From 362ff3c39703633ac53ba9130c7acc02177bedc5 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 12 Apr 2018 13:30:57 +0200 Subject: [PATCH] openssl rehash: use libcrypto variables for default dir X509_get_default_cert_dir_env() returns the default environment variable to check for certificate directories. X509_get_default_cert_dir() returns the default configured certificate directory. Use these instead of hard coding our own values, and thereby be more integrated with the rest of OpenSSL. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/5937) --- apps/rehash.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/apps/rehash.c b/apps/rehash.c index 6f2b5da4ad..2b6167f1de 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -479,13 +479,14 @@ int rehash_main(int argc, char **argv) if (*argv != NULL) { while (*argv != NULL) errs += do_dir(*argv++, h); - } else if ((env = getenv("SSL_CERT_DIR")) != NULL) { + } else if ((env = getenv(X509_get_default_cert_dir_env())) != NULL) { + char lsc[2] = { LIST_SEPARATOR_CHAR, '\0' }; m = OPENSSL_strdup(env); - for (e = strtok(m, ":"); e != NULL; e = strtok(NULL, ":")) + for (e = strtok(m, lsc); e != NULL; e = strtok(NULL, lsc)) errs += do_dir(e, h); OPENSSL_free(m); } else { - errs += do_dir("/etc/ssl/certs", h); + errs += do_dir(X509_get_default_cert_dir(), h); } end: -- 2.25.1