From 2f67ff35f5b4ee2843b37978978a96852451d108 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 10 Mar 2021 14:14:33 +0100
Subject: [cert] Only import hashed symlink certs into nssdb

This makes sure we don't import duplicates, or the cert bundle etc.
---
 modules/cert.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/cert.inc b/modules/cert.inc
index 3b4a222..23aeacd 100644
--- a/modules/cert.inc
+++ b/modules/cert.inc
@@ -17,7 +17,7 @@ cert_to_nssdb() {
 		return # pass exit code
 	fi
 	if [ -d "$src" ]; then
-		find "$src" \( -type f -o -type l \) -name "*.pem" | while read -r file; do
+		find "$src" -type l -name "*.?" | while read -r file; do
 			file="$( readlink -f "$file" )"
 			# Make sure there's nothing after this call so the exit code survives the loop end
 			certutil -A -d sql:"$db" -n "$( basename "$file" )" -t C,C,C -i "$file"
-- 
cgit v1.2.3-55-g7522