LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 02-10-2011, 09:48 AM   #1
ulyx
LQ Newbie
 
Registered: Nov 2010
Location: Hamburg, Germany
Distribution: Slackware
Posts: 6

Rep: Reputation: 2
file-5.05 breaking certwatch on current


Hello,

since slackware-current updates on feb 02, i found the certwatch cronjob failing with

unable to load certificate
3210:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1315:
3210:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:379:Type=X509
date: invalid date `+%s'

on two machines running current. Digging a bit deeper I found that the instruction in certwatch
Code:
if [ $? -eq 0 -o "$(file "$certfile" | grep ASCII)" == "" ]; then
    inform=DER
fi
leads to the wrong file input format (DER instead of PEM) and the error message above. Changing the certwatch instruction to

Code:
if [ $? -eq 0 -o "$(file "$certfile" | grep PEM)" == "" ]; then
    inform=DER
fi
makes the script working again. I also mailed this to Jan Rafaj (the certwatch author).

regards - uli
 
Old 02-10-2011, 01:37 PM   #2
ulyx
LQ Newbie
 
Registered: Nov 2010
Location: Hamburg, Germany
Distribution: Slackware
Posts: 6

Original Poster
Rep: Reputation: 2
Thumbs up

Hello everyone,

Jan Rafaj answered with a simple patch (needless to say the preferred solution) for certwatch, covering file-5.05 and older versions:

Code:
diff --git a/certwatch b/certwatch
index ac8d834..8fef150 100755
--- a/certwatch
+++ b/certwatch
@@ -93,7 +93,7 @@ find $CERTDIR -type f -maxdepth 1 | while read certfile ; do
     continue
   fi
   echo "$certfile" | grep -q -i '\.der$'
-  if [ $? -eq 0 -o "$(file "$certfile" | grep ASCII)" == "" ]; then
+  if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then
     inform=DER
   fi
   # We wont use '-checkend' since it is not properly documented (as of
Jan has sent it cc: to volkerdi. Thanks to Jan!

regards - uli
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SELinux is preventing certwatch (certwatch_t) "write" to ./cache CZTY Linux - Software 3 09-12-2009 02:57 AM
using sed to insert line into file and overwrite the current file jadeddog Programming 3 06-11-2009 08:14 PM
Breaking avi file into 3 via the commandline? Maverick1182 Linux - Newbie 12 11-09-2007 04:27 AM
Current timestamp by reading a file ruj.sabya Linux - General 2 04-17-2007 08:36 AM
Breaking up a file into blocks otnaicus Programming 9 05-20-2004 12:13 AM


All times are GMT -5. The time now is 10:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration