| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- #!/bin/sh
- #
- # This script will extract the necessary certificate from the IMAP server
- # It assumes that an attacker isn't trying to spoof you when you connect
- # to the IMAP server! You're better off downloading the certificate
- # from a trusted source.
- #
- # Copyright (C) 2003 Theodore Ts'o <tytso@alum.mit.edu>
- # This program is free software; you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation; either version 2 of the License, or
- # (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program; if not, write to the Free Software
- # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- #
- HOST=$1
- TMPFILE=/tmp/get-cert.$$
- ERRFILE=/tmp/get-cert-err.$$
- CERTFILE=/tmp/cert.$$
- echo QUIT | openssl s_client -connect $HOST:993 -showcerts \
- > $TMPFILE 2> $ERRFILE
- sed -e '1,/^-----BEGIN CERTIFICATE-----/d' \
- -e '/^-----END CERTIFICATE-----/,$d' < $TMPFILE > $CERTFILE
- if test -s $CERTFILE ; then
- echo -----BEGIN CERTIFICATE-----
- cat $CERTFILE
- echo -----END CERTIFICATE-----
- else
- echo "Couldn't retrieve certificate. Openssl reported the following errors"
- cat $ERRFILE
- fi
- /bin/rm -f $TMPFILE $ERRFILE $CERTFILE
|
