External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-21 19:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix regex to check CN from server certificate

Browse Source 
Currently when the script validates the PKI files and
the certificate 'Subject:' field contains RDNs after
the Common Name (CN), these values are also included,
creating a false result that the CN is not correct.

A small change to the sed regex fixes this issue, by
extracting only the value for CN and nothing else. The
regex is replaced with the exact same regex used to
extract the CN value from the client certificate.
This commit is contained in:
Tiago M. Vieira 2018-01-26 14:33:02 -05:00 committed by Andrea Bolognani
parent e19dde1d0c
commit d0a60771ab
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tools/virt-pki-validate.in
View File

@ -255,7 +255,7 @@ then
echo CA organization: $ORG
echo Server organization: $S_ORG
fi
S_HOST=`"$CERTOOL" -i --infile "$LIBVIRT/servercert.pem" | grep Subject: | sed 's+.*CN=\([a-zA-Z\. _-]*\)+\1+'`
S_HOST=`"$CERTOOL" -i --infile "$LIBVIRT/servercert.pem" | grep Subject: | sed 's+.*CN=\(.[a-zA-Z \._-]*\).*+\1+'`
if test "$S_HOST" != "`hostname -s`" && test "$S_HOST" != "`hostname`"
then
echo The server certificate does not seem to match the host name