From 79fd808fbd5f95cd7d8804a58f0b5ee2c0ab9edd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Barto=C5=A1?= <bartos@cesnet.cz>
Date: Fri, 26 Nov 2021 11:51:53 +0100
Subject: [PATCH] warden_apply.sh: avoid local cert filename to be interpreted
 as a "nickname"

---
 warden_ra/warden_apply.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/warden_ra/warden_apply.sh b/warden_ra/warden_apply.sh
index 18024c6..2d8cafa 100644
--- a/warden_ra/warden_apply.sh
+++ b/warden_ra/warden_apply.sh
@@ -41,6 +41,10 @@ openssl req -new -nodes -batch -keyout "$key" -out "$csr" -config "$config" || f
 if [ -z "$inkey" ]; then
     curl --progress-bar $cacert --request POST --data-binary '@-' "$url?name=$client&password=$password" < "$csr" > "$result"
 else
+    # local cert file name may be interpreted as a "nickname", add "./" to force interpretation as a file
+    if [[ ! "$incert" =~ "/" ]]; then
+        incert="./$incert"
+    fi
     curl --progress-bar $cacert --request POST --data-binary '@-' --cert "$incert" --key "$inkey" "$url?name=$client" < "$csr" > "$result"
 fi
 
-- 
GitLab