luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

GHA: add shellcheck job and fix warnings, shell tidy-ups

Browse Source 
Reviewed-by: Daniel Stenberg
Closes #13307
This commit is contained in:
Viktor Szakats 2024-04-07 10:02:49 +00:00
parent 2c4f836f70
commit fa69b41c77
No known key found for this signature in database
GPG Key ID: B5ABD165E2AEF201
12 changed files with 441 additions and 415 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.github/scripts/shellcheck.sh vendored Executable file
View File

@ -0,0 +1,12 @@
#!/bin/sh
# Copyright (C) Viktor Szakats
#
# SPDX-License-Identifier: curl
# FIXME: packages/OS400/* scripts
shellcheck --version
# shellcheck disable=SC2046
shellcheck --exclude=1091 \
--enable=avoid-nullary-conditions,deprecate-which \
$(grep -l -E '^#!(/usr/bin/env bash|/bin/sh|/bin/bash)' $(git ls-files | grep -v -F 'packages/OS400/'))

28
.github/workflows/shellcheck.yml vendored Normal file
View File

@ -0,0 +1,28 @@
# Copyright (C) Viktor Szakats
#
# SPDX-License-Identifier: curl
name: shellcheck
on:
push:
branches:
- master
pull_request:
branches:
- master
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: {}
jobs:
shellcheck:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- name: 'shellcheck'
run: .github/scripts/shellcheck.sh

