[email protected]:
>
> I've run into a problem with one of the postfix tls scripts.
>
> Attempting to deploy server certificates with
> # postfix tls deploy-server-cert certificate.crt keyfile.key
>
> Expected to deploy new certificates
>
> What happened - command fails with
> /usr/lib/postfix/sbin/postfix-tls-script: 780: shift: can't shift
> that many
>
>
>
> Reproducing this doesn't need a lot of pre-setup:
> # apt install postfix ssl-cert
> # postfix tls deploy-server-cert /etc/ssl/certs/ssl-cert-snakeoil.pem
> /etc/ssl/private/ssl-cert-snakeoil.key
> /usr/lib/postfix/sbin/postfix-tls-script: 780: shift: can't shift that
> many
Below is a patch. I find that the handling of this differ a lot
among shell implementations, from terminating to ignoring.
Wietse
diff -ur /var/tmp/postfix-3.6-20200523/conf/postfix-tls-script
conf/postfix-tls-script
--- /var/tmp/postfix-3.6-20200523/conf/postfix-tls-script 2017-02-18
20:58:20.000000000 -0500
+++ conf/postfix-tls-script 2020-05-30 10:37:04.000000000 -0400
@@ -777,7 +777,7 @@
deploy_server_cert() {
certfile=$1; shift
keyfile=$1; shift
- deploy=$1; shift
+ case $# in 0) deploy=;; *) deploy=$1; shift;; esac
# Sets key_algo, key_param and cert_param
check_key "$keyfile" || return 1
