On Wednesday, February 03, 2016 10:10:51 AM Peter Wemm wrote: > On Monday, December 14, 2015 01:01:51 PM Dag-Erling Smørgrav wrote: > > Author: des > > Date: Mon Dec 14 13:01:51 2015 > > New Revision: 292206 > > URL: https://svnweb.freebsd.org/changeset/base/292206 > > > > Log: > > Upgrade to Unbound 1.5.7. > > > > Added: > > head/contrib/unbound/.gitignore > > > > - copied unchanged from r292133, vendor/unbound/dist/.gitignore > > > > head/contrib/unbound/compat/isblank.c > > > > - copied unchanged from r292133, vendor/unbound/dist/compat/isblank.c > > > > Modified: > > head/contrib/unbound/Makefile.in > > An error was introduced here that breaks some of the support scripts: > > @@ -107,16 +107,15 @@ > fi > > # create self-signed cert for server > -cat >request.cfg <<EOF > -[req] > -default_bits=$BITS > -default_md=$HASH > -prompt=no > -distinguished_name=req_distinguished_name > +echo "[req]\n" > request.cfg > +echo "default_bits=$BITS\n" >> request.cfg > +echo "default_md=$HASH\n" >> request.cfg > +echo "prompt=no\n" >> request.cfg > +echo "distinguished_name=req_distinguished_name\n" >> request.cfg > +echo "\n" >> request.cfg > +echo "[req_distinguished_name]\n" >> request.cfg > +echo "commonName=$SERVERNAME\n" >> request.cfg > > -[req_distinguished_name] > -commonName=$SERVERNAME > -EOF > test -f request.cfg || error "could not create request.cfg" > > echo "create $SVR_BASE.pem (self signed certificate)" > @@ -125,16 +124,15 @@ > openssl x509 -in $SVR_BASE.pem -addtrust serverAuth -out > $SVR_BASE"_trust.pem" > > # create client request and sign it, piped > -cat >request.cfg <<EOF > -[req] > -default_bits=$BITS > -default_md=$HASH > -prompt=no > -distinguished_name=req_distinguished_name > +echo "[req]\n" > request.cfg > +echo "default_bits=$BITS\n" >> request.cfg > +echo "default_md=$HASH\n" >> request.cfg > +echo "prompt=no\n" >> request.cfg > +echo "distinguished_name=req_distinguished_name\n" >> request.cfg > +echo "\n" >> request.cfg > +echo "[req_distinguished_name]\n" >> request.cfg > +echo "commonName=$CLIENTNAME" >> request.cfg > > -[req_distinguished_name] > -commonName=$CLIENTNAME > -EOF > test -f request.cfg || error "could not create request.cfg" > > echo "create $CTL_BASE.pem (signed client certificate)" > > Whoever wrote this seems to have confused "echo" with "printf". All the > trailing "\n" lines cause an openssl error. In the cluster build I had to > remove the "\n" and that was sufficient to bootstrap new instances again.
Filed as https://bugs.freebsd.org/206887 -- Peter Wemm - pe...@wemm.org; pe...@freebsd.org; pe...@yahoo-inc.com; KI6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246
signature.asc
Description: This is a digitally signed message part.