140
MacOSX-Framework
View File

@ -22,139 +22,143 @@
# SPDX-License-Identifier: curl # SPDX-License-Identifier: curl
# #
########################################################################### ###########################################################################
set -eu
# This script performs all of the steps needed to build a # This script performs all of the steps needed to build a
# universal binary libcurl.framework for Mac OS X 10.4 or greater. # universal binary libcurl.framework for Mac OS X 10.4 or greater.
# #
# Hendrik Visage: # Hendrik Visage:
# Generalizations added since Snowleopard (10.6) do not include # Generalizations added since Snow Leopard (10.6) do not include the 10.4 SDK.
# the 10.4u SDK.
# #
# Also note: # Also note:
# 10.5 is the *ONLY* SDK that support PPC64 :( -- 10.6 do not have ppc64 support # 10.5 is the *ONLY* SDK that support PPC64 :( -- 10.6 do not have PPC64 support
#If you need to have PPC64 support then change below to 1 # If you need to have PPC64 support then change below to 1
PPC64_NEEDED=0 PPC64_NEEDED=0
# Apple does not support building for PPC anymore in Xcode 4 and later. # Apple does not support building for PPC anymore in Xcode 4 and later.
# If you're using Xcode 3 or earlier and need PPC support, then change # If you are using Xcode 3 or earlier and need PPC support, then change
# the setting below to 1 # the setting below to 1
PPC_NEEDED=0 PPC_NEEDED=0
# For me the default is to develop for the platform I am on, and if you # For me the default is to develop for the platform I am on, and if you
#desire compatibility with older versions then change USE_OLD to 1 :) # desire compatibility with older versions then change USE_OLD to 1 :)
USE_OLD=0 USE_OLD=0
VERSION=`/usr/bin/sed -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' include/curl/curlver.h` VERSION=$(/usr/bin/sed -ne \
's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' include/curl/curlver.h)
FRAMEWORK_VERSION=Versions/Release-$VERSION FRAMEWORK_VERSION=Versions/Release-$VERSION
#I also wanted to "copy over" the system, and thus the reason I added the # I also wanted to "copy over" the system, and thus the reason I added the
# version to Versions/Release-7.20.1 etc. # version to Versions/Release-7.20.1 etc.
# now a simple rsync -vaP libcurl.framework /Library/Frameworks will install it # now a simple rsync -vaP libcurl.framework /Library/Frameworks will install it
# and setup the right paths to this version, leaving the system version # and setup the right paths to this version, leaving the system version
# "intact", so you can "fix" it later with the links to Versions/A/... # "intact", so you can "fix" it later with the links to Versions/A/...
DEVELOPER_PATH=`xcode-select --print-path` DEVELOPER_PATH=$(xcode-select --print-path)
# Around Xcode 4.3, SDKs were moved from the Developer folder into the # Around Xcode 4.3, SDKs were moved from the Developer folder into the
# MacOSX.platform folder # MacOSX.platform folder
if test -d "$DEVELOPER_PATH/Platforms/MacOSX.platform/Developer/SDKs"; then if test -d "$DEVELOPER_PATH/Platforms/MacOSX.platform/Developer/SDKs"; then
SDK_PATH="$DEVELOPER_PATH/Platforms/MacOSX.platform/Developer/SDKs" SDK_PATH="$DEVELOPER_PATH/Platforms/MacOSX.platform/Developer/SDKs"
else else
SDK_PATH="$DEVELOPER_PATH/SDKs" SDK_PATH="$DEVELOPER_PATH/SDKs"
fi fi
OLD_SDK=`ls $SDK_PATH|head -1` # FIXME
NEW_SDK=`ls -r $SDK_PATH|head -1` # shellcheck disable=SC2012
OLD_SDK=$(ls "$SDK_PATH" | head -1)
# FIXME
# shellcheck disable=SC2012
NEW_SDK=$(ls -r "$SDK_PATH" | head -1)
if test "0"$USE_OLD -gt 0 if test "0$USE_OLD" -gt 0; then
then SDK32=$OLD_SDK
SDK32=$OLD_SDK
else else
SDK32=$NEW_SDK SDK32=$NEW_SDK
fi fi
MACVER=`echo $SDK32|sed -e s/[a-zA-Z]//g -e s/.\$//`
SDK32_DIR=$SDK_PATH/$SDK32 SDK32_DIR=$SDK_PATH/$SDK32
MINVER32='-mmacosx-version-min='$MACVER if test "$PPC_NEEDED" -gt 0; then
if test $PPC_NEEDED -gt 0; then ARCHES32='-arch i386 -arch ppc'
ARCHES32='-arch i386 -arch ppc'
else else
ARCHES32='-arch i386' ARCHES32='-arch i386'
fi fi
if test $PPC64_NEEDED -gt 0 if test "$PPC64_NEEDED" -gt 0; then
then
SDK64=10.5 SDK64=10.5
ARCHES64='-arch x86_64 -arch ppc64' ARCHES64='-arch x86_64 -arch ppc64'
SDK64=`ls $SDK_PATH | grep "10\.5" | head -1` # FIXME
# shellcheck disable=SC2010
SDK64=$(ls "$SDK_PATH" | grep "10\.5" | head -1)
else else
ARCHES64='-arch x86_64' ARCHES64='-arch x86_64'
#We "know" that 10.4 and earlier do not support 64bit # We "know" that 10.4 and earlier do not support 64-bit
OLD_SDK64=`ls $SDK_PATH | grep -v "10\.[0-4]" | head -1` # FIXME
NEW_SDK64=`ls -r $SDK_PATH | grep -v "10\.[0-4][^0-9]" | head -1` # shellcheck disable=SC2010
if test $USE_OLD -gt 0 OLD_SDK64=$(ls "$SDK_PATH" | grep -v "10\.[0-4]" | head -1)
then # FIXME
SDK64=$OLD_SDK64 # shellcheck disable=SC2010
NEW_SDK64=$(ls -r "$SDK_PATH" | grep -v "10\.[0-4][^0-9]" | head -1)
if test "$USE_OLD" -gt 0; then
SDK64=$OLD_SDK64
else else
SDK64=$NEW_SDK64 SDK64=$NEW_SDK64
fi fi
fi fi
SDK64_DIR=$SDK_PATH/$SDK64 SDK64_DIR=$SDK_PATH/$SDK64
MACVER64=`echo $SDK64|sed -e s/[a-zA-Z]//g -e s/.\$//`
