From 95d08621244647414245e9169ac6474127e02178 Mon Sep 17 00:00:00 2001
From: kevans <kevans@FreeBSD.org>
Date: Mon, 18 May 2020 01:35:44 +0000
Subject: [PATCH] certctl: don't fall over flat with relative DESTDIR

Up until now, all of our DESTDIR use has been with absolute paths. It turned
out that the cd in/out dance we do here breaks us down later on, as the
relative path no longer resolves.

Convert EXTENSIONS to an ERE that we'll use to grep ls -1 of the dir we're
inspecting, rather than cd'ing into it and globbing it up.

MFC after:	3 days
---
 usr.sbin/certctl/certctl.sh | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/usr.sbin/certctl/certctl.sh b/usr.sbin/certctl/certctl.sh
index ec7e601a47a..41d2cecf464 100755
--- a/usr.sbin/certctl/certctl.sh
+++ b/usr.sbin/certctl/certctl.sh
@@ -34,7 +34,7 @@
 : ${BLACKLISTPATH:=${DESTDIR}/usr/share/certs/blacklisted:${DESTDIR}/usr/local/etc/ssl/blacklisted}
 : ${CERTDESTDIR:=${DESTDIR}/etc/ssl/certs}
 : ${BLACKLISTDESTDIR:=${DESTDIR}/etc/ssl/blacklisted}
-: ${EXTENSIONS:="*.pem *.crt *.cer *.crl *.0"}
+: ${FILEPAT:="\.pem$|\.crt$|\.cer$|\.crl$|\.0$"}
 : ${VERBOSE:=0}
 
 ############################################################ GLOBALS
@@ -104,13 +104,11 @@ do_scan()
 	for CPATH in "$@"; do
 		[ -d "$CPATH" ] || continue
 		echo "Scanning $CPATH for certificates..."
-		cd "$CPATH"
-		for CFILE in $EXTENSIONS; do
-			[ -e "$CFILE" ] || continue
+		for CFILE in $(ls -1 "${CPATH}" | grep -Ee "${FILEPAT}"); do
+			[ -e "$CPATH/$CFILE" ] || continue
 			[ $VERBOSE -gt 0 ] && echo "Reading $CFILE"
 			"$CFUNC" "$CPATH/$CFILE"
 		done
-		cd -
 	done
 }
 
-- 
2.45.0