Skip to content

Fix tls.create_csr log message path concatenation (#60877)#68835

Open
kimimgo wants to merge 1 commit intosaltstack:masterfrom
kimimgo:fix/tls-csr-path-60877
Open

Fix tls.create_csr log message path concatenation (#60877)#68835
kimimgo wants to merge 1 commit intosaltstack:masterfrom
kimimgo:fix/tls-csr-path-60877

Conversation

@kimimgo
Copy link
Copy Markdown

@kimimgo kimimgo commented Mar 20, 2026

Fixes #60877

Summary

tls.create_csr uses f-string concatenation for csr_path in the
return message without ensuring a path separator. When csr_path
lacks a trailing slash, the filename merges with the directory name:

Before: Created Private Key: "/etc/ssl/MYCA/certsMY.HOSTNAME.key"
After:  Created Private Key: "/etc/ssl/MYCA/certs/MY.HOSTNAME.key"

Fix

Replace f"{csr_path}{csr_filename}" with
os.path.join(csr_path, csr_filename) in the return message (lines
1256-1257). os is already imported.

@kimimgo
Fix tls.create_csr log message path concatenation (saltstack#60877)
1ee862c 
Use os.path.join() instead of f-string concatenation for csr_path
in return message to avoid missing separator when csr_path lacks
a trailing slash.

Before: 'Created Private Key: "/etc/ssl/MYCA/certsMY.HOSTNAME.key"'
After:  'Created Private Key: "/etc/ssl/MYCA/certs/MY.HOSTNAME.key"'
@kimimgo kimimgo requested a review from a team as a code owner March 20, 2026 09:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] tls.create_csr doesn't check csr_path has a trailing slash before concatenating it

1 participant

@kimimgo