MINVER64='-mmacosx-version-min='$MACVER64 if test ! -z "$SDK32"; then
echo "----Configuring libcurl for 32-bit universal framework..."
if test ! -z $SDK32; then
echo "----Configuring libcurl for 32 bit universal framework..."
make clean make clean
./configure --disable-dependency-tracking --disable-static --with-gssapi --with-secure-transport \ ./configure --disable-dependency-tracking --disable-static --with-gssapi --with-secure-transport \
CFLAGS="-Os -isysroot $SDK32_DIR $ARCHES32" \ CFLAGS="-Os -isysroot $SDK32_DIR $ARCHES32" \
LDFLAGS="-Wl,-syslibroot,$SDK32_DIR $ARCHES32 -Wl,-headerpad_max_install_names" \ LDFLAGS="-Wl,-syslibroot,$SDK32_DIR $ARCHES32 -Wl,-headerpad_max_install_names" \
CC=$CC CC="$CC"
echo "----Building 32 bit libcurl..." echo "----Building 32-bit libcurl..."
make -j `sysctl -n hw.logicalcpu_max` make -j "$(sysctl -n hw.logicalcpu_max)"
echo "----Creating 32 bit framework..." echo "----Creating 32-bit framework..."
rm -r libcurl.framework rm -r libcurl.framework
mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Resources mkdir -p "libcurl.framework/${FRAMEWORK_VERSION}/Resources"
cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl cp lib/.libs/libcurl.dylib "libcurl.framework/${FRAMEWORK_VERSION}/libcurl"
install_name_tool -id @rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl install_name_tool -id "@rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl" "libcurl.framework/${FRAMEWORK_VERSION}/libcurl"
cp lib/libcurl.plist libcurl.framework/${FRAMEWORK_VERSION}/Resources/Info.plist cp lib/libcurl.plist "libcurl.framework/${FRAMEWORK_VERSION}/Resources/Info.plist"
mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl mkdir -p "libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl"
cp include/curl/*.h libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl cp include/curl/*.h "libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl"
pushd libcurl.framework pushd libcurl.framework
ln -fs ${FRAMEWORK_VERSION}/libcurl libcurl ln -fs "${FRAMEWORK_VERSION}/libcurl" libcurl
ln -fs ${FRAMEWORK_VERSION}/Resources Resources ln -fs "${FRAMEWORK_VERSION}/Resources" Resources
ln -fs ${FRAMEWORK_VERSION}/Headers Headers ln -fs "${FRAMEWORK_VERSION}/Headers" Headers
cd Versions cd Versions
ln -fs $(basename "${FRAMEWORK_VERSION}") Current ln -fs "$(basename "${FRAMEWORK_VERSION}")" Current
popd
echo Testing for SDK64 echo Testing for SDK64
if test -d $SDK64_DIR; then if test -d "$SDK64_DIR"; then
echo entering... echo entering...
popd
make clean make clean
echo "----Configuring libcurl for 64 bit universal framework..." echo "----Configuring libcurl for 64-bit universal framework..."
./configure --disable-dependency-tracking --disable-static --with-gssapi --with-secure-transport \ ./configure --disable-dependency-tracking --disable-static --with-gssapi --with-secure-transport \
CFLAGS="-Os -isysroot $SDK64_DIR $ARCHES64" \ CFLAGS="-Os -isysroot $SDK64_DIR $ARCHES64" \
LDFLAGS="-Wl,-syslibroot,$SDK64_DIR $ARCHES64 -Wl,-headerpad_max_install_names" \ LDFLAGS="-Wl,-syslibroot,$SDK64_DIR $ARCHES64 -Wl,-headerpad_max_install_names" \
CC=$CC CC="$CC"
echo "----Building 64 bit libcurl..." echo "----Building 64-bit libcurl..."
make -j `sysctl -n hw.logicalcpu_max` make -j "$(sysctl -n hw.logicalcpu_max)"
echo "----Appending 64 bit framework to 32 bit framework..." echo "----Appending 64-bit framework to 32-bit framework..."
cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 cp lib/.libs/libcurl.dylib "libcurl.framework/${FRAMEWORK_VERSION}/libcurl64"
install_name_tool -id @rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 install_name_tool -id "@rpath/libcurl.framework/${FRAMEWORK_VERSION}/libcurl" "libcurl.framework/${FRAMEWORK_VERSION}/libcurl64"
cp libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 cp "libcurl.framework/${FRAMEWORK_VERSION}/libcurl" "libcurl.framework/${FRAMEWORK_VERSION}/libcurl32"
pwd pwd
lipo libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 -create -output libcurl.framework/${FRAMEWORK_VERSION}/libcurl lipo "libcurl.framework/${FRAMEWORK_VERSION}/libcurl32" "libcurl.framework/${FRAMEWORK_VERSION}/libcurl64" -create -output "libcurl.framework/${FRAMEWORK_VERSION}/libcurl"
rm libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 rm "libcurl.framework/${FRAMEWORK_VERSION}/libcurl32" "libcurl.framework/${FRAMEWORK_VERSION}/libcurl64"
fi fi
pwd pwd
lipo -info libcurl.framework/${FRAMEWORK_VERSION}/libcurl lipo -info "libcurl.framework/${FRAMEWORK_VERSION}/libcurl"
echo "libcurl.framework is built and can now be included in other projects." echo "libcurl.framework is built and can now be included in other projects."
echo "Copy libcurl.framework to your bundle's Contents/Frameworks folder, ~/Library/Frameworks or /Library/Frameworks." echo "Copy libcurl.framework to your bundle's Contents/Frameworks folder, ~/Library/Frameworks or /Library/Frameworks."
else else
echo "Building libcurl.framework requires Mac OS X 10.4 or later with the MacOSX10.4/5/6 SDK installed." echo "Building libcurl.framework requires Mac OS X 10.4 or later with Mac OS X 10.4/5/6 SDK installed."
fi fi

