BitBetter icon indicating copy to clipboard operation
BitBetter copied to clipboard

Published 20 hours ago verified publisher icon jakeswenson

licenseGen output has extra non-printable characters

Open JollyRgrs opened this issue 2 years ago • 9 comments

When I try to redirect the output of licenseGen in non-interactive to a .json file for uploading to the org, there are extra characters. So instead of the first line simply being open braces { I get ^[[?1h^[={

This causes the .json file to be an invalid license when I try to apply it to the organization. I had to use a maze of sed commands to be able to correctly generate a usable .json file. I found that when I tried to strip the original first characters above by removing the first line, I was getting CRLF format (possibly due to the echo/sed combination), so I had to further convert to LF.

Currently I have to use this monstrosity: (echo "{" && ./src/licenseGen/run.sh /path/to/BitBetter/.keys/cert.pfx org "Name" [email protected] Install-ID-Here 32767 "BusinessName" |sed '1d') |sed $'s/\r$//' > /path/of/OrgLicense.json

JollyRgrs avatar Nov 29 '21 07:11 JollyRgrs

tell me about it, i have made a script where it emails them the json file (as an attachment) and includes all the extra special characters, in the email body i just say "delete the extra special characters after {"

heres my script ` #!/bin/bash

echo "please enter organisation name": read name

echo "please enter the owners email of this organisation": echo "(user will get a welcome letter and activation email if not already registered)" #echo "(use the comma (,) to add multiple owners)" read owner

echo "please enter company": read company

read -p "continue (y/n)?" CONT

if [ "$CONT" = "y" ]; then

/bitwarden/bwdata/BitBetter-master/src/licenseGen/run.sh /bitwarden/bwdata/BitBetter-master/.keys/cert.pfx org "$name" "$owner" your-installation-ID 32767 "$company" >> /license_files/"$name".json

swaks -t "$owner" -f [email protected] -s 10.110.10.98 -p 25 --header "Subject: Bitwarden "$name".json" --body "download the above file to your computer \n\n https://pass.domain.com \n\n to import the file go to \n\n settings > organisations > new organisation > browse > submit the file you downloaded \n\n edit the file before submitting and delete the special characters before {" --attach-type /license_files/"$name".json -S 2

rm -f /license_files/"$name".json

else exit fi `

robina80 avatar Jul 06 '22 10:07 robina80

For a workaround, I use a combination of sed and tr.

Pipe your licenseGen run.sh command to :

| tr -dc '\11\12\40-\176' |sed 's/\[?1h={/{/g'

This cleans the file for import. Now I just need to figure out how to update the license file automatically

JollyRgrs avatar Jul 07 '22 06:07 JollyRgrs

@JollyBGood what do you mean "update the license file automatically" do you mean when it runs out in 100 years time lol

robina80 avatar Jul 07 '22 11:07 robina80

My license becomes invalid every time I update my LE certs, so every 2 months or so, I have to do this. I'm guessing this isn't a problem if behind a reverse proxy? So for me, I would wish to automate applying the license file automatically. But this issue is just to see if we can somehow clean up the output without having to run the above commands on it every time

JollyRgrs avatar Jul 08 '22 13:07 JollyRgrs

im not behind a reverse proxy and i dont have this issue, ive never had to update my org license, there always 100 years expiration date and by then, its not my problem

robina80 avatar Jul 11 '22 18:07 robina80

@robina80 and you use a Let's Encrypt cert that you have to renew every 3 months? I think that's where the difference is, but if you do use an LE cert and don't have this issue, I need to have a side conversation and see what you're doing differently.

JollyRgrs avatar Jul 12 '22 05:07 JollyRgrs

@JollyBGood no i do not use a LE SSL cert, its a sectigo one that lasts for 1 year and when the time comes, i change the nginx conf to point to new one ie

ssl_certificate /etc/ssl/domain/my.crt; ssl_certificate_key /etc/ssl/domain/my.key;

ive noticed i need to comment this line out otherwise nginx docker gets in a restart loop

#ssl_trusted_certificate /etc/ssl/bitwarden.example.com/ca.crt;

but your issue is this i think, you need to point it to docker nginx version, not the system one

certbot certonly --nginx --nginx-server-root /opt/aspera/shares/etc/nginx --nginx-ctl /opt/aspera/shares/sbin/nginx -d domain.com

0 09,21 0 0 0 certbot renew -q

robina80 avatar Jul 12 '22 17:07 robina80

answer to the original question, found a way just using sed

sed -i '1s/^.*[[:punct:]]*.$/\{/' /license_files/IT.json

robina80 avatar Jul 13 '22 11:07 robina80

might have something to do with docker (for example: https://hjerpbakk.com/blog/2019/10/07/docker-bash-and-invisible-characters), need to check

h44z avatar Jul 25 '22 18:07 h44z