]> git.ipfire.org Git - thirdparty/dehydrated.git/commitdiff
projects / thirdparty / dehydrated.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab01680)
ensure newline before new section in openssl.cnf
author27o <27o@users.noreply.github.com>
Mon, 12 Apr 2021 06:47:22 +0000 (08:47 +0200)
committerLukas Schauer <lukas@schauer.dev>
Fri, 23 Apr 2021 00:03:23 +0000 (02:03 +0200)
openssl.cnf may not end with a newline. The section [SAN] will then not be found as it is added to the last line of openssl.cnf.

dehydrated patch | blob | blame | history

diff --git a/dehydrated b/dehydrated
index dae40496588baa30b4b993416e90abb488a562af..d61807e993ec0ac07a7757ad56245a8bec773d6b 100755 (executable)
--- a/dehydrated
+++ b/dehydrated
@@ -1291,7 +1291,7 @@ generate_alpn_certificate() {
   echo " + Generating ALPN certificate and key for ${1}..."
   tmp_openssl_cnf="$(_mktemp)"
   cat "${OPENSSL_CNF}" > "${tmp_openssl_cnf}"
-  printf "[SAN]\nsubjectAltName=DNS:%s\n" "${altname}" >> "${tmp_openssl_cnf}"
+  printf "\n[SAN]\nsubjectAltName=DNS:%s\n" "${altname}" >> "${tmp_openssl_cnf}"
   printf "1.3.6.1.5.5.7.1.31=critical,DER:04:20:${acmevalidation}\n" >> "${tmp_openssl_cnf}"
   SUBJ="/CN=${altname}/"
   [[ "${OSTYPE:0:5}" = "MINGW" ]] && SUBJ="/${SUBJ}"
@@ -1365,7 +1365,7 @@ sign_domain() {
     local tmp_openssl_cnf
     tmp_openssl_cnf="$(_mktemp)"
     cat "${OPENSSL_CNF}" > "${tmp_openssl_cnf}"
-    printf "[SAN]\nsubjectAltName=%s" "${SAN}" >> "${tmp_openssl_cnf}"
+    printf "\n[SAN]\nsubjectAltName=%s" "${SAN}" >> "${tmp_openssl_cnf}"
     if [ "${OCSP_MUST_STAPLE}" = "yes" ]; then
       printf "\n1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05" >> "${tmp_openssl_cnf}"
     fi
Mirror of https://github.com/dehydrated-io/dehydrated.git