265
curl-config.in
View File

@ -1,4 +1,4 @@
#! /bin/sh #!/bin/sh
#*************************************************************************** #***************************************************************************
# _ _ ____ _ # _ _ ____ _
# Project ___| | | | _ \| | # Project ___| | | | _ \| |
@ -24,173 +24,170 @@
########################################################################### ###########################################################################
prefix="@prefix@" prefix="@prefix@"
# Used in @libdir@
# shellcheck disable=SC2034
exec_prefix=@exec_prefix@ exec_prefix=@exec_prefix@
# shellcheck disable=SC2034
includedir=@includedir@ includedir=@includedir@
cppflag_curl_staticlib=@CPPFLAG_CURL_STATICLIB@ cppflag_curl_staticlib=@CPPFLAG_CURL_STATICLIB@
usage() usage()
{ {
cat <<EOF cat <<EOF
Usage: curl-config [OPTION] Usage: curl-config [OPTION]
Available values for OPTION include: Available values for OPTION include:
--built-shared says 'yes' if libcurl was built shared --built-shared says 'yes' if libcurl was built shared
--ca ca bundle install path --ca CA bundle install path
--cc compiler --cc compiler
--cflags pre-processor and compiler flags --cflags preprocessor and compiler flags
--checkfor [version] check for (lib)curl of the specified version --checkfor [version] check for (lib)curl of the specified version
--configure the arguments given to configure when building curl --configure the arguments given to configure when building curl
--features newline separated list of enabled features --features newline separated list of enabled features
--help display this help and exit --help display this help and exit
--libs library linking information --libs library linking information
--prefix curl install prefix --prefix curl install prefix
--protocols newline separated list of enabled protocols --protocols newline separated list of enabled protocols
--ssl-backends output the SSL backends libcurl was built to support --ssl-backends output the SSL backends libcurl was built to support
--static-libs static libcurl library linking information --static-libs static libcurl library linking information
--version output version information --version output version information
--vernum output the version information as a number (hexadecimal) --vernum output version as a hexadecimal number
EOF EOF
exit $1 exit "$1"
} }
if test $# -eq 0; then if test "$#" -eq 0; then
usage 1 usage 1
fi fi
while test $# -gt 0; do while test "$#" -gt 0; do
case "$1" in case "$1" in
# this deals with options in the style --built-shared)
# --option=value and extracts the value part echo '@ENABLE_SHARED@'
# [not currently used] ;;
-*=*) value=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
*) value= ;;
esac
case "$1" in --ca)
--built-shared) echo '@CURL_CA_BUNDLE@'
echo @ENABLE_SHARED@ ;;
;;
--ca) --cc)
echo @CURL_CA_BUNDLE@ echo '@CC@'
;; ;;
--cc) --prefix)
echo "@CC@" echo "$prefix"
;; ;;
--prefix) --feature|--features)
echo "$prefix" for feature in @SUPPORT_FEATURES@ ""; do
;; test -n "$feature" && echo "$feature"
done
;;
--feature|--features) --protocols)
for feature in @SUPPORT_FEATURES@ ""; do # shellcheck disable=SC2043
test -n "$feature" && echo "$feature" for protocol in @SUPPORT_PROTOCOLS@; do
done echo "$protocol"
;; done
;;
--protocols) --version)
for protocol in @SUPPORT_PROTOCOLS@; do echo 'libcurl @CURLVERSION@'
echo "$protocol" exit 0
done ;;
;;
--version) --checkfor)
echo libcurl @CURLVERSION@ checkfor=$2
cmajor=$(echo "$checkfor" | cut -d. -f1)
cminor=$(echo "$checkfor" | cut -d. -f2)
# when extracting the patch part we strip off everything after a
# dash as that's used for things like version 1.2.3-pre1
cpatch=$(echo "$checkfor" | cut -d. -f3 | cut -d- -f1)
vmajor=$(echo '@CURLVERSION@' | cut -d. -f1)
vminor=$(echo '@CURLVERSION@' | cut -d. -f2)
# when extracting the patch part we strip off everything after a
# dash as that's used for things like version 1.2.3-pre1
vpatch=$(echo '@CURLVERSION@' | cut -d. -f3 | cut -d- -f1)
if test "$vmajor" -gt "$cmajor"; then
exit 0
fi
if test "$vmajor" -eq "$cmajor"; then
if test "$vminor" -gt "$cminor"; then
exit 0 exit 0
;; fi
if test "$vminor" -eq "$cminor"; then
--checkfor) if test "$cpatch" -le "$vpatch"; then
checkfor=$2 exit 0
cmajor=`echo $checkfor | cut -d. -f1`
cminor=`echo $checkfor | cut -d. -f2`
# when extracting the patch part we strip off everything after a
# dash as that's used for things like version 1.2.3-CVS
cpatch=`echo $checkfor | cut -d. -f3 | cut -d- -f1`
vmajor=`echo @CURLVERSION@ | cut -d. -f1`
vminor=`echo @CURLVERSION@ | cut -d. -f2`
# when extracting the patch part we strip off everything after a
# dash as that's used for things like version 1.2.3-CVS
vpatch=`echo @CURLVERSION@ | cut -d. -f3 | cut -d- -f1`
if test "$vmajor" -gt "$cmajor"; then
exit 0;
fi
if test "$vmajor" -eq "$cmajor"; then
if test "$vminor" -gt "$cminor"; then
exit 0
fi
if test "$vminor" -eq "$cminor"; then
if test "$cpatch" -le "$vpatch"; then
exit 0
fi
fi
fi fi
fi
fi
echo "requested version $checkfor is newer than existing @CURLVERSION@" echo "requested version $checkfor is newer than existing @CURLVERSION@"
exit 1 exit 1
;; ;;
--vernum) --vernum)
echo @VERSIONNUM@ echo '@VERSIONNUM@'
exit 0 exit 0
;; ;;
--help) --help)
usage 0 usage 0
;; ;;
--cflags) --cflags)
if test "X$cppflag_curl_staticlib" = "X-DCURL_STATICLIB"; then if test "X$cppflag_curl_staticlib" = "X-DCURL_STATICLIB"; then
CPPFLAG_CURL_STATICLIB="-DCURL_STATICLIB " CPPFLAG_CURL_STATICLIB="-DCURL_STATICLIB "
else else
CPPFLAG_CURL_STATICLIB="" CPPFLAG_CURL_STATICLIB=""
fi fi
if test "X@includedir@" = "X/usr/include"; then if test "X@includedir@" = "X/usr/include"; then
echo "$CPPFLAG_CURL_STATICLIB" echo "${CPPFLAG_CURL_STATICLIB}"
else else
echo "${CPPFLAG_CURL_STATICLIB}-I@includedir@" echo "${CPPFLAG_CURL_STATICLIB}-I@includedir@"
fi fi
;; ;;
--libs) --libs)
if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
CURLLIBDIR="-L@libdir@ " CURLLIBDIR="-L@libdir@ "
else else
CURLLIBDIR="" CURLLIBDIR=""
fi fi
if test "X@ENABLE_SHARED@" = "Xno"; then if test "X@ENABLE_SHARED@" = "Xno"; then
echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@ echo "${CURLLIBDIR}-lcurl @LIBCURL_LIBS@"
else else
echo ${CURLLIBDIR}-lcurl echo "${CURLLIBDIR}-lcurl"
fi fi
;; ;;
--ssl-backends)
echo "@SSL_BACKENDS@"
;;
--static-libs) --ssl-backends)
if test "X@ENABLE_STATIC@" != "Xno" ; then echo '@SSL_BACKENDS@'
echo "@libdir@/libcurl.@libext@" @LDFLAGS@ @LIBCURL_LIBS@ ;;
else
echo "curl was built with static libraries disabled" >&2
exit 1
fi
;;
--configure) --static-libs)
echo @CONFIGURE_OPTIONS@ if test "X@ENABLE_STATIC@" != "Xno" ; then
;; echo "@libdir@/libcurl.@libext@" @LDFLAGS@ @LIBCURL_LIBS@
else
echo 'curl was built with static libraries disabled' >&2
exit 1
fi
;;
*) --configure)
echo "unknown option: $1" echo @CONFIGURE_OPTIONS@
usage 1 ;;
;;
esac *)
shift echo "unknown option: $1"
usage 1
;;
esac
shift
done done
exit 0 exit 0

