internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-06 13:22:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

letsencrypt: FIX CN parsing to work with OpenSSL 1.1 (#25935)

Browse Source 
As we can see in
9537453586
:

CN used to be without whitespaces around the `=` but OpenSSL 1.1 introduced
whitespaces:
1.0.1: subject=/CN=example.com
1.1.0: subject=CN = example.com

This commit makes them optional.

OpenSSL 1.1 is present on the newly-released Debian Stretch, so absence
of this fix makes us not being able to use this module on this distro.
This commit is contained in:
Virgil Dupras
2017-06-28 01:39:54 -04:00
committed by René Moser
parent 3bd8dbb53d
commit 9474f20f2d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/ansible/modules/web_infrastructure/letsencrypt.py
View File

@@ -536,7 +536,7 @@ class ACMEClient(object):
_, out, _ = self.module.run_command(openssl_csr_cmd, check_rc=True)
domains = set([])
common_name = re.search(r"Subject:.*? CN=([^\s,;/]+)", out.decode('utf8'))
common_name = re.search(r"Subject:.*? CN\s?=\s?([^\s,;/]+)", out.decode('utf8'))
if common_name is not None:
domains.add(common_name.group(1))
subject_alt_names = re.search(r"X509v3 Subject Alternative Name: \n +([^\n]+)\n", out.decode('utf8'), re.MULTILINE | re.DOTALL)