Re: [Mutt] #3575: smime_keys.pl fails on filenames with spaces

Mon, 31 Dec 2012 21:07:04 -0800 

#3575: smime_keys.pl fails on filenames with spaces
-----------------------+----------------------------------------------------
 Reporter:  Y_Plentyn  |       Owner:  mutt-dev      
     Type:  defect     |      Status:  infoneeded_new
 Priority:  minor      |   Milestone:                
Component:  crypto     |     Version:                
 Keywords:             |  
-----------------------+----------------------------------------------------
Changes (by me):

  * status:  new => infoneeded_new


Old description:

> Forwarding from  http://bugs.debian.org/658324 :
>
> {{{
> Dear Maintainer,
>
> I recently needed to update by smime-keyring with a new version of my own
> certificate to a new one, and saved it to a file named
> "cacert kan...@ak-online.be renewed.p12".
>
> Unfortunately 'smime_keys add_p12 "cacert kan...@ak-online.be
> renewed.p12"'
> failed with the return code 256 from openssl and a dump of it's
> commandline
> options.
>
> I looked into smime_keys and found that the perl-script builds the
> command
> in line 156 directly from $ARGV[1]:
>
> >>>> snip <<<<
> 156:    my $cmd = "$opensslbin pkcs12 -in $ARGV[1] -out $pem_file";
> 157:        system $cmd and die "'$cmd' returned $?";
> >>>> snip <<<<
>
> The error-message also contained the exact commandline it tried to
> execute
> which was:
> >>>> snip <<<<
> '/usr/bin/openssl pkcs12 -in cacert kan...@ak-online.be renewed.p12 -out
> cacert kan...@ak-online.be renewed.p12.pem' returned 256 at
> /usr/bin/smime_keys line 157.
> >>>> snip <<<<
>
> As there were no quotation marks around the filename I tried it with a
> symlink to the same file, but without any space in the filename and it
> worked like a charm.
>
> I therefore think that there is some kind of escaping of $ARGV[1]
> neccesary
> to stop smime_keys from passing the spaces directly to the shell that
> executes openssl.
>
> Kind regards, Andre
> }}}

New description:

 Forwarding from  http://bugs.debian.org/658324 :

 {{{
 Dear Maintainer,

 I recently needed to update by smime-keyring with a new version of my own
 certificate to a new one, and saved it to a file named
 "cacert kan...@ak-online.be renewed.p12".

 Unfortunately 'smime_keys add_p12 "cacert kan...@ak-online.be
 renewed.p12"'
 failed with the return code 256 from openssl and a dump of it's
 commandline
 options.

 I looked into smime_keys and found that the perl-script builds the command
 in line 156 directly from $ARGV[1]:

 >>>> snip <<<<
 156:    my $cmd = "$opensslbin pkcs12 -in $ARGV[1] -out $pem_file";
 157:        system $cmd and die "'$cmd' returned $?";
 >>>> snip <<<<

 The error-message also contained the exact commandline it tried to execute
 which was:
 >>>> snip <<<<
 '/usr/bin/openssl pkcs12 -in cacert kan...@ak-online.be renewed.p12 -out
 cacert kan...@ak-online.be renewed.p12.pem' returned 256 at
 /usr/bin/smime_keys line 157.
 >>>> snip <<<<

 As there were no quotation marks around the filename I tried it with a
 symlink to the same file, but without any space in the filename and it
 worked like a charm.

 I therefore think that there is some kind of escaping of $ARGV[1]
 neccesary
 to stop smime_keys from passing the spaces directly to the shell that
 executes openssl.

 Kind regards, Andre
 }}}

--

Comment:

 I've attached a patch which I believe will solve this issue.

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/3575#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Reply via email to