70
scripts/contributors.sh
View File

@ -29,21 +29,21 @@
# RELEASE-NOTES. # RELEASE-NOTES.
# #
start=$1 set -eu
start="${1:-}"
if test "$start" = "-h"; then if test "$start" = "-h"; then
echo "Usage: $0 <since this tag/hash> [--releasenotes]" echo "Usage: $0 <since this tag/hash> [--releasenotes]"
exit exit
fi fi
if test -z "$start"; then if test -z "$start"; then
start=`git tag --sort=taggerdate | grep "^curl-" | tail -1`; start=$(git tag --sort=taggerdate | grep "^curl-" | tail -1)
echo "Since $start:" echo "Since $start:"
fi fi
# We also include curl-www if possible. Override by setting CURLWWW # We also include curl-www if possible. Override by setting CURLWWW
if [ -z "$CURLWWW" ] ; then CURLWWW="${CURLWWW:-../curl-www}"
CURLWWW=../curl-www
fi
# filter out Author:, Commit: and *by: lines # filter out Author:, Commit: and *by: lines
# cut off the email parts # cut off the email parts
@ -55,31 +55,30 @@ fi
# sort all unique names # sort all unique names
# awk them into RELEASE-NOTES format # awk them into RELEASE-NOTES format
( {
( {
git log --pretty=full --use-mailmap $start..HEAD git log --pretty=full --use-mailmap "$start..HEAD"
if [ -d "$CURLWWW" ] if [ -d "$CURLWWW" ]; then
then git -C "$CURLWWW" log --pretty=full --use-mailmap "$start..HEAD"
git -C "$CURLWWW" log --pretty=full --use-mailmap $start..HEAD fi
fi } | \
) | \ grep -Eai '(^Author|^Commit|by):' | \
grep -Eai '(^Author|^Commit|by):' | \ cut -d: -f2- | \
cut -d: -f2- | \ cut '-d(' -f1 | \
cut '-d(' -f1 | \ cut '-d<' -f1 | \
cut '-d<' -f1 | \ tr , '\012' | \
tr , '\012' | \ sed 's/ at github/ on github/' | \
sed 's/ at github/ on github/' | \ sed 's/ and /\n/' | \
sed 's/ and /\n/' | \ sed -e 's/^ *//' -e 's/ $//g' -e 's/@users.noreply.github.com$/ on github/'
sed -e 's/^ *//' -e 's/ $//g' -e 's/@users.noreply.github.com$/ on github/'
grep -a "^ [^ \(]" RELEASE-NOTES| \ grep -a "^ [^ \(]" RELEASE-NOTES| \
sed 's/, */\n/g'| \ sed 's/, */\n/g'| \
sed 's/^ *//' sed 's/^ *//'
} | \
)| \
sed -f ./docs/THANKS-filter | \ sed -f ./docs/THANKS-filter | \
sort -fu | \ sort -fu | \
awk '{ awk '
{
if(length($0)) { if(length($0)) {
num++; num++;
n = sprintf("%s%s%s,", n, length(n)?" ":"", $0); n = sprintf("%s%s%s,", n, length(n)?" ":"", $0);
@ -92,10 +91,9 @@ awk '{
} }
} }
END { END {
pp=substr(p,1,length(p)-1); pp=substr(p,1,length(p)-1);
printf(" %s\n", pp); printf(" %s\n", pp);
printf(" (%d contributors)\n", num); printf(" (%d contributors)\n", num);
} }
' '

58
scripts/contrithanks.sh
View File

@ -28,50 +28,46 @@
# puts them at the end of the THANKS document on stdout # puts them at the end of the THANKS document on stdout
# #
start=$1 set -eu
start="${1:-}"
if test "$start" = "-h"; then if test "$start" = "-h"; then
echo "Usage: $0 <since this tag/hash>" echo "Usage: $0 <since this tag/hash>"
exit exit
fi fi
if test -z "$start"; then if test -z "$start"; then
start=`git tag --sort=taggerdate | grep "^curl-" | tail -1`; start=$(git tag --sort=taggerdate | grep "^curl-" | tail -1)
fi fi
# We also include curl-www if possible. Override by setting CURLWWW # We also include curl-www if possible. Override by setting CURLWWW
if [ -z "$CURLWWW" ] ; then CURLWWW="${CURLWWW:-../curl-www}"
CURLWWW=../curl-www
fi
cat ./docs/THANKS cat ./docs/THANKS
( {
( {
git log --use-mailmap $start..HEAD git log --use-mailmap "$start..HEAD"
if [ -d "$CURLWWW" ] if [ -d "$CURLWWW" ]; then
then git -C ../curl-www log --use-mailmap "$start..HEAD"
git -C ../curl-www log --use-mailmap $start..HEAD fi
fi } | \
) | \ grep -Eai '(^Author|^Commit|by):' | \
cut -d: -f2- | \
cut '-d(' -f1 | \
cut '-d<' -f1 | \
tr , '\012' | \
sed 's/ at github/ on github/' | \
sed 's/ and /\n/' | \
sed -e 's/^ //' -e 's/ $//g' -e 's/@users.noreply.github.com$/ on github/'
grep -Eai '(^Author|^Commit|by):' | \ # grep out the list of names from RELEASE-NOTES
cut -d: -f2- | \ # split on ", "
cut '-d(' -f1 | \ # remove leading whitespace
cut '-d<' -f1 | \ grep -a "^ [^ (]" RELEASE-NOTES| \
tr , '\012' | \ sed 's/, */\n/g'| \
sed 's/ at github/ on github/' | \ sed 's/^ *//'
sed 's/ and /\n/' | \ } | \
sed -e 's/^ //' -e 's/ $//g' -e 's/@users.noreply.github.com$/ on github/'
# grep out the list of names from RELEASE-NOTES
# split on ", "
# remove leading whitespace
grep -a "^ [^ (]" RELEASE-NOTES| \
sed 's/, */\n/g'| \
sed 's/^ *//'
)| \
sed -f ./docs/THANKS-filter | \ sed -f ./docs/THANKS-filter | \
sort -fu | \ sort -fu | \
grep -aixvf ./docs/THANKS grep -aixvf ./docs/THANKS

2
scripts/coverage.sh
View File

@ -23,6 +23,8 @@
# #
########################################################################### ###########################################################################
set -eu
autoreconf -fi autoreconf -fi
mkdir -p cvr mkdir -p cvr
cd cvr cd cvr

11
scripts/firefox-db2pem.sh
View File

@ -26,8 +26,11 @@
# It extracts all ca certs it finds in the local Firefox database and converts # It extracts all ca certs it finds in the local Firefox database and converts
# them all into PEM format. # them all into PEM format.
# #
db=$(ls -1d $HOME/.mozilla/firefox/*default*)
out=$1 set -eu
db=$(ls -1d "$HOME"/.mozilla/firefox/*default*)
out="${1:-}"
if test -z "$out"; then if test -z "$out"; then
out="ca-bundle.crt" # use a sensible default out="ca-bundle.crt" # use a sensible default
@ -35,7 +38,7 @@ fi
currentdate=$(date) currentdate=$(date)
cat >$out <<EOF cat > "$out" <<EOF
## ##
## Bundle of CA Root Certificates ## Bundle of CA Root Certificates
## ##
@ -52,4 +55,4 @@ sort | \
while read -r nickname; \ while read -r nickname; \
do echo "$nickname" | sed -e "s/Builtin Object Token://g"; \ do echo "$nickname" | sed -e "s/Builtin Object Token://g"; \
eval certutil -d "$db" -L -n "$nickname" -a ; \ eval certutil -d "$db" -L -n "$nickname" -a ; \
done >> $out done >> "$out"

