From 3886d28224c32df9e68a28d0e076be03f458673b Mon Sep 17 00:00:00 2001
From: Alex Bramley <a.bramley@gmail.com>
Date: Sat, 13 Mar 2010 15:13:52 +0000
Subject: [PATCH] 2 bug fixes for ca-functions -- make CA_NAME unconfigurable
 and fix templating.

---
 ca-scripts.conf  | 7 ++-----
 lib/ca-functions | 6 ++++--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/ca-scripts.conf b/ca-scripts.conf
index f296e1a..afe9b1b 100644
--- a/ca-scripts.conf
+++ b/ca-scripts.conf
@@ -1,18 +1,15 @@
 # example ca-scripts configuration file
+# see ca-scripts.conf(5) for details
 
 # REQUIRED: CA_HOME provides the path to the root of the CA directory tree
 #           this directory must exist and be writeable
-#CA_HOME="/etc/ssl/ca"
+#CA_HOME="/etc/ssl/ca-scripts"
 CA_HOME="/tmp/ca"
 
 # REQUIRED: CA_DOMAIN provides a template for other optional variables and
 #           the filenames that are generated within the directory tree
 CA_DOMAIN="example.com"
 
-# OPTIONAL: CA_NAME is the internal templating variable for filenames etc
-# Defaults to:
-# CA_NAME="$( echo $CA_DOMAIN | tr 'A-Z' 'a-z' | tr -c '-a-z0-9' '_' )"
-
 # REQUIRED: CA_DN_* configures the Distinguished Name fields present in the
 #           CA certificate generated by ca-init
 CA_DN_C="GB"
diff --git a/lib/ca-functions b/lib/ca-functions
index 85dfb05..16616b3 100644
--- a/lib/ca-functions
+++ b/lib/ca-functions
@@ -94,7 +94,8 @@ __TESTS__
 
     # we need to do these first to use them in other default defs
     # NOTE: bash's here-string syntax appends \n which tr turns to _ :(
-    ca_set_default CA_NAME  "$( echo -n "$CA_DOMAIN" | tr -c '[:alnum:]@-' _ )"
+    # CA_NAME is NOT configurable, due to the breakage this could cause.
+    CA_NAME="$( echo -n "$CA_DOMAIN" | tr -c '[:alnum:]@-' _ )"
     ca_set_default CA_EMAIL "ca@$CA_DOMAIN"
 
     while read varname vardef; do
@@ -121,8 +122,9 @@ __DEFAULTS__
 ca_sed_cmd() {
     # MD5 in CA_CR[TL]_MD5_FP has a non alphabetic character :(
     # XXX: pretty sure this is a dirty and wrong way of templating vars
+    #      but we can hope that there's no ascii 001 in the values...
     set | awk -F\= '/^CA_[A-Z5_]*=/{print $1}' | while read ca_var; do
-        echo "s#%$ca_var%#${!ca_var}#;"
+        echo -e "s\001%$ca_var%\001${!ca_var}\001g;"
     done
 }