lib/func.tcl: Hack output of `openssl dgst -hex'.

[ca] / lib / func.tcl

diff --git a/lib/func.tcl b/lib/func.tcl
index ece7e5b..1f73008 100644 (file)
--- a/lib/func.tcl
+++ b/lib/func.tcl
@@ -86,6 +86,11 @@ array unset P
 set C(ca-period) 3650
 set C(archive-interval) 32
 
+## The update hook function.
+proc update-hook {} {
+  ## Called by `bin/update': might publish data to a web server, for example.
+}
+
 ## Read the user configuration.
 if {[file exists "$CERTROOT/etc/config.tcl"]} {
   source "$CERTROOT/etc/config.tcl"
@@ -443,10 +448,10 @@ proc sync-profiles {} {
 proc req-key-hash {file} {
   ## Return the key hash from the certificate request in FILE.
 
-  return [exec \
+  return [lindex [exec \
              openssl req -in $file -noout -pubkey | \
              openssl rsa 2>/dev/null -pubin -outform der | \
-             openssl dgst -sha256 -hex]
+             openssl dgst -sha256 -hex] end]
 }
 
 proc req-dn {file} {
@@ -461,10 +466,10 @@ proc req-dn {file} {
 proc cert-key-hash {file} {
   ## Return the key hash from the certificate in FILE.
 
-  return [exec \
+  return [lindex [exec \
              openssl x509 -in $file -noout -pubkey | \
              openssl rsa 2>/dev/null -pubin -outform der | \
-             openssl dgst -sha256 -hex]
+             openssl dgst -sha256 -hex] end]
 }
 
 proc cert-dn {file} {