Comment 8 for bug 998918

Hi,

I am running into this problem too. The issue, as eas mentioned, is in the pattern matching.

On Ubuntu 12.04.2 LTS (Precise):

> ~# dpkg -l | grep -i openssl
> ii openssl 1.0.1-4ubuntu5.9 Secure Socket Layer (SSL) binary and related cryptographic tools
> ~# openssl version
> OpenSSL 1.0.1 14 Mar 2012

On Debian 7 (Wheezy):

> ~# dpkg -l | grep -i openssl
> ii openssl 1.0.1e-2 amd64 Secure Socket Layer (SSL) binary and related cryptographic tools
> ~# openssl version
> OpenSSL 1.0.1e 11 Feb 2013

In ./easy-rsa/whichopensslcnf, this line tries to match [[:alnum:]] after [[:digit:]], which is non existent for the Ubuntu package.

> elif $OPENSSL version | grep -E "1\.0\.([[:digit:]][[:alnum:]])" > /dev/null; then

Running this pattern match manually reproduces this;

On Ubuntu 12.04.2 LTS (Precise):

> ~# openssl version | grep -E "1\.0\.([[:digit:]][[:alnum:]])"
> ~# echo $?
> 1

On Debian 7 (Wheezy):

> ~ # openssl version | grep -E "1\.0\.([[:digit:]][[:alnum:]])"
> OpenSSL 1.0.1e 11 Feb 2013
> ~# echo $?
> 0

The easy fix is to remove [[:alnum:]] from the regex, but I am not sure if that would introduce regressions.

More foolproof solution would be for the script to check if it's running on Debian or Ubuntu and take that into consideration when doing the pattern match.

It will also be interesting to know why the Debian package has "e" in its version number and the Ubuntu package doesn't.