Bug 729 - unbound-control-setup script broken when creating certificate request
unbound-control-setup script broken when creating certificate request
Status: RESOLVED FIXED
Product: unbound
Classification: Unclassified
Component: server
1.5.7
x86_64 Linux
: P5 major
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-12-14 18:51 CET by Carsten Strotmann
Modified: 2016-01-04 15:08 CET (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Carsten Strotmann 2015-12-14 18:51:44 CET
Fedora Linux 23 x86_64
Unbound 1.5.7 compiled from source

# /opt/unbound/sbin/unbound-control-setup
setup in directory /opt/unbound/etc/unbound
generating unbound_server.key
Generating RSA private key, 3072 bit long modulus
.........................................++
....................++
e is 65537 (0x10001)
generating unbound_control.key
Generating RSA private key, 3072 bit long modulus
...++
..............++
e is 65537 (0x10001)
create unbound_server.pem (self signed certificate)
error on line 6 of request.cfg
140586051090296:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing equal sign:conf_def.c:345:line 6
/opt/unbound/sbin/unbound-control-setup fatal error: could not create unbound_server.pem

# more /opt/unbound/etc/unbound/request.cfg

[req]\n
default_bits=3072\n
default_md=sha256\n
prompt=no\n
distinguished_name=req_distinguished_name\n
\n
[req_distinguished_name]\n
commonName=unbound\n

more unbound-control-setup
[...]
# create self-signed cert for server
echo "[req]\n" > request.cfg
echo "default_bits=$BITS\n" >> request.cfg
echo "default_md=$HASH\n" >> request.cfg
echo "prompt=no\n" >> request.cfg
echo "distinguished_name=req_distinguished_name\n" >> request.cfg
echo "\n" >> request.cfg
echo "[req_distinguished_name]\n" >> request.cfg
echo "commonName=$SERVERNAME\n" >> request.cfg


looks like the posix shell /bin/sh does echo "\n" literally.

Removing all "\n" from "unbound-control-setup" fixed the issue for me.
Comment 1 Ralph Dolmans 2015-12-15 12:16:32 CET
Hi Carsten,

Thank you for reporting this bug! 

The use of escape sequences in echo strings is indeed not portable. Since all versions of echo should end the string with a newline by default, there is no need for the \n. I therefore removed those from the script.

Best regards,
Ralph Dolmans