From ee799d8c75f7aaffaee97439c95fd98263eb1b38 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Fri, 22 May 2020 09:16:47 +0200
Subject: [PATCH] security/acme-client: fix #1844

---
 .../scripts/OPNsense/AcmeClient/certhelper.php        |  6 +++---
 .../scripts/OPNsense/AcmeClient/upload_sftp.php       | 11 ++++++-----
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
index e5a2657ff1..997b7fb3c2 100755
--- a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
+++ b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
@@ -1418,14 +1418,14 @@ function run_restart_actions($certlist, $modelObj)
                     if (empty((string)$action->configd)) {
                         log_error("AcmeClient: no configd command specified for automation: " . $action->name);
                         $result = '1';
-                        continue; // Continue with next action.
+                    } else {
+                        $response = $backend->configdRun((string)$action->configd);
                     }
-                    $response = $backend->configdRun((string)$action->configd);
                     break;
                 default:
                     log_error("AcmeClient: an invalid automation was specified: " . (string)$action->type);
                     $return = 1;
-                    continue; // Continue with next action.
+                    break;
             }
         }
     }
diff --git a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
index ede2859817..e7899a4364 100755
--- a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
+++ b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
@@ -296,16 +296,17 @@ function uploadCertificatesToHost(array $options): int
                 Utils::log()->error("Failed on " . json_encode($uploader->current(), JSON_UNESCAPED_SLASHES));
 
                 switch ($result) {
-                    case SftpUploader::UPLOAD_ERROR_CHGRP_FAILED:
-                    case SftpUploader::UPLOAD_ERROR_CHMOD_FAILED:
-                    case SftpUploader::UPLOAD_ERROR_NO_OVERWRITE:
-                        continue;
-
                     case SftpUploader::UPLOAD_ERROR_NO_PERMISSION:
                         return EXITCODE_ERROR_NO_PERMISSION;
 
                     case SftpUploader::UPLOAD_ERROR:
                         return EXITCODE_ERROR;
+
+                    case SftpUploader::UPLOAD_ERROR_CHGRP_FAILED:
+                    case SftpUploader::UPLOAD_ERROR_CHMOD_FAILED:
+                    case SftpUploader::UPLOAD_ERROR_NO_OVERWRITE:
+                    default:
+                        break;
                 }
             } else {
                 break;