From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZngDm51kxz339n for ; Wed, 30 Apr 2025 14:54:00 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZngDj1PYkz30NY for ; Wed, 30 Apr 2025 14:53:57 +0000 (UTC) Received: from khaki.cherry.relay.mailchannels.net (khaki.cherry.relay.mailchannels.net [23.83.223.96]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPS id 4ZngDg5GrqzCD for ; Wed, 30 Apr 2025 14:53:55 +0000 (UTC) Authentication-Results: mail01.ipfire.org; dkim=pass header.d=howitts.co.uk header.s=duo-1607357347919-bbc6d73b header.b="HRJBK/2m"; dkim=pass header.d=outbound.mailhop.org header.s=dkim-high header.b=TyTbVcgW; dkim=pass header.d=howitts.co.uk header.s=202411 header.b=AT9+YniP; arc=pass ("mailchannels.net:s=arc-2022:i=1"); spf=pass (mail01.ipfire.org: domain of nick@howitts.co.uk designates 23.83.223.96 as permitted sender) smtp.mailfrom=nick@howitts.co.uk; dmarc=pass (policy=quarantine) header.from=howitts.co.uk ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=lists.ipfire.org; s=202003rsa; t=1746024836; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=YOL0hKpyul4uc6lEatvHH53hBGyUOpiz07bWCpiyXmw=; b=i4It7zq9QkpmgsxJtlcV4luQrbV857uyb7wWtbpGzWNLpenEwlqGPiPpSGRGTMArnyIl/Z XaV+/JphhnebP4thHt9oZ4e/V92esgqZLMJH7+KarI2BUxFyWJR+gz/PnfrcM7J3M7HT4A fcOyz0oSacNvR/7+M8PdvesqKSQ/tGU45XBAwyD1FqaidV2k0ahJYLPQ8Zt3KoOJ9MORyn 9dejBBpQHil/AYIb1nAm1CViZtNP9fUDa22RfhrHJuBoVsLtWYENB0r0J11FyGyItKHu44 isfHnPcC3fmHHBxwbHV7+tl1uEuk/Qeovo6EOmY5CfYiaifrQMBBfFVTDInLyA== ARC-Seal: i=2; s=202003rsa; d=lists.ipfire.org; t=1746024836; a=rsa-sha256; cv=pass; b=wE+Ekv0nAOoG06KVlvmvcGq/gNXpvsFwgbPBNDql/dPgtYwl8/AUvWyl5nWfPsQvB81cvx lH3K5CFBhXlHRy+q6Yudw5V2m1hjL6FDt6M1GOvZ3bemkC0mYpga53wOk0XOgF+YG9AnKh lyCdzfIIj3sraAF5MSdKQPzWMTc4AnH/F3dsvEJeO1lPim1iFinma1a7SZASLemAkLPMPX XgMJcNxi6+2R82VtCXzeI7iiUlMpM7T3XrWk9N8QP4lfgYf2uEhGL778dhclv5H55swaqN K2UJyrtZfIwC3K1ii7QhB+qBXsP6mD/Irr60tl3TmOGRl2pN8NSkTOoB6Z/Cvw== ARC-Authentication-Results: i=2; mail01.ipfire.org; dkim=pass header.d=howitts.co.uk header.s=duo-1607357347919-bbc6d73b header.b="HRJBK/2m"; dkim=pass header.d=outbound.mailhop.org header.s=dkim-high header.b=TyTbVcgW; dkim=pass header.d=howitts.co.uk header.s=202411 header.b=AT9+YniP; arc=pass ("mailchannels.net:s=arc-2022:i=1"); spf=pass (mail01.ipfire.org: domain of nick@howitts.co.uk designates 23.83.223.96 as permitted sender) smtp.mailfrom=nick@howitts.co.uk; dmarc=pass (policy=quarantine) header.from=howitts.co.uk X-Sender-Id: _forwarded-from|82.5.79.245 Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id C503778343F for ; Wed, 30 Apr 2025 14:53:52 +0000 (UTC) Received: from outbound1f.eu.mailhop.org (100-106-214-82.trex-nlb.outbound.svc.cluster.local [100.106.214.82]) (Authenticated sender: duocircle) by relay.mailchannels.net (Postfix) with ESMTPA id CE86078353E for ; Wed, 30 Apr 2025 14:53:50 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1746024831; a=rsa-sha256; cv=none; b=momOxe0kz5FQSHuGW2Mv3x+rlh53uuDuSIeA7HGPO2w7nJ7IT2yYStsaw3TlKm2ouh5vqR