyright.html.
     14 # *
     15 # * You may opt to use, copy, modify, merge, publish, distribute and/or sell
     16 # * copies of the Software, and permit persons to whom the Software is
     17 # * furnished to do so, under the terms of the COPYING file.
     18 # *
     19 # * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
     20 # * KIND, either express or implied.
     21 # *
     22 # * SPDX-License-Identifier: curl
     23 # *
     24 # ***************************************************************************
     25 # This shell script creates a fresh ca-bundle.crt file for use with libcurl.
     26 # It extracts all ca certs it finds in the local Firefox database and converts
     27 # them all into PEM format.
     28 #
     29 # It uses the "certutil" command line tool from the NSS project to perform the
     30 # conversion. On Debian it comes in the "libnss3-tools" package.
     31 #
     32 
     33 set -eu
     34 
     35 db=$(ls -1d "$HOME"/.mozilla/firefox/*default*)
     36 out="${1:-}"
     37 
     38 if test -z "$out"; then
     39   out="ca-bundle.crt" # use a sensible default
     40 fi
     41 
     42 currentdate=$(date)
     43 
     44 cat > "$out" <<EOF
     45 ##
     46 ## Bundle of CA Root Certificates
     47 ##
     48 ## Converted at: ${currentdate}
     49 ## These were converted from the local Firefox directory by the db2pem script.
     50 ##
     51 EOF
     52 
     53 
     54 certutil -L -h 'Builtin Object Token' -d "$db" | \
     55 grep ' *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$' | \
     56 sed -e 's/ *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$//' -e 's/\(.*\)/"\1"/' | \
     57 sort | \
     58 while read -r nickname; \
     59  do echo "$nickname" | sed -e "s/Builtin Object Token://g"; \
     60  echo "$nickname" | xargs -I{} certutil -d "$db" -L -a -n {} ; \
     61 done >> "$out"