Re: [libvirt] [PATCH] Fix virt-pki-validate's determination of CN
On 04/29/2010 04:16 PM, Dustin Kirkland wrote:
> I've tested this against the certool output of both RH and
Ubuntu
> generated certs.
>
> Signed-off-by: Dustin Kirkland <kirkland(a)canonical.com>
> Signed-off-by: Eric Blake <eblake(a)redhat.com>
> ---
> -ORG=`$CERTOOL -i --infile $CA/cacert.pem | sed -n '/Issuer/ s+Issuer:
CN=++p'`
> +sed_get_org='/Issuer:/ {
> + s/.*Issuer:.*CN=//
> + s/,.*//
> + p
> +}'
> +ORG=`$CERTOOL -i --infile $CA/cacert.pem | sed -n "$sed_get_org"`
> if [ "$ORG" = "" ]
> then
> echo the CA certificate $CA/cacert.pem does not define the organization
Thanks, Eric. I've tested this and it still works works as expected for
me against the two different cert formats.
Given your ACK and my testing, I've gone ahead and pushed this patch.
Thanks again for persevering with this issue.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)