diff options
Diffstat (limited to 'certs/gencerts.sh')
| -rwxr-xr-x | certs/gencerts.sh | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh index 576d9ae..b25a7d3 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -1,29 +1,27 @@ #!/bin/sh set -ue PATH=/usr/bin:/bin if [ -n "${GNUPGBIN:-}" ]; then GPG="$GNUPGBIN" -elif [ -x /usr/bin/gpg2 ]; then - GPG=/usr/bin/gpg2 else GPG=gpg fi GPG_OPTS='--no-auto-check-trustdb --batch --no-verbose --yes' usage() { echo "Usage: $0 /path/to/certs.asc" >&2 exit 1 } header() { local i hdr [ "$typ" = mdwn ] && printf '\n### %s ###\n' "$*" \ || printf '\n%s\n%s\n' "$*" "$(for i in $(seq 1 ${#*}); do printf '%c' =; done)" } x509fpr() { local msg="$1" host pub h spki host="${msg%%,*}"; host="${host%% *}"; host="${host#\`}" pub="$DIR/${host%%:*}.pub" @@ -151,31 +149,31 @@ uses on its publicly available services. Please consider any mismatch as a man-in-the-middle attack, and let us know immediately! (See also the [signed version of this page](/certs.asc).) -- [the admin team](mailto:admin@fripost.org) These certificates are all issued by the [Let's Encrypt Certificate Authority](https://letsencrypt.org), and are submitted to [Certificate Transparency logs](https://www.certificate-transparency.org). You can view all issued Let's Encrypt certificates at [crt.sh](https://crt.sh/?Identity=%25fripost.org&iCAID=16418). The SPKI of our X.509 certificates are also available in PEM format under our [Git repository]($VCS_BROWSER/tree/certs/public), from which this fingerprint list was [generated]($VCS_BROWSER/tree/certs/gencerts.sh), at $(git --no-pager --git-dir="$DIR/../../.git" --work-tree="$DIR" log -1 --pretty=format:"[Commit ID %h from %aD]($VCS_BROWSER/tree/certs/public?id=%H)" -- "$DIR"). EOF allfpr mdwn >>"$mdwn2" echo >>"$src2" -if diff -u --label "a/${asc%.asc}" --label "b/${asc%.asc}" -- "$src" "$src2" && +if diff -u --color=auto --label "a/${asc%.asc}" --label "b/${asc%.asc}" -- "$src" "$src2" && diff -q -- "$mdwn" "$mdwn2" >/dev/null; then echo 'The fingerprint list is up to date.' else "$GPG" $GPG_OPTS --output="$asc2" --clearsign -- "$src2" cp -f "$asc2" "$asc" cp -f "$mdwn2" "$mdwn" echo ================================ echo "The fingerprint lists ($asc and $mdwn) have been updated!" echo '/!\ You should now push the changes to the wiki. /!\' fi |