24
scripts/installcheck.sh
View File

@ -1,4 +1,4 @@
#!/bin/bash #!/usr/bin/env bash
#*************************************************************************** #***************************************************************************
# _ _ ____ _ # _ _ ____ _
# Project ___| | | | _ \| | # Project ___| | | | _ \| |
@ -23,28 +23,30 @@
# #
########################################################################### ###########################################################################
PREFIX=$1 set -eu
PREFIX="${1:-}"
# Run this script in the root of the git clone. Point out the install prefix # Run this script in the root of the git clone. Point out the install prefix
# where 'make install' has already installed curl. # where 'make install' has already installed curl.
if test -z "$1"; then if test -z "$PREFIX"; then
echo "scripts/installcheck.sh [PREFIX]" echo "scripts/installcheck.sh [PREFIX]"
exit exit
fi fi
diff -u <(find docs/libcurl/ -name "*.3" -printf "%f\n" | grep -v template| sort) <(find $PREFIX/share/man/ -name "*.3" -printf "%f\n" | sort) diff -u <(find docs/libcurl/ -name "*.3" -printf "%f\n" | grep -v template | sort) <(find "$PREFIX/share/man/" -name "*.3" -printf "%f\n" | sort)
if test "$?" -ne "0"; then if test "$?" -ne "0"; then
echo "ERROR: installed libcurl docs mismatch" echo "ERROR: installed libcurl docs mismatch"
exit 2 exit 2
fi fi
diff -u <(find include/ -name "*.h" -printf "%f\n" | sort) <(find $PREFIX/include/ -name "*.h" -printf "%f\n" | sort) diff -u <(find include/ -name "*.h" -printf "%f\n" | sort) <(find "$PREFIX/include/" -name "*.h" -printf "%f\n" | sort)
if test "$?" -ne "0"; then if test "$?" -ne "0"; then
echo "ERROR: installed include files mismatch" echo "ERROR: installed include files mismatch"
exit 1 exit 1
fi fi
echo "installcheck: installed libcurl docs and include files look good" echo "installcheck: installed libcurl docs and include files look good"

10
scripts/release-tools.sh
View File

@ -23,6 +23,8 @@
# #
########################################################################### ###########################################################################
set -eu
cat <<MOO cat <<MOO
# Release tools # Release tools
@ -31,14 +33,14 @@ produce this release tarball.
MOO MOO
exists=`which dpkg`; exists=$(command -v dpkg 2>/dev/null)
if test ! -e "$exists"; then if test ! -e "$exists"; then
echo "(unknown, could not find dpkg)" echo "(unknown, could not find dpkg)"
exit exit
fi fi
debian() { debian() {
echo - $1: `dpkg -l $1 | grep ^ii | awk '{print $3}'` echo "- $1: $(dpkg -l "$1" | grep ^ii | awk '{print $3}')"
} }
debian autoconf debian autoconf
debian automake debian automake

85
tests/certs/scripts/genroot.sh
View File

@ -1,4 +1,4 @@
#!/bin/bash #!/usr/bin/env bash
#*************************************************************************** #***************************************************************************
# _ _ ____ _ # _ _ ____ _
# Project ___| | | | _ \| | # Project ___| | | | _ \| |
@ -23,67 +23,58 @@
# #
########################################################################### ###########################################################################
# exit on first fail
set -eu
OPENSSL=openssl OPENSSL=openssl
if [ -f /usr/local/ssl/bin/openssl ] ; then if [ -f /usr/local/ssl/bin/openssl ]; then
OPENSSL=/usr/local/ssl/bin/openssl OPENSSL=/usr/local/ssl/bin/openssl
fi fi
USAGE="echo Usage is genroot.sh \<name\>" USAGE='echo Usage is genroot.sh <name>'
HOME=`pwd` HOME=$(pwd)
cd $HOME cd "$HOME"
KEYSIZE=2048 KEYSIZE=2048
DURATION=6000 DURATION=6000
# The -sha256 option was introduced in OpenSSL 1.0.1 # The -sha256 option was introduced in OpenSSL 1.0.1
DIGESTALGO=-sha256 DIGESTALGO=-sha256
PREFIX=$1 NOTOK=
if [ ".$PREFIX" = . ] ; then
echo No configuration prefix PREFIX="${1:-}"
NOTOK=1 if [ -z "$PREFIX" ]; then
echo 'No configuration prefix'
NOTOK=1
else else
if [ ! -f $PREFIX-ca.prm ] ; then if [ ! -f "$PREFIX-ca.prm" ]; then
echo No configuration file $PREFIX-ca.prm echo "No configuration file $PREFIX-ca.prm"
NOTOK=1 NOTOK=1
fi fi
fi fi
if [ ".$NOTOK" != . ] ; then if [ -n "$NOTOK" ]; then
echo "Sorry, I can't do that for you." echo 'Sorry, I cannot do that for you.'
$USAGE $USAGE
exit exit
fi fi
GETSERIAL="\$t = time ;\$d = \$t . substr(\$t+$$ ,-4,4)-1;print \$d" SERIAL="$(date +'%s')${RANDOM:(-4)}"
SERIAL=`/usr/bin/env perl -e "$GETSERIAL"`
# exit on first fail echo "SERIAL=$SERIAL PREFIX=$PREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE"
set -e
echo SERIAL=$SERIAL PREFIX=$PREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE set -x
echo "openssl genrsa -out $PREFIX-ca.key -passout XXX $KEYSIZE" "$OPENSSL" genrsa -out "$PREFIX-ca.key" -passout fd:0 "$KEYSIZE" <<EOF
openssl genrsa -out $PREFIX-ca.key -passout pass:secret $KEYSIZE pass:secret
EOF
echo "openssl req -config $PREFIX-ca.prm -new -key $PREFIX-ca.key -out $PREFIX-ca.csr" "$OPENSSL" req -config "$PREFIX-ca.prm" -new -key "$PREFIX-ca.key" -out "$PREFIX-ca.csr" -passin fd:0 <<EOF
$OPENSSL req -config $PREFIX-ca.prm -new -key $PREFIX-ca.key -out $PREFIX-ca.csr -passin pass:secret pass:secret
EOF
echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL.ca-cacert $DIGESTALGO " "$OPENSSL" x509 -set_serial "$SERIAL" -extfile "$PREFIX-ca.prm" -days "$DURATION" -req -signkey "$PREFIX-ca.key" -in "$PREFIX-ca.csr" -out "$PREFIX-$SERIAL-ca.cacert" "$DIGESTALGO"
"$OPENSSL" x509 -text -in "$PREFIX-$SERIAL-ca.cacert" -nameopt multiline > "$PREFIX-ca.cacert"
$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert $DIGESTALGO "$OPENSSL" x509 -in "$PREFIX-ca.cacert" -outform der -out "$PREFIX-ca.der"
"$OPENSSL" x509 -in "$PREFIX-ca.cacert" -text -nameopt multiline > "$PREFIX-ca.crt"
echo "openssl x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert " "$OPENSSL" x509 -noout -text -in "$PREFIX-ca.cacert" -nameopt multiline
$OPENSSL x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert # "$OPENSSL" rsa -in "../keys/$PREFIX-ca.key" -text -noout -pubout
echo "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der "
$OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der
echo "openssl x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt "
$OPENSSL x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt
echo "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline"
$OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline
#$OPENSSL rsa -in ../keys/$PREFIX-ca.key -text -noout -pubout

