Bug#777259: ssl-cert: make-ssl-cert breaks if FQDN is invalid

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#777259: ssl-cert: make-ssl-cert breaks if FQDN is invalid
From: Klee Dienes <klee@mit.edu>
Date: Fri, 06 Feb 2015 21:55:44 -0500
Message-id: <[🔎] 20150207025544.10584.62154.reportbug@router.dienesfamily.org>
Reply-to: Klee Dienes <klee@mit.edu>, 777259@bugs.debian.org

Package: ssl-cert
Version: 1.0.35
Severity: normal
Tags: d-i

During a recent install, I ended up with a \ at the end of my FQDN in /etc/hosts.

This caused make-ssl-cert to bomb out in create_temporary_cnf() due to
the sed command having bad quoting.  It wasn't overly easy to track
down the problem due to the rather unhelpful error message.

I claim there are three bugs here:

1) The installer should not have allowed me to store an invalid FQDN

2) The 'hostname' command should generate a helpful error message
rather than return an invalid FQDN.

3) The make-ssl-cert command should verify the hostname before passing
it to sed (to handle the case where 'hostname' doesn't do the right
thing per 2) above.

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ssl-cert depends on:
ii  adduser                3.113+nmu3
ii  debconf [debconf-2.0]  1.5.55
ii  openssl                1.0.1k-1

ssl-cert recommends no packages.

Versions of packages ssl-cert suggests:
ii  openssl-blacklist  0.5-3

-- debconf information excluded

Reply to:

Prev by Date: International Business Forum “SUBF 2015”
Next by Date: Bug#777546: Please don't grant localhost unconditional access to mod_status
Previous by thread: International Business Forum “SUBF 2015”
Next by thread: Bug#777546: Please don't grant localhost unconditional access to mod_status
Index(es):
- Date
- Thread