tW+UvNaGDCtwYI0zy72zKVR7D6qIJQjKR/uwZ2pFIFO8ePrNKc2HXpJeHVatqlX45mspBl S/vyjygKX6ZbBhRA7OQLwTAHDjkdDVRFZraQCbTHokzz7p2daDH55ont6yWagLYoBCrbaF wpDVIZqerE+z+iC8tfGtuQMnHkzh2piVx1BFTDg8tgb/XfGQo5HYxxdiZGnzyhtQ5fsIPz aZ6M9TJ8YeN/+SxiD2aIES9PKL5TgpnmZjqUVbkqfmk1I7Bj8xtnI/nlZi2ZFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1746024831; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=YOL0hKpyul4uc6lEatvHH53hBGyUOpiz07bWCpiyXmw=; b=dY0PMTcNnvf76zgtUaweDFnP8Lz99SLVaQIek3uyBireQR1XoNbeFOuOzmaIhQWax+cV1B yUC+wJmcxjSTPMjdLsdf2/IXErQ96Br3NXpQINGBJ9JCLaTQsZJFABzHwcVZ/B8p26PTkI cJf8bbVY5v3m0XUZu7QDOorOf/vLp6LKb7y0WUtYTPMT3SkqkOLoowc9Fq9biuTmCJWG7V lhFCADDdZnfZFVN03WfhtzqnVDs7F+n3mi77lHPvf3yJ39B/zimmXTo0k46rA0p0c4rAyv jWTsFMX9FUKNeIt7LTTx+R8c8HA4w9+DEhOjZJWpJNcKlH5r8ULddQxyyk+oqg== ARC-Authentication-Results: i=1; rspamd-56c68c6fd9-lc48w; auth=pass smtp.auth=duocircle smtp.mailfrom=nick@howitts.co.uk X-Sender-Id: _forwarded-from|82.5.79.245 X-MC-Relay: Forwarding X-MailChannels-SenderId: _forwarded-from|82.5.79.245 X-MailChannels-Auth-Id: duocircle X-Reaction-Supply: 6747204a3f071b69_1746024831328_3683382451 X-MC-Loop-Signature: 1746024831327:2202814893 X-MC-Ingress-Time: 1746024831327 Received: from outbound1f.eu.mailhop.org (outbound1f.eu.mailhop.org [52.28.59.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.106.214.82 (trex/7.0.3); Wed, 30 Apr 2025 14:53:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=howitts.co.uk; s=duo-1607357347919-bbc6d73b; h=in-reply-to:from:references:to:subject:mime-version:date:message-id: content-type:cfbl-address:cfbl-feedback-id:from; bh=YOL0hKpyul4uc6lEatvHH53hBGyUOpiz07bWCpiyXmw=; b=HRJBK/2mzC5M7Fu5Rm4ZeB6K8aFEEEmuiURPuvSGOMODQO7EGSwL/wMp639ElxX0n6uMrzUb+W20z 9iA+Blp2kMpXHuBXCKabJoT30hQ9hxHArgvI8VBKiqMitY17uQtqnMGf0RtEcVfGPAvd3q8dON9e8n ZCEHX/EQYltdK/Sc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=in-reply-to:from:references:to:subject:mime-version:date:message-id: content-type:cfbl-address:cfbl-feedback-id:from; bh=YOL0hKpyul4uc6lEatvHH53hBGyUOpiz07bWCpiyXmw=; b=TyTbVcgW/a5llUSjBZ8EyLKCSqtlx2hpds5wSGVgr9AEc4JBodfmAcYDAMTEuU4uaNMxNoTMIv1IK Ap0ULfS9XR48UYfmR8mc2CEKPZVLRnlmdiol7M9gPkl5G47S7ZjTHj1CwmO8BlHjvgqJZJRClKPmRc QPeudfy6Ef4fdgJY5uYvYRRucoGrpFX4kXtUDGh1qnAyZ0+orz/KMEK0bboQ3ylyiBG6YkplIocbhB 8Fpzj4wM75bpgOIFzPwn/AXt2gUymZW4I8wIF1JvdbxrKaIc7RHvyLIPWJ0DfFKf0hg9J+t8bAq3uP IeFmXXgt1lyPA7SjytyTDyfdbUXmA6Q== X-Originating-IP: 82.5.79.245 X-MHO-RoutePath: bmljaw== X-MHO-User: ebbd5595-25d2-11f0-a544-eb1d40c36193 X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Mail-Handler: DuoCircle Outbound SMTP CFBL-Feedback-ID: ebbd5595-25d2-11f0-a544-eb1d40c36193:1 CFBL-Address: prvs=0215a65ca6=abuse@outbound.mailhop.org; report=arf Received: from mail.howitts.co.uk (horn-04-b2-v4wan-170312-cust1012.vm10.cable.virginm.net [82.5.79.245]) by outbound2.eu.mailhop.org (Halon) with ESMTPSA id ebbd5595-25d2-11f0-a544-eb1d40c36193; Wed, 30 Apr 2025 14:53:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.howitts.co.uk (Postfix) with ESMTP id 8AA53700947 for ; Wed, 30 Apr 2025 15:53:47 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=howitts.co.uk; h= in-reply-to:from:from:references:content-language:subject :subject:user-agent:mime-version:date:date:message-id :content-type:content-type:received:received; s=202411; t= 1746024825; x=1747839226; bh=riXxBdA9cOfKepoBg3o1BNuCv8+OEGnZbBA gyKAYktw=; b=AT9+YniP6H16TzxI0NUmZ4faLn22aEOIoXohhZmWLjCyMIFO53l Ltr7DhB887clbStV/m6S6n4zcKjejQLC3DoXmUEVKlis7GfIG1APDmfBS+3K728K caTTY75ovooqrF4SI3swLHd9wBPvUfisuChRDGtHylKJ5VPl4o+nEwkiarw115xK VpFAg0bgZy/F6eu6uscZw5CFrdxmjGhWF+9xu69k78SSmWDHiyucn+6E3Slqs37U o5jb3/mQdSzo+kJxBlis1fe6X1YhnYxVDmQprNfbpJX0d02dVCaUC9RxKVoEPF/Y Ik8Oi3ME7hcwUZrQ+z2UBgzdPlWYAXRjMBQ== X-Virus-Scanned: Debian amavis at howitts.co.uk Received: from mail.howitts.co.uk ([127.0.0.1]) by localhost (mail.howitts.co.uk [127.0.0.1]) (amavis, port 10028) with ESMTP id TVlm2zT2HrYE for ; Wed, 30 Apr 2025 15:53:45 +0100 (BST) Received: from [172.17.2.83] (switch_usb.howitts.co.uk [172.17.2.83]) by mail.howitts.co.uk (Postfix) with ESMTPSA id 7BC15700168 for ; Wed, 30 Apr 2025 15:53:45 +0100 (BST) Content-Type: multipart/alternative; boundary="------------it0t9D8AZe2W1xT1aSVM0YmN" Message-ID: <09f1b0d4-a0ad-43ae-b71a-4c1d53d95b6d@howitts.co.uk> Date: Wed, 30 Apr 2025 15:53:44 +0100 Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] core194: Fix cert name and change other check to ! -z Content-Language: en-GB To: development@lists.ipfire.org References: <20250430141746.44261-1-adolf.belka@ipfire.org> From: Nick Howitt In-Reply-To: <20250430141746.44261-1-adolf.belka@ipfire.org> X-Rspamd-Action: no action X-Rspamd-Server: mail01.haj.ipfire.org X-Rspamd-Queue-Id: 4ZngDg5GrqzCD X-Spamd-Result: default: False [-5.96 / 11.00]; BAYES_HAM(-2.99)[99.94%]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[howitts.co.uk,quarantine]; R_DKIM_ALLOW(-0.20)[howitts.co.uk:s=duo-1607357347919-bbc6d73b,outbound.mailhop.org:s=dkim-high,howitts.co.uk:s=202411]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; IP_REPUTATION_SPAM(0.04)[asn: 63213(0.00), country: CA(0.01), ip: 23.83.223.96(0.00)]; MX_GOOD(-0.01)[]; DWL_DNSWL_NONE(0.00)[mailhop.org:dkim]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCPT_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; SUBJECT_HAS_EXCLAIM(0.00)[]; RECEIVED_HELO_LOCALHOST(0.00)[]; DKIM_TRACE(0.00)[howitts.co.uk:+,outbound.mailhop.org:+]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; ARC_SIGNED(0.00)[lists.ipfire.org:s=202003rsa:i=2]; PREVIOUSLY_DELIVERED(0.00)[development@lists.ipfire.org]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.96:from,52.28.59.28:received]; RECEIVED_SPAMHAUS_PBL(0.00)[82.5.79.245:received]; MID_RHS_MATCH_FROM(0.00)[]; HAS_XOIP(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; DKIM_REPUTATION(0.00)[0]; RCVD_COUNT_SEVEN(0.00)[7] This is a multi-part message in MIME format. --------------it0t9D8AZe2W1xT1aSVM0YmN Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Can I ask what you are