151
tests/certs/scripts/genserv.sh
View File

@ -1,4 +1,4 @@
#!/bin/bash #!/usr/bin/env bash
#*************************************************************************** #***************************************************************************
# _ _ ____ _ # _ _ ____ _
# Project ___| | | | _ \| | # Project ___| | | | _ \| |
@ -23,18 +23,18 @@
# #
########################################################################### ###########################################################################
# exit on first fail
set -eu
OPENSSL=openssl OPENSSL=openssl
if [ -f /usr/local/ssl/bin/openssl ] ; then if [ -f /usr/local/ssl/bin/openssl ]; then
OPENSSL=/usr/local/ssl/bin/openssl OPENSSL=/usr/local/ssl/bin/openssl
fi fi
USAGE="echo Usage is genserv.sh <prefix> <caprefix>" USAGE='echo Usage is genserv.sh <prefix> <caprefix>'
# exit on first fail HOME=$(pwd)
set -e cd "$HOME"
HOME=`pwd`
cd $HOME
KEYSIZE=2048 KEYSIZE=2048
DURATION=3000 DURATION=3000
@ -45,99 +45,90 @@ REQ=YES
P12=NO P12=NO
DHP=NO DHP=NO
PREFIX=$1 NOTOK=
if [ ".$PREFIX" = . ] ; then
echo No configuration prefix PREFIX="${1:-}"
NOTOK=1 if [ -z "$PREFIX" ]; then
echo 'No configuration prefix'
NOTOK=1
else else
if [ ! -f $PREFIX-sv.prm ] ; then if [ ! -f "$PREFIX-sv.prm" ]; then
echo No configuration file $PREFIX-sv.prm echo "No configuration file $PREFIX-sv.prm"
NOTOK=1 NOTOK=1
fi fi
fi fi
CAPREFIX=$2 CAPREFIX="${2:-}"
if [ ".$CAPREFIX" = . ] ; then if [ -z "$CAPREFIX" ]; then
echo No CA prefix echo No CA prefix
NOTOK=1 NOTOK=1
else else
if [ ! -f $CAPREFIX-ca.cacert ] ; then if [ ! -f "$CAPREFIX-ca.cacert" ]; then
echo No CA certificate file $CAPREFIX-ca.caert echo "No CA certificate file $CAPREFIX-ca.caert"
NOTOK=1 NOTOK=1
fi fi
if [ ! -f $CAPREFIX-ca.key ] ; then if [ ! -f "$CAPREFIX-ca.key" ]; then
echo No $CAPREFIX key echo "No $CAPREFIX key"
NOTOK=1 NOTOK=1
fi fi
fi fi
if [ ".$NOTOK" != . ] ; then if [ -n "$NOTOK" ]; then
echo "Sorry, I can't do that for you." echo 'Sorry, I cannot do that for you.'
$USAGE $USAGE
exit exit
fi fi
if [ ".$SERIAL" = . ] ; then if [ -z "${SERIAL:-}" ]; then
GETSERIAL="\$t = time ;\$d = \$t . substr(\$t+$$ ,-4,4)-1;print \$d" SERIAL="$(date +'%s')${RANDOM:(-4)}"
SERIAL=`/usr/bin/env perl -e "$GETSERIAL"`
fi fi
echo SERIAL=$SERIAL PREFIX=$PREFIX CAPREFIX=$CAPREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE echo "SERIAL=$SERIAL PREFIX=$PREFIX CAPREFIX=$CAPREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE"
if [ "$DHP." = YES. ] ; then set -x
echo "openssl dhparam -2 -out $PREFIX-sv.dhp $KEYSIZE"
$OPENSSL dhparam -2 -out $PREFIX-sv.dhp $KEYSIZE if [ "$DHP" = YES ]; then
"$OPENSSL" dhparam -2 -out "$PREFIX-sv.dhp" "$KEYSIZE"
fi
if [ "$REQ" = YES ]; then
"$OPENSSL" req -config "$PREFIX-sv.prm" -newkey "rsa:$KEYSIZE" -keyout "$PREFIX-sv.key" -out "$PREFIX-sv.csr" -passout fd:0 <<EOF
pass:secret
EOF
fi fi
if [ "$REQ." = YES. ] ; then "$OPENSSL" rsa -in "$PREFIX-sv.key" -out "$PREFIX-sv.key" -passin fd:0 <<EOF
echo "openssl req -config $PREFIX-sv.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-sv.key -out $PREFIX-sv.csr -passout XXX" pass:secret
$OPENSSL req -config $PREFIX-sv.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-sv.key -out $PREFIX-sv.csr -passout pass:secret EOF
