Unreadable SAN list on FreeBSD
On FreeBSD, sed does not support "\n" in the replacement string of a substitution. The SANs are currently output all together inside a single pair of quotes and each separated with an "n" character, needless to say this is very difficult to read. After a little digging, it seems this is a somewhat recent regression of the fix in #173. I believe `tr` would be a more cross-platform way to do this, and several sources (including the author of that PR) would seem to agree - assuming the newline is now necessary. It doesn't appear to matter what order the newline replacement happens amongst all the other replacements, so I have placed it first simply to avoid extending any already-long lines. Please correct me if this deduction is false.
This commit is contained in:
parent
018468a670
commit
3c39396391
|
@ -4123,9 +4123,9 @@ certificate_info() {
|
|||
fileout "${json_prefix}cn" "$cnok" "$cnfinding"
|
||||
|
||||
sans=$($OPENSSL x509 -in $HOSTCERT -noout -text 2>>$ERRFILE | grep -A2 "Subject Alternative Name" | \
|
||||
egrep "DNS:|IP Address:|email:|URI:|DirName:|Registered ID:" | \
|
||||
egrep "DNS:|IP Address:|email:|URI:|DirName:|Registered ID:" | tr ',' '\n' | \
|
||||
sed -e 's/ *DNS://g' -e 's/ *IP Address://g' -e 's/ *email://g' -e 's/ *URI://g' -e 's/ *DirName://g' \
|
||||
-e 's/ *Registered ID://g' -e 's/,/\n/g' \
|
||||
-e 's/ *Registered ID://g' \
|
||||
-e 's/ *othername:<unsupported>//g' -e 's/ *X400Name:<unsupported>//g' -e 's/ *EdiPartyName:<unsupported>//g')
|
||||
# ^^^ CACert
|
||||
out "$indent"; pr_bold " subjectAltName (SAN) "
|
||||
|
|
Loading…
Reference in New Issue