Bug 19116 - Broken certificate request generation
Summary: Broken certificate request generation
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: cert-sh-functions (show other bugs)
Version: unstable
Hardware: all Linux
: P2 normal
Assignee: Sir Raorn
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-03-10 16:22 MSK by Grigory Batalov
Modified: 2009-03-13 15:27 MSK (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Grigory Batalov 2009-03-10 16:22:51 MSK 
cert-sh-functions-0.1-alt5
При запуске сервиса ahttpd неправильно используется openssl req:

...
+ _ssl_make_req ahttpd -config /tmp/default.cnf.5qt1Iv
+ openssl req -new -key /var/lib/ssl/private/ahttpd.key -out /var/lib/ssl/certs/ahttpd.csr ahttpd -config /tmp/default.cnf.5qt1Iv
unknown option ahttpd

/usr/bin/cert-sh-functions:70:
_ssl_make_req()
{
    "$OPENSSL" req -new -key "$SSL_KEYDIR/$1.key" -out "$SSL_CSRDIR/$1.csr" "$@" ||
        ssl_fatal "Unable to create sign request"
}

Очевидно, что $1 входит и в $@, из-за чего в командной строке появляется лишний аргумент ahttpd.
Comment 1 Grigory Batalov 2009-03-10 16:27:11 MSK 
Рекомендую переписать следующим образом:

_ssl_make_req()
{
    local name
    name="$1" && shift

    "$OPENSSL" req -new -key "$SSL_KEYDIR/$name.key" -out "$SSL_CSRDIR/$name.csr" "$@" ||
        ssl_fatal "Unable to create sign request"
}
Comment 2 Sir Raorn 2009-03-10 16:30:02 MSK 
Да, я видимо где-то забыл shift...
Comment 3 Sir Raorn 2009-03-11 15:23:59 MSK 
0.2-alt1