echo 'pseudo secrets generated'
"$OPENSSL" rsa -in "$PREFIX-sv.key" -pubout -outform DER -out "$PREFIX-sv.pub.der"
"$OPENSSL" rsa -in "$PREFIX-sv.key" -pubout -outform PEM -out "$PREFIX-sv.pub.pem"
"$OPENSSL" x509 -set_serial "$SERIAL" -extfile "$PREFIX-sv.prm" -days "$DURATION" -CA "$CAPREFIX-ca.cacert" -CAkey "$CAPREFIX-ca.key" -in "$PREFIX-sv.csr" -req -text -nameopt multiline "$DIGESTALGO" > "$PREFIX-sv.crt"
if [ "$P12" = YES ]; then
"$OPENSSL" pkcs12 -export -des3 -out "$PREFIX-sv.p12" -caname "$CAPREFIX" -name "$PREFIX" -inkey "$PREFIX-sv.key" -in "$PREFIX-sv.crt" -certfile "$CAPREFIX-ca.crt"
fi fi
echo "openssl rsa -in $PREFIX-sv.key -out $PREFIX-sv.key" "$OPENSSL" x509 -noout -text -hash -in "$PREFIX-sv.crt" -nameopt multiline
$OPENSSL rsa -in $PREFIX-sv.key -out $PREFIX-sv.key -passin pass:secret
echo pseudo secrets generated
echo "openssl rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der"
$OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der
echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem"
$OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem
echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline $DIGESTALGO > $PREFIX-sv.crt "
$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline $DIGESTALGO > $PREFIX-sv.crt
if [ "$P12." = YES. ] ; then
echo "$OPENSSL pkcs12 -export -des3 -out $PREFIX-sv.p12 -caname $CAPREFIX -name $PREFIX -inkey $PREFIX-sv.key -in $PREFIX-sv.crt -certfile $CAPREFIX-ca.crt "
$OPENSSL pkcs12 -export -des3 -out $PREFIX-sv.p12 -caname $CAPREFIX -name $PREFIX -inkey $PREFIX-sv.key -in $PREFIX-sv.crt -certfile $CAPREFIX-ca.crt
fi
echo "openssl x509 -noout -text -hash -in $PREFIX-sv.selfcert -nameopt multiline"
$OPENSSL x509 -noout -text -hash -in $PREFIX-sv.crt -nameopt multiline
# revoke server cert # revoke server cert
touch $CAPREFIX-ca.db touch "$CAPREFIX-ca.db"
echo 01 > $CAPREFIX-ca.cnt echo 01 > "$CAPREFIX-ca.cnt"
echo "openssl ca -config $CAPREFIX-ca.cnf -revoke $PREFIX-sv.crt" "$OPENSSL" ca -config "$CAPREFIX-ca.cnf" -revoke "$PREFIX-sv.crt"
$OPENSSL ca -config $CAPREFIX-ca.cnf -revoke $PREFIX-sv.crt
# issue CRL # issue CRL
echo "openssl ca -config $CAPREFIX-ca.cnf -gencrl -out $PREFIX-sv.crl" "$OPENSSL" ca -config "$CAPREFIX-ca.cnf" -gencrl -out "$PREFIX-sv.crl"
$OPENSSL ca -config $CAPREFIX-ca.cnf -gencrl -out $PREFIX-sv.crl
echo "openssl x509 -in $PREFIX-sv.crt -outform der -out $PREFIX-sv.der " "$OPENSSL" x509 -in "$PREFIX-sv.crt" -outform der -out "$PREFIX-sv.der"
$OPENSSL x509 -in $PREFIX-sv.crt -outform der -out $PREFIX-sv.der
# all together now # all together now
touch $PREFIX-sv.dhp touch "$PREFIX-sv.dhp"
cat $PREFIX-sv.prm $PREFIX-sv.key $PREFIX-sv.crt $PREFIX-sv.dhp >$PREFIX-sv.pem cat "$PREFIX-sv.prm" "$PREFIX-sv.key" "$PREFIX-sv.crt" "$PREFIX-sv.dhp" > "$PREFIX-sv.pem"
chmod o-r $PREFIX-sv.prm chmod o-r "$PREFIX-sv.prm"
$OPENSSL x509 -in $PREFIX-sv.pem -pubkey -noout | \ "$OPENSSL" x509 -in "$PREFIX-sv.pem" -pubkey -noout | \
$OPENSSL pkey -pubin -outform der | $OPENSSL dgst -sha256 -binary | \ "$OPENSSL" pkey -pubin -outform der | "$OPENSSL" dgst -sha256 -binary | \
$OPENSSL enc -base64 >$PREFIX-sv.pubkey-pinned "$OPENSSL" enc -base64 > "$PREFIX-sv.pubkey-pinned"
echo "$PREFIX-sv.pem done" echo "$PREFIX-sv.pem done"