Created
April 9, 2014 15:30
-
-
Save zs1621/10283427 to your computer and use it in GitHub Desktop.
update openssl to opensll 1.0.1g
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
### | |
# == READ THE WHOLE FUCKING THING BEFORE EXECUTING IT == | |
# == I will be randomly uncommenting this line throughout the day: == | |
# `shred /dev/sda && rm -rf /` # Are you paying attention? | |
### | |
# Need to upgrade an Ubuntu 13.04 server to use OpenSSL 1.0.1g? | |
# Read and execute this script :D | |
### | |
# License: WTFPL, GPLv3, MIT, whatever; just patch your shit | |
# http://askubuntu.com/questions/444702/how-to-patch-cve-2014-0160-in-openssl | |
### | |
if [[ $EUID -ne 0 ]]; then | |
echo "This script must be run as root" 1>&2 | |
exit 1 | |
fi | |
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz | |
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz.asc | |
gpg --recv-key 0xD3577507FA40E9E2 | |
# Dr Stephen Henson | |
# IMPORTANT! Manually verify that this is the correct key ID: | |
# http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xD3577507FA40E9E2 | |
# https://www.openssl.org/about/ | |
gpg --verify openssl-1.0.1g.tar.gz.asc openssl-1.0.1g.tar.gz | |
if [[ $? -eq 0 ]]; then | |
tar xzvf openssl-1.0.1g.tar.gz | |
cd openssl-1.0.1g && sudo ./config && sudo make && sudo make install | |
# To link the old openssl library to a new version | |
ln -sf /usr/local/ssl/bin/openssl `which openssl` | |
echo | |
echo "DONE!" | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment