From cd3646ad6714774784e0e32055f25e194a7fa053 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Tue, 23 Nov 2021 15:21:26 +0100
Subject: [PATCH] shellcheck: Double quote to prevent globbing and word
splitting
This patch is needed to pass Automation Hub tests.
---
tests/ca-less/generate-certificates.sh | 62 +++++++++++++-------------
tests/user/users.sh | 30 +++++++------
tests/user/users_absent.sh | 20 ++++-----
3 files changed, 57 insertions(+), 55 deletions(-)
diff --git a/tests/ca-less/generate-certificates.sh b/tests/ca-less/generate-certificates.sh
index e96d323a..c366e87d 100755
--- a/tests/ca-less/generate-certificates.sh
+++ b/tests/ca-less/generate-certificates.sh
@@ -21,36 +21,36 @@ function generate_ipa_pkcs12_certificate {
# Generate CSR and private key
openssl req -new -newkey rsa:4096 -nodes \
-subj "/C=US/ST=Test/L=Testing/O=Default/CN=${ipa_fqdn}" \
- -keyout ${certs_dir}/private.key \
- -out ${certs_dir}/request.csr
+ -keyout "${certs_dir}/private.key" \
+ -out "${certs_dir}/request.csr"
# Sign CSR to generate PEM certificate
if [ -z "${extensions_file}" ]; then
openssl x509 -req -days 365 -sha256 \
-CAcreateserial \
- -CA ${root_ca_cert} \
- -CAkey ${root_ca_private_key} \
- -in ${certs_dir}/request.csr \
- -out ${certs_dir}/cert.pem
+ -CA "${root_ca_cert}" \
+ -CAkey "${root_ca_private_key}" \
+ -in "${certs_dir}/request.csr" \
+ -out "${certs_dir}/cert.pem"
else
openssl x509 -req -days 365 -sha256 \
-CAcreateserial \
- -CA ${ROOT_CA_DIR}/cert.pem \
- -CAkey ${ROOT_CA_DIR}/private.key \
- -extfile ${extensions_file} \
- -extensions ${extensions_name} \
- -in ${certs_dir}/request.csr \
- -out ${certs_dir}/cert.pem
+ -CA "${ROOT_CA_DIR}/cert.pem" \
+ -CAkey "${ROOT_CA_DIR}/private.key" \
+ -extfile "${extensions_file}" \
+ -extensions "${extensions_name}" \
+ -in "${certs_dir}/request.csr" \
+ -out "${certs_dir}/cert.pem"
fi
# Convert certificate to PKCS12 format
openssl pkcs12 -export \
- -name ${cert_name} \
- -certfile ${root_ca_cert} \
- -in ${certs_dir}/cert.pem \
- -inkey ${certs_dir}/private.key \
+ -name "${cert_name}" \
+ -certfile "${root_ca_cert}" \
+ -in "${certs_dir}/cert.pem" \
+ -inkey "${certs_dir}/private.key" \
-passout "pass:${PKCS12_PASSWORD}" \
- -out ${certs_dir}/cert.p12
+ -out "${certs_dir}/cert.p12"
}
# generate_ipa_pkcs12_certificates $ipa_fqdn $ipa_domain
@@ -73,27 +73,27 @@ function generate_ipa_pkcs12_certificates {
fi
# Generate certificates folder structure
- mkdir -p ${ROOT_CA_DIR}
- mkdir -p ${DIRSRV_CERTS_DIR}/$host
- mkdir -p ${HTTPD_CERTS_DIR}/$host
- mkdir -p ${PKINIT_CERTS_DIR}/$host
+ mkdir -p "${ROOT_CA_DIR}"
+ mkdir -p "${DIRSRV_CERTS_DIR}/$host"
+ mkdir -p "${HTTPD_CERTS_DIR}/$host"
+ mkdir -p "${PKINIT_CERTS_DIR}/$host"
# Generate root CA
if [ ! -f "${ROOT_CA_DIR}/private.key" ]; then
openssl genrsa \
- -out ${ROOT_CA_DIR}/private.key 4096
+ -out "${ROOT_CA_DIR}/private.key" 4096
openssl req -new -x509 -sha256 -nodes -days 3650 \
-subj "/C=US/ST=Test/L=Testing/O=Default" \
- -key ${ROOT_CA_DIR}/private.key \
- -out ${ROOT_CA_DIR}/cert.pem
+ -key "${ROOT_CA_DIR}/private.key" \
+ -out "${ROOT_CA_DIR}/cert.pem"
fi
# Generate a certificate for the Directory Server
if [ ! -f "${DIRSRV_CERTS_DIR}/$host/cert.pem" ]; then
generate_ipa_pkcs12_certificate \
"dirsrv-cert" \
- $host \
+ "$host" \
"${DIRSRV_CERTS_DIR}/$host" \
"${ROOT_CA_DIR}/cert.pem" \
"${ROOT_CA_DIR}/private.key"
@@ -103,7 +103,7 @@ function generate_ipa_pkcs12_certificates {
if [ ! -f "${HTTPD_CERTS_DIR}/$host/cert.pem" ]; then
generate_ipa_pkcs12_certificate \
"httpd-cert" \
- $host \
+ "$host" \
"${HTTPD_CERTS_DIR}/$host" \
"${ROOT_CA_DIR}/cert.pem" \
"${ROOT_CA_DIR}/private.key"
@@ -115,7 +115,7 @@ function generate_ipa_pkcs12_certificates {
generate_ipa_pkcs12_certificate \
"pkinit-cert" \
- $host \
+ "$host" \
"${PKINIT_CERTS_DIR}/$host" \
"${ROOT_CA_DIR}/cert.pem" \
"${ROOT_CA_DIR}/private.key" \
@@ -135,17 +135,17 @@ function delete_ipa_pkcs12_certificates {
exit 0;
fi
- rm -f certificates/*/$host/*
- rm -f ${ROOT_CA_DIR}/*
+ rm -f certificates/*/"$host"/*
+ rm -f "${ROOT_CA_DIR}"/*
}
# Entrypoint
case "$1" in
create)
- generate_ipa_pkcs12_certificates $2 $3
+ generate_ipa_pkcs12_certificates "$2" "$3"
;;
delete)
- delete_ipa_pkcs12_certificates $2
+ delete_ipa_pkcs12_certificates "$2"
;;
*)
echo $"Usage: $0 {create|delete}"
diff --git a/tests/user/users.sh b/tests/user/users.sh
index 52981c1e..da408d75 100644
--- a/tests/user/users.sh
+++ b/tests/user/users.sh
@@ -4,24 +4,26 @@ NUM=${1-1000}
FILE="users.json"
date=$(date --date='+2 years' "+%Y-%m-%d %H:%M:%S")
-echo "{" > $FILE
+echo "{" > "$FILE"
-echo " \"users\": [" >> $FILE
+echo " \"users\": [" >> "$FILE"
-for i in $(seq 1 $NUM); do
- echo " {" >> $FILE
- echo " \"name\": \"user$i\"," >> $FILE
- echo " \"first\": \"First $i\"," >> $FILE
- echo " \"last\": \"Last $i\"," >> $FILE
- echo " \"password\": \"user${i}PW\"," >> $FILE
- echo " \"passwordexpiration\": \"$date\"" >> $FILE
- if [ $i -lt $NUM ]; then
- echo " }," >> $FILE
+for i in $(seq 1 "$NUM"); do
+ {
+ echo " {"
+ echo " \"name\": \"user$i\","
+ echo " \"first\": \"First $i\","
+ echo " \"last\": \"Last $i\","
+ echo " \"password\": \"user${i}PW\","
+ echo " \"passwordexpiration\": \"$date\""
+ } >> "$FILE"
+ if [ "$i" -lt "$NUM" ]; then
+ echo " }," >> "$FILE"
else
- echo " }" >> $FILE
+ echo " }" >> "$FILE"
fi
done
-echo " ]" >> $FILE
+echo " ]" >> "$FILE"
-echo "}" >> $FILE
+echo "}" >> "$FILE"
diff --git a/tests/user/users_absent.sh b/tests/user/users_absent.sh
index 1ee89ada..f0179931 100644
--- a/tests/user/users_absent.sh
+++ b/tests/user/users_absent.sh
@@ -3,20 +3,20 @@
NUM=1000
FILE="users_absent.json"
-echo "{" > $FILE
+echo "{" > "$FILE"
-echo " \"users\": [" >> $FILE
+echo " \"users\": [" >> "$FILE"
-for i in $(seq 1 $NUM); do
- echo " {" >> $FILE
- echo " \"name\": \"user$i\"," >> $FILE
- if [ $i -lt $NUM ]; then
- echo " }," >> $FILE
+for i in $(seq 1 "$NUM"); do
+ echo " {" >> "$FILE"
+ echo " \"name\": \"user$i\"," >> "$FILE"
+ if [ "$i" -lt "$NUM" ]; then
+ echo " }," >> "$FILE"
else
- echo " }" >> $FILE
+ echo " }" >> "$FILE"
fi
done
-echo " ]" >> $FILE
+echo " ]" >> "$FILE"
-echo "}" >> $FILE
+echo "}" >> "$FILE"
--
GitLab