Date: Fri, 14 Feb 2025 16:07:56 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 284749] certctl: add support for generating cert.pem CAfiles Message-ID: <bug-284749-227-gy3nq1tmj0@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-284749-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=284749 Mel Pilgrim <ports.maintainer@evilphi.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #257481|0 |1 is obsolete| | --- Comment #8 from Mel Pilgrim <ports.maintainer@evilphi.com> --- Created attachment 257530 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=257530&action=edit patch to add optional CAfile generation to certctl (v4) (In reply to Michael Osipov from comment #7) * NOOP is not obeyed I used perform for the lines that delete or install (lines 186, 193, 194, 199, 285). I didn't for TMPFILE operations in create_bundle (lines 184-187, 189), which is consistent with SPLITDIR operations in do_scan (lines 224, 225, 229), which is also just temporary data. Which lines don't obey NOOP? * Delete is, again, inconsistent Revised again. * only hashed links constitute the trust store When CFILE contains more than one certificate, do_scan splits it into individual certificate files and omits the "link" argument from the CFUNC call so that it copies the certificates from SPLITDIR to CERTDESTDIR/UNTRUSTDESTDIR instead of creating relative symlinks (lines 220-229). * cat arg should be quoted I'm guessing you mean it should be "-exec cat '{}' +" instead of "-exec cat \{\} +". Single quotes chosen for consistency with string-literals in other command arguments. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-284749-227-gy3nq1tmj0>