From nobody Fri May 6 17:34:54 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 66A1C1AB3332; Fri, 6 May 2022 17:34:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KvyPW149fz4bSH; Fri, 6 May 2022 17:34:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651858495; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ecIuAfqz/Th4uF+Er8Ap+6G5vgc3XE6buK9ldFlhYVE=; b=kfCHaTJpFCS2MGBtw7hvEsUn4Es5oV/HlNta8Jb10m2SwK2jknk0JixSBbtTIEKz95N4ND UtcP4aRtq/PWMqgSxGayaqc8Iso9xnNj1LmNHnFqKGfYoaJ0fFqCuNvwAw1EsLKrGr/v/B iQFaOUoq8n4GgoOGTbbnUWPL5/TaPsb4CgiKiwRdLA3NV5SAJFTUhnxDhcFUtx8B7tPzIj 8SA2UM2VXd3N5Tbi+7MvObtSUuQIyqfZ/vigtbRoWUhGUW1D43FhAnP3CZT9+vC4w5jaLR aOdDG6R0vyfCdEZmrmwRjO8GnRqYY/YLuhsKVOqha2Z+nzoLYFpmAIXd/Bal7w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DCC4E204BF; Fri, 6 May 2022 17:34:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 246HYsLA099882; Fri, 6 May 2022 17:34:54 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 246HYs1b099881; Fri, 6 May 2022 17:34:54 GMT (envelope-from git) Date: Fri, 6 May 2022 17:34:54 GMT Message-Id: <202205061734.246HYs1b099881@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Matthias Andree Subject: git: 8e0b9d2d558f - main - security/easy-rsa: fix cert issuance with BSD grep List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mandree X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8e0b9d2d558fe1cdab743ca0b954ef5a3f578bc2 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651858495; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ecIuAfqz/Th4uF+Er8Ap+6G5vgc3XE6buK9ldFlhYVE=; b=Sm0+WpKR/0T0txbzl4yS0Gp0W/O38scs0zumoKKxeLrOc/5BgDmcB93sd374jHeziZpCkM /Po/7SD6knEqJ7VTR0+dyYy3C+Tph6rrvAfMCtpqCsRh61STsNim/WCbtLYmh3rCLW/MW3 UZ1tB1IrWI7/x0mHyJ+lp25sCqTFvmKj45iZ6ZRNfD4HvmWilwfrgDyDgWoTo6SatR8fHU DDuQBSMZwgqcUzfmvhnenssITQRf3JWy+LG6Bs3vzemQzrQX0lAS5bQdFdg8q2S6eSN7IZ A51FvXzfSQRD2Yw6W22ONgPVllJQHkolw54d2FxApNetuW+ryIQcK0dYIvI/mg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1651858495; a=rsa-sha256; cv=none; b=F0SXeCac6xJDM0PkJWa0pJuIS3OYyACMOuuk8RnMWK3NTTIDsDbOBMiyJQxyZuTNYUkyvk 9VfOv3R6+eSp6v2gaKulDk/xJA5DafZJBidMKKW0UB2Ki+dqX8A7ECbdVM9CCwhsOO9lrR fISItgapeJ/zwZxbC1yVgOn8YhfvSUpiEk9+hYUYaMR5SvfonBQOI+NcslLcbokskM+iEB ukmDyhKFeNDXdzMXUo5FZ8CCfOebcnq0teQvxOzURdkrzv6OMOJyghuft71LaQU1HO89vH 3+idWX0PzrWyr/B0BNmm8aOP6TILkKZGCmvJoBagdWjjBkRds8xVlI1x1JItRQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=8e0b9d2d558fe1cdab743ca0b954ef5a3f578bc2 commit 8e0b9d2d558fe1cdab743ca0b954ef5a3f578bc2 Author: Matthias Andree AuthorDate: 2022-05-06 17:32:17 +0000 Commit: Matthias Andree CommitDate: 2022-05-06 17:34:51 +0000 security/easy-rsa: fix cert issuance with BSD grep easyrsa running on systems with bsdgrep for grep fails issuing certs because it attempts \d as shorthand for [[:digit:]] or [0-9] and triggers a grep failure with diagnostic grep: trailing backslash (\) Filed upstream: https://github.com/OpenVPN/easy-rsa/issues/556 PR: 263812 Submitted by: grembo@ --- security/easy-rsa/Makefile | 1 + security/easy-rsa/files/patch-easyrsa | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/security/easy-rsa/Makefile b/security/easy-rsa/Makefile index 3127343139bf..a30fee2ede19 100644 --- a/security/easy-rsa/Makefile +++ b/security/easy-rsa/Makefile @@ -1,5 +1,6 @@ PORTNAME= easy-rsa DISTVERSION= 3.0.8 +PORTREVISION= 1 CATEGORIES= security net-mgmt MASTER_SITES= https://github.com/OpenVPN/easy-rsa/releases/download/v${DISTVERSION}/ DISTNAME= EasyRSA-${DISTVERSION} diff --git a/security/easy-rsa/files/patch-easyrsa b/security/easy-rsa/files/patch-easyrsa new file mode 100644 index 000000000000..4278fe9e171e --- /dev/null +++ b/security/easy-rsa/files/patch-easyrsa @@ -0,0 +1,11 @@ +--- easyrsa.orig 2020-09-09 20:59:45 UTC ++++ easyrsa +@@ -1546,7 +1546,7 @@ default_server_san() { + easyrsa_openssl req -in "$path" -noout -subject -nameopt sep_multiline | + awk -F'=' '/^ *CN=/{print $2}' + ) +- echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' ++ echo "$cn" | grep -E -q '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' + #shellcheck disable=SC2181 + if [ $? -eq 0 ]; then + print "subjectAltName = IP:$cn"