Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 9 Jan 2021 05:26:17 GMT
From:      Kyle Evans <kevans@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 8c4094f38c7b - main - certctl: factor out certname resolution
Message-ID:  <202101090526.1095QHB7001453@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=8c4094f38c7b0e95af91d92a563bfedc1249950d

commit 8c4094f38c7b0e95af91d92a563bfedc1249950d
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2021-01-09 04:34:44 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2021-01-09 04:36:22 +0000

    certctl: factor out certname resolution
    
    create_blacklisted() will identify a cert whether it's provided a path to
    a cert or the hash.serial format that is shown by `certctl list`.
    
    Factor this logic out into a resolve_certname() so that it may be reused
    elsewhere.
---
 usr.sbin/certctl/certctl.sh | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/certctl/certctl.sh b/usr.sbin/certctl/certctl.sh
index c2f9c7dc8438..1a491cf3a047 100755
--- a/usr.sbin/certctl/certctl.sh
+++ b/usr.sbin/certctl/certctl.sh
@@ -92,7 +92,8 @@ create_trusted_link()
 		install ${INSTALLFLAGS} -lrs $(realpath "$1") "$CERTDESTDIR/$hash.$suffix"
 }
 
-create_blacklisted()
+# Accepts either dot-hash form from `certctl list` or a path to a valid cert.
+resolve_certname()
 {
 	local hash srcfile filename
 	local suffix
@@ -103,14 +104,28 @@ create_blacklisted()
 		srcfile=$(realpath "$1")
 		suffix=$(get_decimal "$BLACKLISTDESTDIR" "$hash")
 		filename="$hash.$suffix"
+		echo "$srcfile" "$hash.$suffix"
 	elif [ -e "${CERTDESTDIR}/$1" ];  then
 		srcfile=$(realpath "${CERTDESTDIR}/$1")
 		hash=$(echo "$1" | sed -Ee 's/\.([0-9])+$//')
 		suffix=$(get_decimal "$BLACKLISTDESTDIR" "$hash")
 		filename="$hash.$suffix"
-	else
+		echo "$srcfile" "$hash.$suffix"
+	fi
+}
+
+create_blacklisted()
+{
+	local srcfile filename
+
+	set -- $(resolve_certname "$1")
+	srcfile=$1
+	filename=$2
+
+	if [ -z "$srcfile" -o -z "$filename" ]; then
 		return
 	fi
+
 	[ $VERBOSE -gt 0 ] && echo "Adding $filename to blacklist"
 	[ $NOOP -eq 0 ] && install ${INSTALLFLAGS} -lrs "$srcfile" "$BLACKLISTDESTDIR/$filename"
 }

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202101090526.1095QHB7001453>