From nobody Fri May 06 17:35:35 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 070801AB3AAF; Fri, 6 May 2022 17:35:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KvyQH6HLPz4bxl; Fri, 6 May 2022 17:35:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651858535; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2aGg42p0CmcLGuxLAteiUTBzbl2abi3u2k/nm+9SE2E=; b=NrO+y3d0AIEIFwYIfElToXeKSyJtRUO5QvVLOd/lszsc/Dus1OxZLO6csvXrRKdKyGQy7f NZmNESq5I3zc0BERBRg6PniLFl/533dSuJ5G2yH8QZcjzq6VBZuDqz0EATwQOslGuLgGr5 WQoCiEBm1Iu3aCZRD4r6WHbR9MFinnBhCGu+RecGZt39ccae4vphdcnPL70RC+DLh6Spyv Agwssq+UlmvCJdeEVMqp3tMNwr8xMiiPvkQHjB0JIgxeWPpCxqCqZL0iUfx9tPHKtlulS8 qtQVD723VfmvbpDufSUjrgtVtYOOPOOISSdMpzAfuTFZrAnlKBsNXuwYzznTKw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B7F1E203A0; Fri, 6 May 2022 17:35:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 246HZZKx000173; Fri, 6 May 2022 17:35:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 246HZZNb000172; Fri, 6 May 2022 17:35:35 GMT (envelope-from git) Date: Fri, 6 May 2022 17:35:35 GMT Message-Id: <202205061735.246HZZNb000172@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Matthias Andree Subject: git: e1490551d169 - 2022Q2 - security/easy-rsa: fix cert issuance with BSD grep List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mandree X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q2 X-Git-Reftype: branch X-Git-Commit: e1490551d1699405227e94ab0625f1f33466db32 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651858535; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2aGg42p0CmcLGuxLAteiUTBzbl2abi3u2k/nm+9SE2E=; b=wr/lpyleTB2uF0Unsodu0E/6Ikle+V7GhPB3BDZ6WZFfcE0EY8c3zwl+ym6lgIAlxj+VYi xhOVVXOLbekAqIwlQTOeivrDHCx+oUNb+GnL2hbZ+xtuwB8n+hieP9bDnb6Mh3sF4wNaDJ lAYBj8eOsSD4Nr18TuWvcpW3SHe63DpkSnG70jBegukEasOp1BsCEPBjdCB3CrGCtdywwC gU+YDbS9/vcqYh4woAp6eHn01/AihEOALFmJr9vWm3pBW8HhD9Zmk2Uu/5G3y7t+9rcY7w d8j/1yr6ylO5dKO0ko79eq/w5O0vdGlKBhzRvDDz8QkTcdb5RmNT6T+9GupUXA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1651858535; a=rsa-sha256; cv=none; b=O8qbwtUK97KtNbe/UWFIZM1OJrKHFyJg0vXaUO7d6ys6B49OBd5Z0ITZGJTNoxyVPvkonv rPaa3pPUPd98TbrUyULbcjejehBF10mH8Rsq/xyc/1oZmcn3/KO8fa7mduBqRCKJHO7zus xLo32Z7ghFdO38phLoJxSZcarwW+d5FQRwjFDQnyI19U8rq7cSoOHdVhqVV7+82Lmeueco jAsIEAnA/MKVz6tCJr97AmtugHiPXIJ+xasgvP4UrsijDkYzAKBir9SVPBqBE1B8fIWCSG TjSfCxce8g+FMBuceCElYrjevTQHCj+zgbAMWxHYvSoW6dKxfx3HCj3LvUN96g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q2 has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=e1490551d1699405227e94ab0625f1f33466db32 commit e1490551d1699405227e94ab0625f1f33466db32 Author: Matthias Andree AuthorDate: 2022-05-06 17:32:17 +0000 Commit: Matthias Andree CommitDate: 2022-05-06 17:35:19 +0000 security/easy-rsa: fix cert issuance with BSD grep easyrsa running on systems with bsdgrep for grep fails issuing certs because it attempts \d as shorthand for [[:digit:]] or [0-9] and triggers a grep failure with diagnostic grep: trailing backslash (\) Filed upstream: https://github.com/OpenVPN/easy-rsa/issues/556 PR: 263812 Submitted by: grembo@ (cherry picked from commit 8e0b9d2d558fe1cdab743ca0b954ef5a3f578bc2) --- security/easy-rsa/Makefile | 1 + security/easy-rsa/files/patch-easyrsa | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/security/easy-rsa/Makefile b/security/easy-rsa/Makefile index 3127343139bf..a30fee2ede19 100644 --- a/security/easy-rsa/Makefile +++ b/security/easy-rsa/Makefile @@ -1,5 +1,6 @@ PORTNAME= easy-rsa DISTVERSION= 3.0.8 +PORTREVISION= 1 CATEGORIES= security net-mgmt MASTER_SITES= https://github.com/OpenVPN/easy-rsa/releases/download/v${DISTVERSION}/ DISTNAME= EasyRSA-${DISTVERSION} diff --git a/security/easy-rsa/files/patch-easyrsa b/security/easy-rsa/files/patch-easyrsa new file mode 100644 index 000000000000..4278fe9e171e --- /dev/null +++ b/security/easy-rsa/files/patch-easyrsa @@ -0,0 +1,11 @@ +--- easyrsa.orig 2020-09-09 20:59:45 UTC ++++ easyrsa +@@ -1546,7 +1546,7 @@ default_server_san() { + easyrsa_openssl req -in "$path" -noout -subject -nameopt sep_multiline | + awk -F'=' '/^ *CN=/{print $2}' + ) +- echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' ++ echo "$cn" | grep -E -q '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' + #shellcheck disable=SC2181 + if [ $? -eq 0 ]; then + print "subjectAltName = IP:$cn"