From c214e98535f592c67ad979658bd2d62fb0b3fa8f Mon Sep 17 00:00:00 2001
From: Tomasz Stanczak <tomasz@rtsoftware.com>
Date: Sat, 8 Feb 2025 10:46:27 +0100
Subject: [PATCH] Checking file existence using 'if' replaced with shell option
 'nullglob' to prevent the following 'for' loop from being entered even when
 no matching files are present.

---
 tools/ssl_cleanup | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/tools/ssl_cleanup b/tools/ssl_cleanup
index 4df4f93f..202084bc 100755
--- a/tools/ssl_cleanup
+++ b/tools/ssl_cleanup
@@ -3,17 +3,16 @@
 
 source /etc/mailinabox.conf
 shopt -s extglob
+shopt -s nullglob
 
-if ls "$STORAGE_ROOT/ssl/"*-+([0-9])-+([0-9a-f]).pem &>/dev/null; then
-  retain_after="$(date --date="7 days ago" +%Y%m%d)"
+retain_after="$(date --date="7 days ago" +%Y%m%d)"
 
-  mkdir -p $STORAGE_ROOT/ssl.expired
-  for file in $STORAGE_ROOT/ssl/*-+([0-9])-+([0-9a-f]).pem; do
-    pem="$(basename "$file")"
-    not_valid_after="$(cut -d- -f1 <<< "${pem: -21}")"
+mkdir -p $STORAGE_ROOT/ssl.expired
+for file in $STORAGE_ROOT/ssl/*-+([0-9])-+([0-9a-f]).pem; do
+  pem="$(basename "$file")"
+  not_valid_after="$(cut -d- -f1 <<< "${pem: -21}")"
 
-    if [ "$not_valid_after" -lt "$retain_after" ]; then
-      mv "$file" "$STORAGE_ROOT/ssl.expired/${pem}"
-    fi
-  done
-fi
+  if [ "$not_valid_after" -lt "$retain_after" ]; then
+    mv "$file" "$STORAGE_ROOT/ssl.expired/${pem}"
+  fi
+done