Package: ca-certificates
Version: 20210119
Hi,
When calling update-ca-certificates command if there is a certificate with
a backslash in its name it errors out.
Transcript:
/usr/local/share/ca-certificates/ipa-ca# ls -la
total 20
drwxr-xr-x 2 root root 4096 Jan 11 15:14 .
drwxr-xr-x 3 root root 4096 Jan 11 15:14 ..
-rw-r--r-- 1 root root 1538 Jan 11 15:14 'CN=Certificate
Authority,O=xxxxxxxx.crt'
-rw-r--r-- 1 root root 1933 Jan 11 15:14 'CN=Go Daddy Root Certificate
Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US
1828629.crt'
-rw-r--r-- 1 root root 1733 Jan 11 15:14 'OU=Go Daddy Class 2 Certification
Authority,O=The Go Daddy Group\, Inc.,C=US 0.crt'
# update-ca-certificates
Updating certificates in /etc/ssl/certs...
sed: can't read /usr/local/share/ca-certificates/ipa-ca/CN=Go Daddy Root
Certificate Authority - G2,O=GoDaddy.com, Inc.,L=Scottsdale,ST=Arizona,C=US
1828629.crt: No such file or directory
This happens because of the while read crt at lines 134, 142 and 147.
Based on read command documentation the \ character is used as an escape
character so when read process the file name it just removes the backslash
from the name. This can be avoided if -r option is added to read.
Suggested patch.
@@ -131,7 +131,7 @@
# Add default certificate authorities if requested
if [ "$default" = 1 ]; then
- find -L "$CERTSDIR" -type f -name '*.crt' | sort | while read crt
+ find -L "$CERTSDIR" -type f -name '*.crt' | sort | while read -r crt
do
add "$crt"
done
@@ -144,7 +144,7 @@
remove "$CERTSDIR/$crt"
done
-sed -e '/^$/d' -e '/^#/d' -e '/^!/d' "$CERTSCONF" | while read crt
+sed -e '/^$/d' -e '/^#/d' -e '/^!/d' "$CERTSCONF" | while read -r crt
do
if ! test -f "$CERTSDIR/$crt"
then
@@ -158,7 +158,7 @@
# administrator.
if [ -d "$LOCALCERTSDIR" ]
then
- find -L "$LOCALCERTSDIR" -type f -name '*.crt' | sort | while read crt
+ find -L "$LOCALCERTSDIR" -type f -name '*.crt' | sort | while read -r crt
do
add "$crt"
done
Cheers,
Santiago.
