From patchwork Thu May 1 07:41:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8650 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Zp5Zt0RJfz3x3j for ; Thu, 1 May 2025 07:41:10 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Zp5Zs40mNz39H for ; Thu, 1 May 2025 07:41:09 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Zp5Zs3Jqzz33B0 for ; Thu, 1 May 2025 07:41:09 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Zp5Zp3fNJz2y59 for ; Thu, 1 May 2025 07:41:06 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Zp5Zn6fBbzDh; Thu, 1 May 2025 07:41:05 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1746085266; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=fVEXREKjedJvU8z/4TtVPhMS2aBkmPDLAidfRKw1rh4=; b=tAani72XEPn1gYj0C3Ht1Gk8wijHkExMnM2bXjkHorMGBFeP6lhubjCtKt1JyD7ti3wjLK YLLt/MJPLtLxENCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1746085266; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=fVEXREKjedJvU8z/4TtVPhMS2aBkmPDLAidfRKw1rh4=; b=Ld7JkT22PuDuKv3Z8nKKbM5+WkiYYDHIGwLpzGCeeSRHzqTfVO9/H8JpWo0uFl8OfqyG7s 3T/TgnvPw1Ihb1gmQwOIaEHX3JXh4J13Opxl0InP2Qi6MIK2LXdj5dMAYn5ro9LTMoxLRN EQU2UNi/stc9RGujOScy5WWF6uJTo7mWdTJEeIliRdbZHd7BxpCKiJwvJnaWNypYIUZqfo UCFysy9U1edXkuNRFWFJo14zZDRw6/vNz1H8BzJm5VUdeez7EgHHQzvGs+O3V7a87cSRPP 6eqh46bnN/dsHWqVFenWVi+Vt4Wzgn5c7JgXS+CVoDwHF/sHkjOpzJswIr9+Iw== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH v2] core194: Fix cert name and change other check to ! -s Date: Thu, 1 May 2025 09:41:03 +0200 Message-ID: <20250501074103.2694-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 - This v2 version corrects the b! -z to ! -s - Error in hostcert extension - -z is for use with strings and not with files. This should have been ! -s. Thanks to @Nick for spotting this and flagging it up. Th ! -z would do the test against the filename string and as this doesn't change then it would always come up true. - I thought I had tested the original patch of this change but obviously not because there was missing whitespace and filenames not quoted plus the fixes I have added in this patch. - I definitely tested this out this time by copying it from the update.sh and applying it to my vm system. I have also tested this out with the hostcert.pem file present and not and with the index.txt file empty and containing something. This now works as it should, which is to only carry out the edit on the serial file if the hostcert.pem file is present AND the index.txt file is empty. - I clearly need to look more carefully at and test even more carefully at any bash statements that I put together. Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- config/rootfiles/core/194/update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/rootfiles/core/194/update.sh b/config/rootfiles/core/194/update.sh index b758c7bf6..344045ff4 100644 --- a/config/rootfiles/core/194/update.sh +++ b/config/rootfiles/core/194/update.sh @@ -104,7 +104,7 @@ ldconfig /usr/local/bin/filesystem-cleanup # Increment ipsec serial file if x509 certificates present and no content in index.txt -if [ -e "/var/ipfire/certs/hostcert.pm" ] && [ -z "/var/ipfire/certs/index.txt" ]; then +if [ -e "/var/ipfire/certs/hostcert.pem" ] && [ ! -s "/var/ipfire/certs/index.txt" ]; then sed -i "s/01/02/" /var/ipfire/certs/serial fi