From d3ecbaf20b67bc0b7fb906da66317a55cde78a0c Mon Sep 17 00:00:00 2001
From: toby <toby@wit.com>
Date: Fri, 29 Mar 2019 19:57:08 +0000
Subject: [PATCH] fixing ipsec cert generation section in postscript

---
 debian/wit-network-config.postinst | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/debian/wit-network-config.postinst b/debian/wit-network-config.postinst
index 8f69c75..94573ed 100755
--- a/debian/wit-network-config.postinst
+++ b/debian/wit-network-config.postinst
@@ -29,12 +29,12 @@ case "$1" in
         IPSECCONFIG="etc/ipsec.conf.wit"
         IPSECSECRETS="etc/ipsec.secrets"
         SYSCTLTWEAKS="etc/sysctl.d/10-frr.conf"
-        CAPATH=/etc/ipsec.d
+        CAPATH="/etc/ipsec.d"
         CACURLURL="http://bastion"
 
      ## START gather all the info from the box and generate the variabels
-        HOSTNAME=$(hostname)
-        DOMAINNAME=$(hostname -d)
+        HOSTNAME="$(hostname)"
+        DOMAINNAME="$(hostname -d)"
 
 
         dig_txt() {
@@ -389,10 +389,10 @@ case "$1" in
         if [ ! -e $KEYFILE ]; then
 
             pki --gen --type rsa --size 2048 --outform pem >${KEYFILE}
-            pki --req --in ${KEYFILE} --type rsa --digest sha512 --dn "C=US, O=Wit, CN=${CN}" --san "${CN}" --outform pem | curl --fail  -T - ${CURLURL}/reqs/${REQFILE##*/}
+            pki --req --in ${KEYFILE} --type rsa --digest sha512 --dn "C=US, O=Wit, CN=${HOSTNAME}" --san "${HOSTNAME}" --outform pem | curl --fail  -T - ${CACURLURL}/reqs/${REQFILE##*/}
 
-            curl --fail -so  ${CAFILE}   ${CURLURL}/cacerts/${CAFILE##*/}
-            curl --fail -so  ${CRLFILE}  ${CURLURL}/crls/${CRLFILE##*/}
+            curl --fail -so  ${CAFILE}   ${CACURLURL}/cacerts/${CAFILE##*/}
+            curl --fail -so  ${CRLFILE}  ${CACURLURL}/crls/${CRLFILE##*/}
 
 
             cat <<-EOF >/etc/cron.d/wit-net-config-pull-signed-cert