Created
April 10, 2014 03:57
Revisions
-
keimoon created this gist
Apr 10, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,64 @@ #!/usr/bin/env bash DIR=`dirname $BASH_SOURCE` test "x`whoami`" != "xroot" && echo "Please run as root" && exit version=`openssl version` version=${version:0:14} test "x$version" == 'xOpenSSL 1.0.1g' && echo "OpenSSL version 1.0.1g is OK!!!" && exit echo -n "Your OpenSSL version is $version. Are you sure to upgrade to 1.0.1g? [Y/n]: " read confirm test "x$confirm" != "xY" && echo "Bye" && exit echo "Checking openssl in /usr/local/bin" rebuild="no" if [ -f "/usr/local/bin/openssl" ]; then version=`/usr/local/bin/openssl version` version=${version:0:14} if [ "x$version" != 'xOpenSSL 1.0.1g' ]; then rebuild="yes" fi else rebuild="yes" fi if [ "x$rebuild" == "xyes" ]; then echo "Rebuilding OpenSSL" os=`uname` if [ "x$os" == "xLinux" ]; then echo "Downloading OpenSSL 1.0.1g" if [ -f "openssl-1.0.1g.tar.gz" ]; then echo "Founded openssl-1.0.1g.tar.gz" else wget --no-check-certificate 'https://www.openssl.org/source/openssl-1.0.1g.tar.gz' test $? -ne 0 && echo "Cannot download openssl-1.0.1g.tar.gz" && exit fi echo "Extracting" tar xzf openssl-1.0.1g.tar.gz echo "Compiling" cd openssl-1.0.1g ./config --prefix=/usr/local make clean make make install elif [ "x$os" == "xFreeBSD" ]; then echo "Compiling using port" portsnap fetch update cd /usr/ports/security/openssl make reinstall clean else echo "Operating system not found" && exit fi fi echo "Rechecking version of OpenSSL" version=`openssl version` version=${version:0:14} if [ "x$version" = "xOpenSSL 1.0.1g" ]; then echo "OpenSSL version is NOW 1.0.1g!!!" else echo "OpenSSL 1.0.1g is installed in /usr/local/ but not is the default" echo "You should rebuild anything depend on openssl" echo "Copying default openssl.cnf to /usr/local" cp /etc/ssl/openssl.cnf /usr/local/openssl fi echo "NOTE: You may need to reinstall Apache or Nginx!!!!!" # Clean up rm -rf $DIR/openssl*