#3575: smime_keys.pl fails on filenames with spaces
-----------------------+----------------------------------------------------
Reporter: Y_Plentyn | Owner: mutt-dev
Type: defect | Status: infoneeded_new
Priority: minor | Milestone:
Component: crypto | Version:
Keywords: |
-----------------------+----------------------------------------------------
Changes (by me):
* status: new => infoneeded_new
Old description:
> Forwarding from http://bugs.debian.org/658324 :
>
> {{{
> Dear Maintainer,
>
> I recently needed to update by smime-keyring with a new version of my own
> certificate to a new one, and saved it to a file named
> "cacert [email protected] renewed.p12".
>
> Unfortunately 'smime_keys add_p12 "cacert [email protected]
> renewed.p12"'
> failed with the return code 256 from openssl and a dump of it's
> commandline
> options.
>
> I looked into smime_keys and found that the perl-script builds the
> command
> in line 156 directly from $ARGV[1]:
>
> >>>> snip <<<<
> 156: my $cmd = "$opensslbin pkcs12 -in $ARGV[1] -out $pem_file";
> 157: system $cmd and die "'$cmd' returned $?";
> >>>> snip <<<<
>
> The error-message also contained the exact commandline it tried to
> execute
> which was:
> >>>> snip <<<<
> '/usr/bin/openssl pkcs12 -in cacert [email protected] renewed.p12 -out
> cacert [email protected] renewed.p12.pem' returned 256 at
> /usr/bin/smime_keys line 157.
> >>>> snip <<<<
>
> As there were no quotation marks around the filename I tried it with a
> symlink to the same file, but without any space in the filename and it
> worked like a charm.
>
> I therefore think that there is some kind of escaping of $ARGV[1]
> neccesary
> to stop smime_keys from passing the spaces directly to the shell that
> executes openssl.
>
> Kind regards, Andre
> }}}
New description:
Forwarding from http://bugs.debian.org/658324 :
{{{
Dear Maintainer,
I recently needed to update by smime-keyring with a new version of my own
certificate to a new one, and saved it to a file named
"cacert [email protected] renewed.p12".
Unfortunately 'smime_keys add_p12 "cacert [email protected]
renewed.p12"'
failed with the return code 256 from openssl and a dump of it's
commandline
options.
I looked into smime_keys and found that the perl-script builds the command
in line 156 directly from $ARGV[1]:
>>>> snip <<<<
156: my $cmd = "$opensslbin pkcs12 -in $ARGV[1] -out $pem_file";
157: system $cmd and die "'$cmd' returned $?";
>>>> snip <<<<
The error-message also contained the exact commandline it tried to execute
which was:
>>>> snip <<<<
'/usr/bin/openssl pkcs12 -in cacert [email protected] renewed.p12 -out
cacert [email protected] renewed.p12.pem' returned 256 at
/usr/bin/smime_keys line 157.
>>>> snip <<<<
As there were no quotation marks around the filename I tried it with a
symlink to the same file, but without any space in the filename and it
worked like a charm.
I therefore think that there is some kind of escaping of $ARGV[1]
neccesary
to stop smime_keys from passing the spaces directly to the shell that
executes openssl.
Kind regards, Andre
}}}
--
Comment:
I've attached a patch which I believe will solve this issue.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3575#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
