From 31080e817d0a88e48e4b9e49f5bfe93ef281ef95 Mon Sep 17 00:00:00 2001
From: Dennis Camera <dennis.camera@ssrq-sds-fds.ch>
Date: Thu, 25 Mar 2021 14:27:32 +0100
Subject: [type/__dtnrch_getssl_cert] Quote domains (fix for wildcard
 certificates)

---
 type/__dtnrch_getssl_cert/gencode-remote | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/type/__dtnrch_getssl_cert/gencode-remote b/type/__dtnrch_getssl_cert/gencode-remote
index 3980b3f..d1326b2 100755
--- a/type/__dtnrch_getssl_cert/gencode-remote
+++ b/type/__dtnrch_getssl_cert/gencode-remote
@@ -33,7 +33,8 @@ test "${state_should}" != 'absent' || exit 0  # removed in manifest
 # Create getssl.cfg
 
 test -s "${__object:?}/explorer/cfg-values" || {
-	printf 'getssl -w %s -c %s\n' "$(quote "${CONF_DIR}")" "${domain}"
+	# NOTE: ${domain} needs to be quoted, because of wildcard certificates.
+	printf 'getssl -w %s -c %s\n' "$(quote "${CONF_DIR}")" "$(quote "${domain}")"
 }
 
 
@@ -186,6 +187,7 @@ cfg_values_should=$(
 
 if ! printf '%s\n' "${cfg_values_should}" | cmp -s "${__object:?}/explorer/cfg-values" -
 then
+	# NOTE: ${domain} needs to be quoted, because of wildcard certificates.
 	cat <<CODE
 post_update() {
 	if ! cmp -s $(quote "${getssl_cfg}") $(quote "${getssl_cfg}.tmp")
@@ -194,7 +196,7 @@ post_update() {
 		cat $(quote "${getssl_cfg}.tmp") >$(quote "${getssl_cfg}")
 		rm -f $(quote "${getssl_cfg}.tmp")
 
-		getssl ${__object_id:?}
+		getssl $(quote "${domain}")
 	else
 		rm -f $(quote "${getssl_cfg}.tmp")
 	fi
-- 
cgit v1.2.3