svn commit: r353066 - head/usr.sbin/certctl

[Kyle Evans]

Author: kevans
Date: Thu Oct  3 20:05:46 2019
New Revision: 353066
URL: https://svnweb.freebsd.org/changeset/base/353066

Log:
  certctl(8): realpath the file before creating the symlink
  
  Otherwise we end up creating broken relative symlinks in
  /etc/ssl/blacklisted.

Modified:
  head/usr.sbin/certctl/certctl.sh

Modified: head/usr.sbin/certctl/certctl.sh
==============================================================================
--- head/usr.sbin/certctl/certctl.sh    Thu Oct  3 19:55:05 2019        
(r353065)
+++ head/usr.sbin/certctl/certctl.sh    Thu Oct  3 20:05:46 2019        
(r353066)
@@ -69,7 +69,7 @@ create_trusted_link()
                return 1
        fi
        [ $VERBOSE -gt 0 ] && echo "Adding $hash.0 to trust store"
-       [ $NOOP -eq 0 ] && ln -fs "$1" "$CERTDESTDIR/$hash.0"
+       [ $NOOP -eq 0 ] && ln -fs $(realpath "$1") "$CERTDESTDIR/$hash.0"
 }
 
 create_blacklisted()
@@ -78,7 +78,7 @@ create_blacklisted()
 
        hash=$( do_hash "$1" ) || return
        [ $VERBOSE -gt 0 ] && echo "Adding $hash.0 to blacklist"
-       [ $NOOP -eq 0 ] && ln -fs "$1" "$BLACKLISTDESTDIR/$hash.0"
+       [ $NOOP -eq 0 ] && ln -fs $(realpath "$1") "$BLACKLISTDESTDIR/$hash.0"
 }
 
 do_scan()
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"