Fixes

CHANGELOG

 CHANGELOG
 ---------
 
+2020-04-18
+  sympl-mail
+    * Fixed sympl-mail-dovecot-sni issue with filesystem loops (#281)
+
 2020-04-15
   sympl-core
     * Added --verbose switch to sympl-filesystem-security

mail/debian/changelog

+sympl-mail (9.0.200418.0) stable; urgency=medium
+
+  * Fixed sympl-mail-dovecot-sni issue with filesystem loops (#281)
+
+ -- Paul Cammish <sympl@kelduum.net>  Sat, 18 Apr 2019 10:59:18 +0100
+
 sympl-mail (9.0.191227.0) stable; urgency=medium
 
   * Improved PCI compliance by disabling TLSv1.0

mail/sbin/sympl-mail-dovecot-sni

@@ -2,8 +2,8 @@
 
 set -e
 
-if [ "$( find -L /srv -mindepth 5 -maxdepth 5 -name 'ssl.crt' -path '*/config/ssl/current/*' -print | wc -l )" == "0" ]; then
-  # No certs avaialable, so check if /etc/dovecot/sympl.d/10-main/60-sni exists
+if [ $( find -L /srv/*/config/ssl/current/ -maxdepth 1 -mindepth 1 -name 'ssl.crt' -print | wc -l ) -eq 0 ]; then
+  # No certs available, so check if /etc/dovecot/sympl.d/10-main/60-sni exists
   if [ -f /etc/dovecot/sympl.d/10-main/60-sni ]; then
     # it exists, so remove it
     rm /etc/dovecot/sympl.d/10-main/60-sni
@@ -21,7 +21,7 @@ if [ "$( find -L /srv -mindepth 5 -maxdepth 5 -name 'ssl.crt' -path '*/config/ss
   fi
 fi
 
-for certificate in $( find -L /srv -mindepth 5 -maxdepth 5 -name 'ssl.crt' -path '*/config/ssl/current/*' -print ); do
+for certificate in $( find -L /srv/*/config/ssl/current/ -maxdepth 1 -mindepth 1 -name 'ssl.crt' -print); do
   certpath="$( echo $certificate | sed 's|/config/ssl/current/.*$|/config/ssl/current|' )"
   # Ensure there is a matching key file, and the path doesnt include an underscore
   if [ -f "${certpath}/ssl.key" ] && [ -f "${certpath}/ssl.combined" ] && [ "$certpath" != "*_*" ] ; then
@@ -67,4 +67,4 @@ fi
 
 if [ -f /dev/shm/sympl-mail-dovecot-sni.data ]; then rm /dev/shm/sympl-mail-dovecot-sni.data; fi
 
-exit 0
\ No newline at end of file
+exit 0