diff options
author | Peter Powell <petpow@saberuk.com> | 2014-06-14 11:18:43 +0100 |
---|---|---|
committer | Attila Molnar <attilamolnar@hush.com> | 2014-06-28 14:32:22 +0200 |
commit | d97fabeb54c67a14a90f48c685b72d38c5229748 (patch) | |
tree | 7398d33e05a9e9159976cb65d298485f78387d91 /tools/genssl | |
parent | 8a28e50cd2f19c2766b3ed2278ad237ad788620a (diff) |
Fix warning from gnutls-certtool about --bits being deprecated.
This patch has made me extremely grateful for git-blame as the
GnuTLS developers apparently do not document when deprecation
warnings are introduced.
Diffstat (limited to 'tools/genssl')
-rwxr-xr-x | tools/genssl | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/tools/genssl b/tools/genssl index aa8d48300..073caa8f4 100755 --- a/tools/genssl +++ b/tools/genssl @@ -51,7 +51,7 @@ if ($#ARGV != 0 || $ARGV[0] !~ /^(?:auto|gnutls|openssl)$/i) { my $certtool = $^O eq 'darwin' ? 'gnutls-certtool' : 'certtool'; # Check whether the user has the required tools installed. -my $has_gnutls = !system "$certtool --version >/dev/null 2>&1"; +my $has_gnutls = `$certtool --version v 2>/dev/null`; my $has_openssl = !system 'openssl version >/dev/null 2>&1'; # The framework the user has specified. @@ -92,6 +92,8 @@ my $dercert; my $status = 0; if ($tool eq 'gnutls') { + $has_gnutls =~ /certtool.+?(\d+\.\d+)/; + my $sec_param = $1 lt '2.10' ? '--bits 2048' : '--sec-param normal'; my $tmp = new File::Temp(); print $tmp <<__GNUTLS_END__; cn = "$common_name" @@ -113,9 +115,9 @@ ocsp_signing_key time_stamping_key __GNUTLS_END__ close($tmp); - $status ||= system "$certtool --generate-privkey --outfile key.pem"; + $status ||= system "$certtool --generate-privkey $sec_param --outfile key.pem"; $status ||= system "$certtool --generate-self-signed --load-privkey key.pem --outfile cert.pem --template $tmp"; - $status ||= system "$certtool --generate-dh-params --bits 2048 --outfile dhparams.pem"; + $status ||= system "$certtool --generate-dh-params $sec_param --outfile dhparams.pem"; $dercert = `$certtool --certificate-info --infile cert.pem --outder` unless $status; } elsif ($tool eq 'openssl') { my $tmp = new File::Temp(); |