Date: Fri, 6 May 2022 17:35:35 GMT From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: e1490551d169 - 2022Q2 - security/easy-rsa: fix cert issuance with BSD grep Message-ID: <202205061735.246HZZNb000172@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2022Q2 has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=e1490551d1699405227e94ab0625f1f33466db32 commit e1490551d1699405227e94ab0625f1f33466db32 Author: Matthias Andree <mandree@FreeBSD.org> AuthorDate: 2022-05-06 17:32:17 +0000 Commit: Matthias Andree <mandree@FreeBSD.org> CommitDate: 2022-05-06 17:35:19 +0000 security/easy-rsa: fix cert issuance with BSD grep easyrsa running on systems with bsdgrep for grep fails issuing certs because it attempts \d as shorthand for [[:digit:]] or [0-9] and triggers a grep failure with diagnostic grep: trailing backslash (\) Filed upstream: https://github.com/OpenVPN/easy-rsa/issues/556 PR: 263812 Submitted by: grembo@ (cherry picked from commit 8e0b9d2d558fe1cdab743ca0b954ef5a3f578bc2) --- security/easy-rsa/Makefile | 1 + security/easy-rsa/files/patch-easyrsa | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/security/easy-rsa/Makefile b/security/easy-rsa/Makefile index 3127343139bf..a30fee2ede19 100644 --- a/security/easy-rsa/Makefile +++ b/security/easy-rsa/Makefile @@ -1,5 +1,6 @@ PORTNAME= easy-rsa DISTVERSION= 3.0.8 +PORTREVISION= 1 CATEGORIES= security net-mgmt MASTER_SITES= https://github.com/OpenVPN/easy-rsa/releases/download/v${DISTVERSION}/ DISTNAME= EasyRSA-${DISTVERSION} diff --git a/security/easy-rsa/files/patch-easyrsa b/security/easy-rsa/files/patch-easyrsa new file mode 100644 index 000000000000..4278fe9e171e --- /dev/null +++ b/security/easy-rsa/files/patch-easyrsa @@ -0,0 +1,11 @@ +--- easyrsa.orig 2020-09-09 20:59:45 UTC ++++ easyrsa +@@ -1546,7 +1546,7 @@ default_server_san() { + easyrsa_openssl req -in "$path" -noout -subject -nameopt sep_multiline | + awk -F'=' '/^ *CN=/{print $2}' + ) +- echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' ++ echo "$cn" | grep -E -q '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' + #shellcheck disable=SC2181 + if [ $? -eq 0 ]; then + print "subjectAltName = IP:$cn"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202205061735.246HZZNb000172>