This avoids breaking with shell special characters. OK for the simple
fix? Or is there a safer way to feed in the password?
I also noticed that ikeca.cnf doesn't get installed (the distribution:
target in ikectl/Makefile is commented out), is there a reason for
that?
Index: ikeca.c
===================================================================
RCS file: /cvs/src/usr.sbin/ikectl/ikeca.c,v
retrieving revision 1.30
diff -u -p -r1.30 ikeca.c
--- ikeca.c 16 Jan 2015 06:40:17 -0000 1.30
+++ ikeca.c 23 Jul 2015 15:57:57 -0000
@@ -774,7 +774,7 @@ ca_revoke(struct ca *ca, char *keyname)
if (keyname) {
snprintf(cmd, sizeof(cmd), "env CADB='%s/index.txt' "
" %s ca %s-config %s -keyfile %s/private/ca.key"
- " -key %s"
+ " -key '%s'"
" -cert %s/ca.crt"
" -md sha1"
" -revoke %s/%s.crt",
@@ -785,7 +785,7 @@ ca_revoke(struct ca *ca, char *keyname)
snprintf(cmd, sizeof(cmd), "env CADB='%s/index.txt' "
" %s ca %s-config %s -keyfile %s/private/ca.key"
- " -key %s"
+ " -key '%s'"
" -gencrl"
" -cert %s/ca.crt"
" -md sha1"
