diff options
author | Parménides GV <parmegv@sdf.org> | 2014-06-11 11:56:59 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2014-06-11 19:50:54 +0200 |
commit | 3e121542d8b7ab5201c47bbd3ba5611a23c54759 (patch) | |
tree | a6035639e7baa88dd122d0d4e85791726606389a /app/openvpn/contrib/OCSP_check | |
parent | ac69881af1b7bfcdd185989f3e434556b1d62fed (diff) |
Correctly connects to millipede.
Location keyword on android.cfg isn't supported, EIP corresponding code
has been commented out. I think we should support it in ics-openvpn, so
that we can show the location instead of the server name.
I've updated all opensssl, openvpn, etc. subprojects from rev 813 of
ics-openvpn, and jni too.
Diffstat (limited to 'app/openvpn/contrib/OCSP_check')
-rw-r--r-- | app/openvpn/contrib/OCSP_check/OCSP_check.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/app/openvpn/contrib/OCSP_check/OCSP_check.sh b/app/openvpn/contrib/OCSP_check/OCSP_check.sh index 847be450..553c3dce 100644 --- a/app/openvpn/contrib/OCSP_check/OCSP_check.sh +++ b/app/openvpn/contrib/OCSP_check/OCSP_check.sh @@ -71,7 +71,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then # - The serial number must not be empty # - The exit status of "openssl ocsp" must be zero # - The output of the above command must contain the line - # "0x${serial}: good" + # "${serial}: good" # # Everything else fails with exit status 1. @@ -83,7 +83,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then # Sample output that is assumed here: # # Response verify OK - # 0x428740A5: good + # 4287405: good # This Update: Apr 24 19:38:49 2010 GMT # Next Update: May 2 14:23:42 2010 GMT # @@ -97,11 +97,11 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then "$nonce" \ -CAfile "$verify" \ -url "$ocsp_url" \ - -serial "0x${serial}" 2>/dev/null) + -serial "${serial}" 2>/dev/null) if [ $? -eq 0 ]; then # check that it's good - if echo "$status" | grep -Fq "0x${serial}: good"; then + if echo "$status" | grep -Fq "^${serial}: good"; then exit 0 fi fi |