From 2f67ff35f5b4ee2843b37978978a96852451d108 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 10 Mar 2021 14:14:33 +0100 Subject: [cert] Only import hashed symlink certs into nssdb This makes sure we don't import duplicates, or the cert bundle etc. --- modules/cert.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/cert.inc b/modules/cert.inc index 3b4a222..23aeacd 100644 --- a/modules/cert.inc +++ b/modules/cert.inc @@ -17,7 +17,7 @@ cert_to_nssdb() { return # pass exit code fi if [ -d "$src" ]; then - find "$src" \( -type f -o -type l \) -name "*.pem" | while read -r file; do + find "$src" -type l -name "*.?" | while read -r file; do file="$( readlink -f "$file" )" # Make sure there's nothing after this call so the exit code survives the loop end certutil -A -d sql:"$db" -n "$( basename "$file" )" -t C,C,C -i "$file" -- cgit v1.2.3-55-g7522