From f9869b1d796c3f69a929c769ffa6ecd9cdeb1d51 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Thu, 24 Feb 2022 12:45:30 +0100
Subject: [PATCH] ghostwheel42's suggestions

---
 core/nginx/config.py | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/core/nginx/config.py b/core/nginx/config.py
index d9cfe6a5..77cb3dcd 100755
--- a/core/nginx/config.py
+++ b/core/nginx/config.py
@@ -38,17 +38,13 @@ def format_for_nginx(fullchain, output):
     """ We may want to strip ISRG Root X1 out """
     if not os.path.exists(fullchain):
         return
-    certs = []
+    split = '-----END CERTIFICATE-----\n'
     with open(fullchain, 'r') as pem:
-        cert = ''
-        for line in pem:
-            cert += line
-            if '-----END CERTIFICATE-----' in line:
-                certs += [cert]
-                cert = ''
+        certs = [f'{cert}{split}' for cert in pem.read().split(split) if cert]
+    if len(certs)>2 and os.getenv('LETSENCRYPT_SHORTCHAIN'):
+        del certs[-1]
     with open(output, 'w') as pem:
-        for cert in certs[:-1] if len(certs)>2 and os.getenv('LETSENCRYPT_SHORTCHAIN', default="False") else certs:
-            pem.write(cert)
+        pem.write(''.join(certs))
 
 if args['TLS_FLAVOR'] in ['letsencrypt', 'mail-letsencrypt']:
     format_for_nginx('/certs/letsencrypt/live/mailu/fullchain.pem', '/certs/letsencrypt/live/mailu/nginx-chain.pem')