Grep Perl正则表达式和捕获组

Question

我正在尝试使用此命令获取SSl证书信息:

openssl s_client -connect gcm-http.googleapis.com:443

这将返回SSL证书信息.我正在尝试grep -P这一点,但很难搞清楚1)正确的正则表达式,以及2)如何实际让Grep返回.到目前为止,具有以下正则表达式的grep命令不返回任何内容.

以下是我正在操作的信息:

(More unrelated data - Truncated)
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.googleapis.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate

-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIISZPzqn6Rx/0wDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTcwNzI1MDgyOTQ0WhcNMTcxMDE3MDgyNzAw
WjBqMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEZMBcGA1UEAwwQKi5n
b29nbGVhcGlzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL50
UZFxROM8NwIcSTC9V6XAJkoCcW+xuLtYFUbP+6zomzzxYXtTjh+s33XvtaHoNk1S
WxBqSX+0YsS1RHzwWT4KwJpkEyrqJ/WDtKs3hQY27Lng6IZmAYomoRXNZBWgXdQ0
sBddBU9/HtpKu0RpL6qM+7y7Xpp8KHilqPfjvtc8eljvOAdU3RA3w1p2JIov+F5n
sbD1bMqq3Xx6wbT7FLhzL8P/+g1NI0DC/fzSqW+pS/RLljQGLJrlvfmrV++i69Yg
pFRHPvTo85171cLjvHNv730SkM4W9SA7oHU+xzmANrT+p/ikcEJrcMnR9pKf08ON
pN9UgsEff7BZE0jvlu0CAwEAAaOCAaYwggGiMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjB0BgNVHREEbTBrghAqLmdvb2dsZWFwaXMuY29tghUqLmNsaWVu
dHM2Lmdvb2dsZS5jb22CGCouY2xvdWRlbmRwb2ludHNhcGlzLmNvbYIWY2xvdWRl
bmRwb2ludHNhcGlzLmNvbYIOZ29vZ2xlYXBpcy5jb20waAYIKwYBBQUHAQEEXDBa
MCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0MCsG
CCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0GA1Ud
DgQWBBRQbPBTOA3tVXQWc4iuJyyz5dGWMzAMBgNVHRMBAf8EAjAAMB8GA1UdIwQY
MBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1UdIAQaMBgwDAYKKwYBBAHWeQIF
ATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29nbGUu
Y29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAeClOfrviHl9sZAVSTfYB
5FuIDKeSJHibXtjHSNsUP+JaAB9x1ABDczyLYWD/4PaD2w8jRXPXcVcqUaQPqyjF
1um/H/+Eb8+qfwl+Q3RiBAgGgAPw+s6GZK/kGfF9CNPbwhPXizYS6BZZ880/x3ec
Em0F+i0NbHsufPg4ghtJr2gFC2NWHwhvZtezbQDR2z8ePu1r3hyFwgotefCFsQJv
zAbVOvXsqHZdom3BLVwkANeh5hRfeW04N48bRVMZo9A0cULTg5LM1AOXGeLbp86z
D3RHbwtbRBGp2HUjfpt8FqeMzd+DxGlQXEc7l8aFwOgIFvWRJv+SHCXVT3rRHGD+
wA==
-----END CERTIFICATE-----

....
(More unrelated data - Truncated)

我试过这两个正则表达式:

grep -P '((?:-+BEGIN CERTIFICATE-+\n)(.+\n)*(?:-+END CERTIFICATE-+))'

grep -P '(?:-+BEGIN CERTIFICATE-+\n)(.+\n)(?:-+END CERTIFICATE-+)'

基本上,我只想返回证书本身,而不是----BEGIN CERTIFICATE----和-----END CERTIFICATE-----

我知道有可能有一个更好的方法来做正则表达式,但我已经测试了它(它的工作原理)regexr.com和regex101.com

如果Grep成功捕获它,那么做一个echo $1什么都不会返回.

Answer 1

我没有设法使用它grep,但有一个Perl解决方案:

perl -0777 -n -e \
    'print $1 if /-+BEGIN CERTIFICATE-+\n(.+\n)*-+END CERTIFICATE-+/s' \
    cert.txt

这将打印第一个"BEGIN ..."和最后一个"END ..."之间的所有内容.

更新:

@brian d foy写了一篇关于"独占触发器操作员"的文章.根据那篇文章,这也有效:

perl -n -e \
    'print if ($rc = /-+BEGIN CERTIFICATE/ .. /-+END CERTIFICATE-+/ and $rc !~ /(^1|E0)$/)' cert.txt 

Answer 2

只是为了记录,这是一个grep只提取证书的命令:

grep -zoPe '--BEGIN.*\n\K[^-]+' file | head -c-1

诀窍是使用-z/ --null-data选项(输入行以\0endline结尾,而不是换行符).我们还使用PCRE和PCRE的特殊转义序列,即复位匹配开始\K,这会导致任何先前匹配的字符不包含在最终匹配的序列中(我们只需要--BEGIN...\n之前和之后的部分-...).

该head -c-1会删除最后一个字符,这是一个换行符老年grep秒(如GNU grepV2.12)和空字节的新grepS(如GNU grepV2.25).