[Bug 263812] security/easy-rsa: grep error prevents issuing of certs
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 06 May 2022 11:25:32 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263812
Bug ID: 263812
Summary: security/easy-rsa: grep error prevents issuing of
certs
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: mandree@FreeBSD.org
Reporter: grembo@FreeBSD.org
Flags: maintainer-feedback?(mandree@FreeBSD.org)
Assignee: mandree@FreeBSD.org
When running easyrsa on FreeBSD 13.0, it fails due to bsdgrep (which is
installed by default now) not understanding "\d" for digit.
So the problematic line is:
echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
Which leads to this error:
grep: trailing backslash (\)
Changing \d to [0-9] fixes the issue (see patch below).
I would suggest this order to approach the issue:
1. Patch easy-rsa in the port, so it works again
2. Check if bsdgrep not understanding \d is on purpose
3. Only if it's not, try to upstream the patch above
--- /usr/local/share/easy-rsa/easyrsa.real~ 2022-05-06 11:04:57.000000000
+0000
+++ /usr/local/share/easy-rsa/easyrsa.real 2022-05-06 11:10:49.687010000
+0000
@@ -1546,7 +1546,7 @@
easyrsa_openssl req -in "$path" -noout -subject -nameopt
sep_multiline |
awk -F'=' '/^ *CN=/{print $2}'
)
- echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
+ echo "$cn" | grep -E -q
'^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'
#shellcheck disable=SC2181
if [ $? -eq 0 ]; then
print "subjectAltName = IP:$cn"
--
You are receiving this mail because:
You are the assignee for the bug.