mirror of https://github.com/mollyim/webrtc.git synced 2025-05-13 05:40:42 +01:00

History

Yury Yarashevich c7ff896999 Rewrite 'generate_sslroots' w/o OpenSSL. OpenSSL removed ability to generate C code: `a18cf8fc63` CL rewrites generation script to use pure Python asn1crypto library. The changes in generated code leading to huge diff in generated file: - Certificate array names are based on certificate fingerprints instead of semi-human readable names, which were not referenced externally; - Order of arrays in generated file matches the order of certificates as they are appeared in source pem file. Previously re-ordering happen due to writing temporary files on disk; Bug: webrtc:11710 Change-Id: Ie7a97b3658f6ccb397f0fd0c21d341934a2cc12e Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/304642 Commit-Queue: Yury Yarashevich <yura.yaroshevich@gmail.com> Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org> Reviewed-by: Harald Alvestrand <hta@webrtc.org> Cr-Commit-Position: refs/heads/main@{#40039}	2023-05-10 12:57:37 +00:00
..
generate_sslroots.py	Rewrite 'generate_sslroots' w/o OpenSSL.	2023-05-10 12:57:37 +00:00
README.md	Add script to generate ssl_roots.h from Mozilla's CA bundle	2022-03-04 13:50:58 +00:00

Yury Yarashevich c7ff896999 Rewrite 'generate_sslroots' w/o OpenSSL.

OpenSSL removed ability to generate C code:
a18cf8fc63

CL rewrites generation script to use pure Python asn1crypto library.

The changes in generated code leading to huge diff in generated file:
- Certificate array names are based on certificate fingerprints instead
of semi-human readable names, which were not referenced externally;
- Order of arrays in generated file matches the order of certificates
as they are appeared in source pem file. Previously re-ordering happen
due to writing temporary files on disk;


Bug: webrtc:11710
Change-Id: Ie7a97b3658f6ccb397f0fd0c21d341934a2cc12e
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/304642
Commit-Queue: Yury Yarashevich <yura.yaroshevich@gmail.com>
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#40039}

2023-05-10 12:57:37 +00:00

generate_sslroots.py Rewrite 'generate_sslroots' w/o OpenSSL. 2023-05-10 12:57:37 +00:00

README.md Add script to generate ssl_roots.h from Mozilla's CA bundle 2022-03-04 13:50:58 +00:00

README.md

Generate rtc_base/ssl_roots.h

This directory contains a script to generate the content of rtc_base/ssl_roots.h, to update the SSL roots shipped by WebRTC follow this instructions:

Download roots.pem from pki.goog or [curl.se][mozilla-cacert]
Launch the script:

$ vpython3 tools_webrtc/sslroots/generate_sslroots.py <the pem file>

Step 2 should have generated an ssl_roots.h file right next to the pem file.
Overwrite rtc_base/ssl_roots.h with the newly generated one.