cURL / Mailing Lists / curl-library / Single Mail

curl-library

[PATCH] Only download and convert the certdata to the ca-bundle.crt if Mozilla changed the data

From: Ask Bjørn Hansen <ask_at_develooper.com>
Date: Sun, 13 Mar 2011 22:52:33 -0700

The Perl LWP module (which in a bit of a circular reference is used by
mk-ca-bundle.pl) is now indirectly using this script. I made this small tweak
to make it easier to automatically maintain the generated ca-bundle.crt file
in version control.

---
 lib/mk-ca-bundle.pl |   25 +++++++++++++------------
 1 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl
index d054f00..07f0920 100755
--- a/lib/mk-ca-bundle.pl
+++ b/lib/mk-ca-bundle.pl
@@ -75,20 +75,22 @@ my $crt = $ARGV[0] || 'ca-bundle.crt';
 my $txt = substr($url, rindex($url, '/') + 1);
 $txt =~ s/\?.*//;
 
-if (!$opt_n || !-e $txt) {
+my $resp;
+
+unless ($opt_n and -e $txt) {
   print "Downloading '$txt' ...\n" if (!$opt_q);
+
   my $ua  = new LWP::UserAgent(agent => "$0/$version");
-  my $req = new HTTP::Request('GET', $url);
-  my $res = $ua->request($req);
-  if ($res->is_success) {
-    open(TXT,">$txt") or die "Couldn't open $txt: $!";
-    print TXT $res->content . "\n";
-    close(TXT) or die "Couldn't close $txt: $!";
-  } else {
-    die $res->status_line;
-  }
+  $resp = $ua->mirror($url, 'certdata.txt');
 }
 
+if ($resp && $resp->code eq '304') {
+    print "Not modified\n" unless $opt_q;
+    exit 0;
+}
+
+my $currentdate = scalar gmtime($resp ? $resp->last_modified : (stat($txt))[9]);
+
 if ($opt_b && -e $crt) {
   my $bk = 1;
   while (-e "$crt.~${bk}~") {
@@ -98,13 +100,12 @@ if ($opt_b && -e $crt) {
 }
 
 my $format = $opt_t ? "plain text and " : "";
-my $currentdate = scalar gmtime() . " UTC";
 open(CRT,">$crt") or die "Couldn't open $crt: $!";
 print CRT <<EOT;
 ##
 ## $crt -- Bundle of CA Root Certificates
 ##
-## Converted at: ${currentdate}
+## Certificate data from Mozilla as of: ${currentdate}
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
-- 
1.7.2.1
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2011-03-14