testing here with the "! -z"? Typically you would use "-n" rather than "! -z", but both are tests for strings and not files - https://tldp.org/LDP/abs/html/comparison-ops.html. "! -s" would test for a zero length file and if the file exists at all. Nick On 30/04/2025 15:17, Adolf Belka wrote: > - Error in hostcert extension > - -z gives true if not zero and we need true if it is zero so had to add not command. > - I thought I had tested the original patch of this change but obviously not because > there was missing whitespace and filenames not quoted plus the fixes I have added > in this patch. > - I definitely tested this out this time by copying it from the update.sh and applying > it to my vm system. > > Tested-by: Adolf Belka > Signed-off-by: Adolf Belka > --- > config/rootfiles/core/194/update.sh | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/config/rootfiles/core/194/update.sh b/config/rootfiles/core/194/update.sh > index b758c7bf6..8fbf22750 100644 > --- a/config/rootfiles/core/194/update.sh > +++ b/config/rootfiles/core/194/update.sh > @@ -104,7 +104,7 @@ ldconfig > /usr/local/bin/filesystem-cleanup > > # Increment ipsec serial file if x509 certificates present and no content in index.txt > -if [ -e "/var/ipfire/certs/hostcert.pm" ] && [ -z "/var/ipfire/certs/index.txt" ]; then > +if [ -e "/var/ipfire/certs/hostcert.pem" ] && [ ! -z "/var/ipfire/certs/index.txt" ]; then > sed -i "s/01/02/" /var/ipfire/certs/serial > fi > --------------it0t9D8AZe2W1xT1aSVM0YmN Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit Can I ask what you are testing here with the "! -z"? Typically you would use "-n" rather than "! -z", but both are tests for strings and not files - https://tldp.org/LDP/abs/html/comparison-ops.html. "! -s" would test for a zero length file and if the file exists at all.

Nick

On 30/04/2025 15:17, Adolf Belka wrote:
- Error in hostcert extension
- -z gives true if not zero and we need true if it is zero so had to add not command.
- I thought I had tested the original patch of this change but obviously not because
   there was missing whitespace and filenames not quoted plus the fixes I have added
   in this patch.
- I definitely tested this out this time by copying it from the update.sh and applying
   it to my vm system.

Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/core/194/update.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/rootfiles/core/194/update.sh b/config/rootfiles/core/194/update.sh
index b758c7bf6..8fbf22750 100644
--- a/config/rootfiles/core/194/update.sh
+++ b/config/rootfiles/core/194/update.sh
@@ -104,7 +104,7 @@ ldconfig
 /usr/local/bin/filesystem-cleanup
 
 # Increment ipsec serial file if x509 certificates present and no content in index.txt
-if [ -e "/var/ipfire/certs/hostcert.pm" ] && [ -z "/var/ipfire/certs/index.txt" ]; then
+if [ -e "/var/ipfire/certs/hostcert.pem" ] && [ ! -z "/var/ipfire/certs/index.txt" ]; then
     sed -i "s/01/02/" /var/ipfire/certs/serial
 fi

--------------it0t9D8AZe2W1xT1aSVM0YmN--