From 91ec580beceb3d6c723d2ade85436374992526f7 Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Tue, 3 Jun 2014 23:23:30 +0200
Subject: Import new openvpn -master version

---
 main/openvpn/contrib/OCSP_check/OCSP_check.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'main/openvpn/contrib/OCSP_check/OCSP_check.sh')

diff --git a/main/openvpn/contrib/OCSP_check/OCSP_check.sh b/main/openvpn/contrib/OCSP_check/OCSP_check.sh
index 847be450..553c3dce 100644
--- a/main/openvpn/contrib/OCSP_check/OCSP_check.sh
+++ b/main/openvpn/contrib/OCSP_check/OCSP_check.sh
@@ -71,7 +71,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then
   # - The serial number must not be empty
   # - The exit status of "openssl ocsp" must be zero
   # - The output of the above command must contain the line
-  #   "0x${serial}: good"
+  #   "${serial}: good"
   #
   # Everything else fails with exit status 1.
 
@@ -83,7 +83,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then
     # Sample output that is assumed here:
     #
     # Response verify OK
-    # 0x428740A5: good
+    # 4287405: good
     #      This Update: Apr 24 19:38:49 2010 GMT
     #      Next Update: May  2 14:23:42 2010 GMT
     #
@@ -97,11 +97,11 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then
                     "$nonce" \
                     -CAfile "$verify" \
                     -url "$ocsp_url" \
-                    -serial "0x${serial}" 2>/dev/null)
+                    -serial "${serial}" 2>/dev/null)
 
     if [ $? -eq 0 ]; then
       # check that it's good
-      if echo "$status" | grep -Fq "0x${serial}: good"; then
+      if echo "$status" | grep -Fq "^${serial}: good"; then
         exit 0
       fi
     fi
-- 
cgit v1.2.3