aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2021-02-24 21:50:11 +0100
committerGuilhem Moulin <guilhem@fripost.org>2021-02-24 21:56:10 +0100
commit491998131f18d136ca37f15898d07062ad7a1fae (patch)
treee0f035583e5d17101cbe0ad5ea7859595418c273
parentea5a51ecaa72c8277b4f878cf3635025d757fa37 (diff)
lacme: improve install_cert()'s handling of temporary files.
-rwxr-xr-xlacme17
1 files changed, 8 insertions, 9 deletions
diff --git a/lacme b/lacme
index b52cddd..102deb6 100755
--- a/lacme
+++ b/lacme
@@ -660,12 +660,10 @@ sub spawn($@) {
#
sub install_cert(%) {
my %args = @_;
- my $filename = $args{path} // die;
+ my $path = $args{path} // die;
- my ($dirname, $basename) =
- $filename =~ /\A(.*)\/([^\/]+)\z/ ? ($1, $2) : ('.', $filename);
- my $fh = File::Temp::->new(UNLINK => 0, DIR => $dirname,
- TEMPLATE => "$basename.XXXXXX") // die;
+ my $fh = File::Temp::->new(TEMPLATE => "$path.XXXXXXXXXX", UNLINK => 0) // die;
+ my $path_tmp = $fh->filename();
eval {
if ($args{nochain}) {
@@ -707,13 +705,14 @@ sub install_cert(%) {
$fh->close() or die "close: $!";
};
- my $path = $fh->filename();
if ($@) {
- print STDERR "Unlinking $path\n" if $OPTS{debug};
- unlink $path or warn "unlink($path): $!";
+ print STDERR "Unlinking $path_tmp\n" if $OPTS{debug};
+ unlink $path_tmp or warn "unlink($path_tmp): $!";
die $@;
+ } else {
+ # atomically replace $path if it exists
+ rename($path_tmp, $path) or die "rename($path_tmp, $path): $!";
}
- rename($path, $filename) or die "rename($path, $filename): $!";
}