From 6f6266c8ca840bbecb85e8cc394037572b5e29d3 Mon Sep 17 00:00:00 2001
From: Boris Kolpackov <boris@codesynthesis.com>
Date: Mon, 2 Aug 2021 15:37:24 +0200
Subject: Make parsing of openssl output more robust

---
 bpkg/auth.cxx | 33 ++++++++++++++++++++++-----------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/bpkg/auth.cxx b/bpkg/auth.cxx
index 79e87ea..8698445 100644
--- a/bpkg/auth.cxx
+++ b/bpkg/auth.cxx
@@ -160,21 +160,32 @@ namespace bpkg
       getline (os.in, s);
       os.in.close ();
 
-      try
+      if (os.wait ())
       {
-        const size_t n (19);
-
-        if (os.wait () &&
-            s.size () > n && s.compare (0, n, "SHA256 Fingerprint=") == 0)
+        // Normally the output is:
+        //
+        //  SHA256 Fingerprint=<fingerprint>
+        //
+        // But it can be translated and SHA spelled in lower case (LC_ALL=C
+        // doesn't seem to help in some cases).
+        //
+        if (icasecmp (s, "SHA256", 6) == 0)
         {
-          string fp (s, n);
-          string ab (fingerprint_to_sha256 (fp, 16));
-          return {move (fp), move (ab)};
+          size_t p (s.find ('='));
+          if (p != string::npos)
+          {
+            try
+            {
+              string fp (s, p + 1);
+              string ab (fingerprint_to_sha256 (fp, 16));
+              return {move (fp), move (ab)};
+            }
+            catch (const invalid_argument&)
+            {
+            }
+          }
         }
       }
-      catch (const invalid_argument&)
-      {
-      }
 
       calc_failed ();
 
-- 
cgit v1.1