From nobody Fri Aug 22 15:34:53 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4c7klL1VMwz64VTh; Fri, 22 Aug 2025 15:34:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4c7klK6r9Bz3Td1; Fri, 22 Aug 2025 15:34:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1755876894; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=O/IC9KwQ/k0x+jL9nd2ZA/iYQgBfyayupFACO1MePTA=; b=oE44jA12o1SWJy/JO4L35XKQLiF9cPfDFQ1rEGgEMMlcgfpKL3BoAWSS17WoJ5MCEOL6VV 4hkLVZG8uWSBDBrMF+KaUVglYNqhX9ltaa9Jiqg6hpVdXM0TJ87FeB6EIvT8RJMAL7YQf9 6GY1/C4B3OriuJzSO2yP7+BVf7c00/fUqNTUVm2KIxHwpvM1RbjaFD+FUd+MOuBARIJHMF Fujow8H8w7ufu3QLyFpqJxCzL3nE65gkg0OCQm9VFoDZXsu7B390SqwQFf5hqreIN1uBuV yaGrRLnob0vxga0j+b4m9hIhofcnD2xJDpZ5WtpyFg4kbXpRDRzdPW0upi9M3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1755876894; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=O/IC9KwQ/k0x+jL9nd2ZA/iYQgBfyayupFACO1MePTA=; b=FXp5TExoT6EHTMakukf3bdtdlCnC7JTGHsDf2EZpq/99u4ZP8hNgvKyOQWfCU0ipF6fKRo JrHCrJjtBR2L6stiG6noYH6hsRh9vWI3cYe5Fh/R9EyR3aXzVJBe80SX3y6vc4j86tSm5B 4ro7XEiYWdTdvCQInUsoESNDaTHVu8W4JTg/xTlC6jpLG3IEigiO1gac2xA4+f1rr5/AM7 5t4YTz+uSC8EQFVeufZ5h+WZ43ZukpfEEB494N2SOvYCljQ+AJqbH6VHwo+oy7/YGJ88tb caM1lbp72z5pUL7HE34BD2ihlu2k1JBgzx/0ZF7A+urIq8lunZ6V3mNFCQA2Yw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1755876894; a=rsa-sha256; cv=none; b=dwzljHcFvghA/T7oXWYp6M7zFNCv82k9+g0Ap1zDBdMrd5IhFUYLCAidV3/WvWin2171YX WVwXk7uPOYEwF9d/la+zzfm0qwMURuSDtrnV0ksrt5JLv/lXNssXgaTxcMCywsIR1T+BUR Q600i84U4TEzn98Y6EDoAdbs2WDuXAbwZZ2YWxvy+WIZgaj6zxt+A4FijNepmAX3bAJNq6 Zx8SUxT1WtGMzVItyOfnbo9s4lhIBstubL+IAgjdnQuNgbf8wrLVjSW+D4MaXlOud/hDk7 FYMLUefxbb4hGO60i9WF1zKNrURH7sK2N/ekwr7qNJnJ/zDW9UUSQqt17SswIw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4c7klK6Ph6zs6t; Fri, 22 Aug 2025 15:34:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 57MFYroZ029096; Fri, 22 Aug 2025 15:34:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 57MFYrdq029093; Fri, 22 Aug 2025 15:34:53 GMT (envelope-from git) Date: Fri, 22 Aug 2025 15:34:53 GMT Message-Id: <202508221534.57MFYrdq029093@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: 03221b189a48 - main - certctl: Create output directories List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 03221b189a48a509c1bc9adb8331638ae3eac065 Auto-Submitted: auto-generated The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=03221b189a48a509c1bc9adb8331638ae3eac065 commit 03221b189a48a509c1bc9adb8331638ae3eac065 Author: Dag-Erling Smørgrav AuthorDate: 2025-08-22 15:33:45 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2025-08-22 15:33:45 +0000 certctl: Create output directories In a pkgbase world, we cannot assume that these directories exist; we must create them ourselves. Fixes: c340ef28fd38 ("certctl: Reimplement in C") Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D52121 --- usr.sbin/certctl/certctl.c | 32 ++++++++++++++++++++++++++++---- usr.sbin/certctl/tests/certctl_test.sh | 6 +++--- 2 files changed, 31 insertions(+), 7 deletions(-) diff --git a/usr.sbin/certctl/certctl.c b/usr.sbin/certctl/certctl.c index ed7f05126ca7..3601f6929fc4 100644 --- a/usr.sbin/certctl/certctl.c +++ b/usr.sbin/certctl/certctl.c @@ -100,6 +100,28 @@ static char *bundle_dest; static FILE *mlf; +/* + * Create a directory and its parents as needed. + */ +static void +mkdirp(const char *dir) +{ + struct stat sb; + const char *sep; + char *parent; + + if (stat(dir, &sb) == 0) + return; + if ((sep = strrchr(dir, '/')) != NULL) { + parent = xasprintf("%.*s", (int)(sep - dir), dir); + mkdirp(parent); + free(parent); + } + info("creating %s", dir); + if (mkdir(dir, 0755) != 0) + err(1, "mkdir %s", dir); +} + /* * Remove duplicate and trailing slashes from a path. */ @@ -685,7 +707,7 @@ save_trusted(void) { int ret; - /* save untrusted certs */ + mkdirp(trusted_dest); ret = write_certs(trusted_dest, &trusted); return (ret); } @@ -700,6 +722,7 @@ save_untrusted(void) { int ret; + mkdirp(untrusted_dest); ret = write_certs(untrusted_dest, &untrusted); return (ret); } @@ -721,6 +744,7 @@ save_bundle(void) } else { dir = xasprintf("%.*s", (int)(sep - bundle_dest), bundle_dest); file = sep + 1; + mkdirp(dir); } ret = write_bundle(dir, file, &trusted); free(dir); @@ -995,17 +1019,17 @@ set_defaults(void) if ((value = getenv("TRUSTDESTDIR")) != NULL || (value = getenv("CERTDESTDIR")) != NULL) - trusted_dest = xstrdup(value); + trusted_dest = normalize_path(value); else trusted_dest = expand_path(TRUSTED_PATH); if ((value = getenv("UNTRUSTDESTDIR")) != NULL) - untrusted_dest = xstrdup(value); + untrusted_dest = normalize_path(value); else untrusted_dest = expand_path(UNTRUSTED_PATH); if ((value = getenv("BUNDLE")) != NULL) - bundle_dest = xstrdup(value); + bundle_dest = normalize_path(value); else bundle_dest = expand_path(BUNDLE_PATH); diff --git a/usr.sbin/certctl/tests/certctl_test.sh b/usr.sbin/certctl/tests/certctl_test.sh index f60bac6ffbb3..74749db0b3f5 100644 --- a/usr.sbin/certctl/tests/certctl_test.sh +++ b/usr.sbin/certctl/tests/certctl_test.sh @@ -76,9 +76,9 @@ certctl_setup() mkdir -p ${DESTDIR}${DISTBASE}/usr/share/certs/untrusted mkdir -p ${DESTDIR}/usr/local/share/certs - # Create output directories - mkdir -p ${DESTDIR}${DISTBASE}/etc/ssl/certs - mkdir -p ${DESTDIR}${DISTBASE}/etc/ssl/untrusted + # Do not create output directories; certctl will take care of it + #mkdir -p ${DESTDIR}${DISTBASE}/etc/ssl/certs + #mkdir -p ${DESTDIR}${DISTBASE}/etc/ssl/untrusted # Generate a random key keyname="testkey"