Date: Fri, 06 May 2022 11:25:32 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 263812] security/easy-rsa: grep error prevents issuing of certs Message-ID: <bug-263812-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263812 Bug ID: 263812 Summary: security/easy-rsa: grep error prevents issuing of certs Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: mandree@FreeBSD.org Reporter: grembo@FreeBSD.org Flags: maintainer-feedback?(mandree@FreeBSD.org) Assignee: mandree@FreeBSD.org When running easyrsa on FreeBSD 13.0, it fails due to bsdgrep (which is installed by default now) not understanding "\d" for digit. So the problematic line is: echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' Which leads to this error: grep: trailing backslash (\) Changing \d to [0-9] fixes the issue (see patch below). I would suggest this order to approach the issue: 1. Patch easy-rsa in the port, so it works again 2. Check if bsdgrep not understanding \d is on purpose 3. Only if it's not, try to upstream the patch above --- /usr/local/share/easy-rsa/easyrsa.real~ 2022-05-06 11:04:57.0000000= 00 +0000 +++ /usr/local/share/easy-rsa/easyrsa.real 2022-05-06 11:10:49.6870100= 00 +0000 @@ -1546,7 +1546,7 @@ easyrsa_openssl req -in "$path" -noout -subject -nameopt sep_multiline | awk -F'=3D' '/^ *CN=3D/{print $2}' ) - echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' + echo "$cn" | grep -E -q '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' #shellcheck disable=3DSC2181 if [ $? -eq 0 ]; then print "subjectAltName =3D IP:$cn" --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-263812-7788>