[gnutls-devel] [feature request] certtool: Cleanup output file on error

Thibault Nélis tn at osimis.io
Thu Sep 29 14:01:58 CEST 2016


Hello,

Currently the output file (as specified with --outfile) is created no
matter what and left behind in case of an error.

$ file foo
foo: cannot open `foo' (No such file or directory)
$ certtool --generate-request --load-privkey=foo --outfile=bar
Generating a PKCS #10 certificate request...
reading --load-privkey: foo
$ echo $?
1
$ file bar
bar: empty
$ certtool --version=v
certtool 3.4.14
$ rpm --query gnutls-utils 
gnutls-utils-3.4.14-1.fc23.x86_64

These semantics are definitely OK, but I find they make it a little bit
cumbersome to use certtool in automated procedures that can't afford to
leave empty files around.

Would it be reasonable for --outfile to remove the file in case of an
error, or even avoid creating it (or just avoid linking it) in the
first place when it errors-out?

Side-request: Some diagnostic messages on stderr would be NTH as well.

Thank you for considering this.
-t
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20160929/2cdefdb5/attachment.sig>


More information about the Gnutls-devel mailing list