From 21871b5bd7293cb3aa81dafb8c876ee78e315725 Mon Sep 17 00:00:00 2001
From: Richard Soderberg <rsoderberg@gmail.com>
Date: Thu, 3 Sep 2015 06:25:15 -0700
Subject: [PATCH] fixes for "SC2046: Quote this to prevent word splitting." and
 "SC2086: Double quote to prevent globbing and word splitting."

In cipherscan line 13:
REALPATH=$(dirname $0)
                   ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 15:
readlink -f $0 &>/dev/null && REALPATH=$(dirname $(readlink -f $0))
            ^-- SC2086: Double quote to prevent globbing and word splitting.
                                                 ^-- SC2046: Quote this to prevent word splitting.
                                                               ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 46:
if [[ -e $(dirname $0)/openssl.cnf ]]; then
                   ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 47:
    export OPENSSL_CONF="$(dirname $0)/openssl.cnf"
           ^-- SC2155: Declare and assign separately to avoid masking return values.
                                   ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 60:
    CACERTS="$(dirname $0)/ca-bundle.crt"
                       ^-- SC2086: Double quote to prevent globbing and word splitting.
---
 cipherscan | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/cipherscan b/cipherscan
index a5109a1..8093918 100755
--- a/cipherscan
+++ b/cipherscan
@@ -10,9 +10,9 @@
 
 DOBENCHMARK=0
 BENCHMARKITER=30
-REALPATH=$(dirname $0)
+REALPATH=$(dirname "$0")
 # make sure this doesn't error out when readlink -f isn't available (OSX)
-readlink -f $0 &>/dev/null && REALPATH=$(dirname $(readlink -f $0))
+readlink -f "$0" &>/dev/null && REALPATH=$(dirname "$(readlink -f "$0")")
 OPENSSLBIN="${REALPATH}/openssl"
 if [[ "$(uname -s)" == "Darwin" ]]; then
     OPENSSLBIN="${REALPATH}/openssl-darwin64"
@@ -43,8 +43,8 @@ if [[ "$TIMEOUTOUTPUT" =~ BusyBox ]]; then
 fi
 
 # use custom config file to enable GOST ciphers
-if [[ -e $(dirname $0)/openssl.cnf ]]; then
-    export OPENSSL_CONF="$(dirname $0)/openssl.cnf"
+if [[ -e $(dirname "$0")/openssl.cnf ]]; then
+    export OPENSSL_CONF="$(dirname "$0")/openssl.cnf"
 fi
 
 # find a list of trusted CAs on the local system, or use the provided list
@@ -57,7 +57,7 @@ if [[ -z "$CACERTS" ]]; then
     done
 fi
 if [[ ! -e "$CACERTS" ]]; then
-    CACERTS="$(dirname $0)/ca-bundle.crt"
+    CACERTS="$(dirname "$0")/ca-bundle.crt"
 fi
 
 # RSA ciphers are put at the end to force Google servers to accept ECDSA ciphers