certmonger

#58 CA identifier not passed to scep-submit helper from 'getcert add-scep-ca'
Closed: fixed by rcritten. Opened by lexushko.

Closed: fixed
Reopen Issue

CA id not passed to scep-submit helper with option -i in 'getcert add-scep-ca' operation:

  getcert add-scep-ca -i Test -c exampleSCEPca \
    -u http://ca.example.com/cgi-bin/pkiclient.exe

But successfully passed as helpers argument with option -e in 'getcert add-ca':

  getcert add-ca -c exampleSCEPca -e \
    "/usr/libexec/certmonger/scep-submit \
    -u http://ca.example.com/cgi-bin/pkiclient.exe -i Test"

As I understand it, this parameter (id) is not specified in the number of arguments, passed to the helper in function add_scep_ca():

diff -ru certmonger-0.78.4.orig/src/getcert.c certmonger-0.78.4/src/getcert.c
--- certmonger-0.78.4.orig/src/getcert.c        2015-08-04 20:34:13.000000000 +0300
+++ certmonger-0.78.4/src/getcert.c     2016-09-27 12:56:17.163783966 +0300
@@ -4356,7 +4356,7 @@
                return 1;
        }
        command = talloc_asprintf(globals.tctx,
-                                 "%s -u %s %s %s %s %s %s %s %s",
+                                 "%s -u %s %s %s %s %s %s %s %s %s %s",
                                  shell_escape(globals.tctx,
                                               CM_SCEP_HELPER_PATH),
                                  shell_escape(globals.tctx, url),
@@ -4364,6 +4364,8 @@
                                  root ? shell_escape(globals.tctx, root) : "",
                                  racert ? "-r" : "",
                                  racert ? shell_escape(globals.tctx, racert) : "",
+                                 id ? "-i" : "",
+                                 id ? shell_escape(globals.tctx, id) : "",
                                  certs ? "-I" : "",
                                  certs ? shell_escape(globals.tctx, certs) : "",
                                  prefer_non_renewal ? "-n" : "");

Test environment:

$ cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
$ uname -a
Linux ws05 3.10.0-327.22.2.el7.x86_64 #1 SMP Thu Jun 23 17:05:11 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
$ certmonger -v
certmonger 0.78.4

Sources are taken from the Centos repository.

Metadata Update from @lexushko:
- Issue set to the milestone: 0.0 NEEDS_TRIAGE

Metadata Update from @rcritten:
- Issue assigned to rcritten

Metadata Update from @rcritten:
- Issue close_status updated to: None
- Issue set to the milestone: 0.79 (was: 0.0 NEEDS_TRIAGE)

Sorry for the delay. The change looks ok to me.

https://pagure.io/certmonger/pull-request/129

c10e0f6f318e7b52efc3a122e3f7ba9818206caf

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
Metadata
None
None
None
Normal
defect
certmonger
None
Static archive. pagure.io was sunset in 2026; this is a read-only snapshot.
Red Hat Logo

Fedora is sponsored by Red Hat. Learn more about the relationship between Red Hat and Fedora »

© Red Hat, Inc. and others.