From 9171bc2f55197422fcc2f223520fe01fd0b94287 Mon Sep 17 00:00:00 2001
From: "thomas.chen" <thomas.chen@trustasia.com>
Date: Fri, 23 Aug 2024 15:39:29 +0800
Subject: [PATCH] Solving the problem that the function
 '_readSubjectAltNamesFromCSR' will cause certificates to not be issued in SAN
 and CN with the same wildcard domain

---
 acme.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)
 mode change 100755 => 100644 acme.sh

diff --git a/acme.sh b/acme.sh
old mode 100755
new mode 100644
index 4cf407f2..c8d7d50c
--- a/acme.sh
+++ b/acme.sh
@@ -464,6 +464,12 @@ _contains() {
   echo "$_str" | grep -- "$_sub" >/dev/null 2>&1
 }
 
+_contains_fixed() {
+  _str="$1"
+  _sub="$2"
+  echo "$_str" | grep -F -- "$_sub" >/dev/null 2>&1
+}
+
 _hasfield() {
   _str="$1"
   _field="$2"
@@ -1345,7 +1351,7 @@ _readSubjectAltNamesFromCSR() {
   _dnsAltnames="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile" | grep "^ *DNS:.*" | tr -d ' \n')"
   _debug _dnsAltnames "$_dnsAltnames"
 
-  if _contains "$_dnsAltnames," "DNS:$_csrsubj,"; then
+  if _contains_fixed "$_dnsAltnames," "DNS:$_csrsubj,"; then
     _debug "AltNames contains subject"
     _excapedAlgnames="$(echo "$_dnsAltnames" | tr '*' '#')"
     _debug _excapedAlgnames "$_excapedAlgnames"