[libvirt] [PATCH] Fix virt-pki-validate's determination of CN
Eric Blake
eblake at redhat.com
Fri Apr 30 02:27:35 UTC 2010
On 04/29/2010 04:16 PM, Dustin Kirkland wrote:
>> I've tested this against the certool output of both RH and Ubuntu
>> generated certs.
>>
>> Signed-off-by: Dustin Kirkland <kirkland at canonical.com>
>> Signed-off-by: Eric Blake <eblake at redhat.com>
>> ---
>> -ORG=`$CERTOOL -i --infile $CA/cacert.pem | sed -n '/Issuer/ s+Issuer: CN=++p'`
>> +sed_get_org='/Issuer:/ {
>> + s/.*Issuer:.*CN=//
>> + s/,.*//
>> + p
>> +}'
>> +ORG=`$CERTOOL -i --infile $CA/cacert.pem | sed -n "$sed_get_org"`
>> if [ "$ORG" = "" ]
>> then
>> echo the CA certificate $CA/cacert.pem does not define the organization
>
> Thanks, Eric. I've tested this and it still works works as expected for
> me against the two different cert formats.
Given your ACK and my testing, I've gone ahead and pushed this patch.
Thanks again for persevering with this issue.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100429/900e29a6/attachment-0001.sig>
More information about the libvir-list
mailing list