Re: [sipX-dev] CA cert file names with spaces do not work for sipXconfig

Mon, 30 Jun 2008 08:15:19 -0700 

On Fri, 2008-06-27 at 12:54 -0400, Damian Krzeminski wrote:
        diff --git a/sipXconfig/web/bin/create-ssl-truststore.sh.in
        b/sipXconfig/web/bin/create-ssl-truststore.sh.in
        index a6106f1..b4cd422 100644
        --- a/sipXconfig/web/bin/create-ssl-truststore.sh.in
        +++ b/sipXconfig/web/bin/create-ssl-truststore.sh.in
        @@ -86,7 +92,7 @@ if [ "${Action}" = "CHECKSUM" ]; then
           else
             MD5SUM=md5sum
           fi
        -  Checksum=`cat $Certificates | $MD5SUM | awk '{print $1}'`
        +  Checksum=`find $CaPath -type f -name \*cr[lt] | xargs -I F
        cat "F" | $MD5SUM | awk '{print $1}'`
        
You should quote the -name argument into:

      find $CaPath -type f -name '*cr[lt]'

The pattern after -name really is supposed to be the string '*cr[lt]',
and unless you quote it completely, the presence of unexpected files in
the current directory can cause it to malfunction.  (As long as the
pattern matches no file in the current directory, the shell passes it to
'find' unmodified.)  In this case, it would require the presence of a
file named "*crl" or "*crt" to cause a problem, but I do remember
tracking down cases of this sort of problem in user installations.
        
        @@ -99,7 +105,9 @@ if [ "${Action}" = "CHECKSUM" ]; then
         fi
         
         rm "$TrustStore" 2> /dev/null
        -for Certificate in $Certificates
        +
        +find $CaPath \( -type f -name \*cr[lt] \) | \
        +while read Certificate
        
ditto, use '*cr[lt]'.

BTW, don't you mean '*.cr[lt]'?

How does the changed script reject non-option arguments (e.g., if
someone writes "create-ssl-truststore.sh foo.crt")?  It looks like
they're just ignored.  Worse, "create-ssl-truststore-sh --checksum xxx
yyy --truststore zzz" will have "yyy" entirely ignored, but both options
processed as expected.

The usage message still shows providing individual certificate file
names.

+  Checksum=`find $CaPath -type f -name \*cr[lt] | xargs -I F cat "F" | $MD5SUM 
| awk '{print $1}'`

Shouldn't 'xargs -I F cat "F"' be 'xargs @[EMAIL PROTECTED] cat "F"'?
IIRC, you can't depend on xargs supporting -I.

Dale


_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev

Reply via email to