Git Bash - 以“/”开头的字符串参数正在扩展为文件路径。如何阻止这个?
Git Bash - string parameter with '/' at start is being expanded to a file path. How to stop this?
今天早些时候,我试图在 SubjectAltName 扩展名中生成一个带有 DNSName 条目的证书:
$ openssl req -new -subj "/C=GB/CN=foo" -addext "subjectAltName = DNS:foo.co.uk" \
-addext "certificatePolicies = 1.2.3.4" -key ./private-key.pem -out ~/req.pem
此命令导致出现以下错误消息:
name is expected to be in the format /type0=value0/type1=value1/type2=... where characters may be escaped by . This name is not in that format: 'C:/Program Files/Git/C=GB/CN=foo'
problems making Certificate Request
如何阻止 Git Bash 将此字符串参数视为文件路径,或者至少阻止它进行此更改?
今天 Git Bash 2.21.0 更新的发行说明提到这是一个已知问题。幸运的是,他们还描述了两个解决问题的方法:
If you specify command-line options starting with a slash, POSIX-to-Windows path conversion will kick in converting e.g. "/usr/bin/bash.exe" to "C:\Program Files\Git\usr\bin\bash.exe". When that is not desired -- e.g. "--upload-pack=/opt/git/bin/git-upload-pack" or "-L/regex/" -- you need to set the environment variable MSYS_NO_PATHCONV temporarily, like so:
MSYS_NO_PATHCONV=1 git blame -L/pathconv/ msys2_path_conv.cc
Alternatively, you can double the first slash to avoid POSIX-to-Windows path conversion, e.g. "//usr/bin/bash.exe".
如果您的脚本访问文件,使用 MSYS_NO_PATHCONV=1 可能会出现问题。
带有双正斜杠的前缀不适用于 OpenSSL 的特定情况,因为它会导致第一个 DN 段密钥被读取为“/C”而不是 "C",因此 OpenSSL 将其丢弃, 输出:
req: Skipping unknown attribute "/C"
相反,我使用了一个函数来检测 bash 上的 运行 是否为 Windows,如果是,则使用 "dummy" 段作为前缀:
# If running on bash for Windows, any argument starting with a forward slash is automatically
# interpreted as a drive path. To stop that, you can prefix with 2 forward slashes instead
# of 1 - but in the specific case of openssl, that causes the first CN segment key to be read as
# "/O" instead of "O", and is skipped. We work around that by prefixing with a spurious segment,
# which will be skipped by openssl
function fixup_cn_subject() {
local result=""
case $OSTYPE in
msys|win32) result="//XX=x${result}"
esac
echo "$result"
}
# Usage example
MY_SUBJECT=$(fixup_cn_subject "/C=GB/CN=foo")
我在使用 bash 时遇到了同样的问题,但是 运行 Powershell 中完全相同的命令对我有用。希望这会对某人有所帮助。
通过将虚拟值作为第一个属性传递来找到解决方法,例如:-subj '//SKIP=skip/C=gb/CN=foo'
今天早些时候,我试图在 SubjectAltName 扩展名中生成一个带有 DNSName 条目的证书:
$ openssl req -new -subj "/C=GB/CN=foo" -addext "subjectAltName = DNS:foo.co.uk" \
-addext "certificatePolicies = 1.2.3.4" -key ./private-key.pem -out ~/req.pem
此命令导致出现以下错误消息:
name is expected to be in the format /type0=value0/type1=value1/type2=... where characters may be escaped by . This name is not in that format: 'C:/Program Files/Git/C=GB/CN=foo' problems making Certificate Request
如何阻止 Git Bash 将此字符串参数视为文件路径,或者至少阻止它进行此更改?
今天 Git Bash 2.21.0 更新的发行说明提到这是一个已知问题。幸运的是,他们还描述了两个解决问题的方法:
If you specify command-line options starting with a slash, POSIX-to-Windows path conversion will kick in converting e.g. "/usr/bin/bash.exe" to "C:\Program Files\Git\usr\bin\bash.exe". When that is not desired -- e.g. "--upload-pack=/opt/git/bin/git-upload-pack" or "-L/regex/" -- you need to set the environment variable MSYS_NO_PATHCONV temporarily, like so:
MSYS_NO_PATHCONV=1 git blame -L/pathconv/ msys2_path_conv.cc
Alternatively, you can double the first slash to avoid POSIX-to-Windows path conversion, e.g. "//usr/bin/bash.exe".
如果您的脚本访问文件,使用 MSYS_NO_PATHCONV=1 可能会出现问题。
带有双正斜杠的前缀不适用于 OpenSSL 的特定情况,因为它会导致第一个 DN 段密钥被读取为“/C”而不是 "C",因此 OpenSSL 将其丢弃, 输出:
req: Skipping unknown attribute "/C"
相反,我使用了一个函数来检测 bash 上的 运行 是否为 Windows,如果是,则使用 "dummy" 段作为前缀:
# If running on bash for Windows, any argument starting with a forward slash is automatically
# interpreted as a drive path. To stop that, you can prefix with 2 forward slashes instead
# of 1 - but in the specific case of openssl, that causes the first CN segment key to be read as
# "/O" instead of "O", and is skipped. We work around that by prefixing with a spurious segment,
# which will be skipped by openssl
function fixup_cn_subject() {
local result=""
case $OSTYPE in
msys|win32) result="//XX=x${result}"
esac
echo "$result"
}
# Usage example
MY_SUBJECT=$(fixup_cn_subject "/C=GB/CN=foo")
我在使用 bash 时遇到了同样的问题,但是 运行 Powershell 中完全相同的命令对我有用。希望这会对某人有所帮助。
通过将虚拟值作为第一个属性传递来找到解决方法,例如:-subj '//SKIP=skip/C=gb/CN=foo'