Adapt generate_sslroots.py to work with different openssl versions
Command [1] on openssl 1.1.1m and newer generates output
containing "unsigned char the_(subject_name|public_key|certificate)"
records, making it incompatible with current version of the script
that relies on "unsigned char XXX_".
This patch handles both cases by using regular expression so as
to match strings and provide an adequate replacement.
[1] - openssl x509 -in <path-to-cacert.pem> -noout -C
Bug: webrtc:11710
Change-Id: I46b87d2980ec2dd26660b93fcf9019254950ce12
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/257420
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Taylor Brandstetter <deadbeef@webrtc.org>
Reviewed-by: Christoffer Jansson <jansson@webrtc.org>
Commit-Queue: Christoffer Jansson <jansson@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38173}
diff --git a/tools_webrtc/sslroots/generate_sslroots.py b/tools_webrtc/sslroots/generate_sslroots.py
index e2da029..291c3ce 100644
--- a/tools_webrtc/sslroots/generate_sslroots.py
+++ b/tools_webrtc/sslroots/generate_sslroots.py
@@ -147,19 +147,22 @@
command = 'openssl x509 -in %s%s -noout -C' % (root_dir, source_file)
_PrintOutput(command, options)
output = subprocess.getstatusoutput(command)[1]
- renamed_output = output.replace('unsigned char XXX_',
- 'const unsigned char ' + label + '_')
+ decl_block = 'unsigned char .*_(%s|%s|%s)' %\
+ (_SUBJECT_NAME_ARRAY, _PUBLIC_KEY_ARRAY, _CERTIFICATE_ARRAY)
+ prog = re.compile(decl_block, re.IGNORECASE)
+ renamed_output = prog.sub('const unsigned char ' + label + r'_\1', output)
+
filtered_output = ''
cert_block = '^const unsigned char.*?};$'
- prog = re.compile(cert_block, re.IGNORECASE | re.MULTILINE | re.DOTALL)
+ prog2 = re.compile(cert_block, re.IGNORECASE | re.MULTILINE | re.DOTALL)
if not options.full_cert:
- filtered_output = prog.sub('', renamed_output, count=2)
+ filtered_output = prog2.sub('', renamed_output, count=2)
else:
filtered_output = renamed_output
cert_size_block = r'\d\d\d+'
- prog2 = re.compile(cert_size_block, re.MULTILINE | re.VERBOSE)
- result = prog2.findall(renamed_output)
+ prog3 = re.compile(cert_size_block, re.MULTILINE | re.VERBOSE)
+ result = prog3.findall(renamed_output)
cert_size = result[len(result) - 1]
return filtered_output, cert_size