diff options
Diffstat (limited to 'main/openvpn/contrib')
-rw-r--r-- | main/openvpn/contrib/OCSP_check/OCSP_check.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/main/openvpn/contrib/OCSP_check/OCSP_check.sh b/main/openvpn/contrib/OCSP_check/OCSP_check.sh index 847be450..553c3dce 100644 --- a/main/openvpn/contrib/OCSP_check/OCSP_check.sh +++ b/main/openvpn/contrib/OCSP_check/OCSP_check.sh @@ -71,7 +71,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then # - The serial number must not be empty # - The exit status of "openssl ocsp" must be zero # - The output of the above command must contain the line - # "0x${serial}: good" + # "${serial}: good" # # Everything else fails with exit status 1. @@ -83,7 +83,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then # Sample output that is assumed here: # # Response verify OK - # 0x428740A5: good + # 4287405: good # This Update: Apr 24 19:38:49 2010 GMT # Next Update: May 2 14:23:42 2010 GMT # @@ -97,11 +97,11 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then "$nonce" \ -CAfile "$verify" \ -url "$ocsp_url" \ - -serial "0x${serial}" 2>/dev/null) + -serial "${serial}" 2>/dev/null) if [ $? -eq 0 ]; then # check that it's good - if echo "$status" | grep -Fq "0x${serial}: good"; then + if echo "$status" | grep -Fq "^${serial}: good"; then exit 0 fi fi |