Replacing a matched string occurring after another specific string in a file

$ awk -v org='ABCDE-12345' -v RS= -v ORS='\n\n' '
    $1 == "[dn]" {
        $0 = "\n" $0
        sub(/\nOrganizationID[[:space:]]*=[^\n]*/,"\nOrganizationID = " org)
        sub(/^\n/,"")
    }
    { print }
' file
oid_section = OIDs

[req]
default_bits = 4096
prompt = no
default_md = sha256
distinguished_name = dn

attributes = v3_req

[OIDs]
OrganizationID = 2.5.4.97        # Don't touch this

[dn]
C = FO
ST = Foobar Monarchy
O = Lorem Ipsum
CN = specific.domain.com
OrganizationID = ABCDE-12345
#...

[v3_req]
#...

RS=<null> puts awk into blank-line-separated paragraph mode (see RS = "" in https://www.gnu.org/software/gawk/manual/gawk.html#Multiple-Line), ORS='\n\n' ensures a blank-line separated output, $0 = "\n" $0 ensures every line of the record has a newline before it so that the subsequent sub() using surrounding newlines can succeed even if OrganizationID is the first line of the record and then sub(/^\n/,"") removes the temporary newline we added in the first step.

The following awk code will change the value of the line starting with OrganizationID to whatever you choose, but only in the section [dn], and only on the first occurence of that key:

awk -F'=' -v OFS='=' '$0=="[dn]"{f=1} (f)&&$1~/^OrganizationID/{$2="Something-New"; f=0} 1' ssl.cfg

If you want to avoid hard-coding the replacement, you can import it as in

req_id="Something-New"
awk -F'=' -v OFS='=' -v repl="$req_id" '$0=="[dn]"{f=1} (f)&&$1~/^OrganizationID/{$2=repl; f=0} 1' ssl.cfg

(but note that escape sequences in the variable will be interpreted by awk, so if you need literal backslashes, special precautions are necessary. See this answer on StackOverflow for further reading).

The above code does the following:

• It considers the = as field separator for input (-F'=') and output (-v OFS='='), so internally, the line will be split at every = into "columns", and the output lines will be assembled by concatenating the field entries with = in between.

• If the entire current line ($0) only consists of the section header [dn], a flag f will be set to 1 to indicate that the correct section was found.

• If we are in the correct section, and the first field ($1, i.e. the string before the first =) starts with OrganizationID, then the second field ($2, i.e. the string after the first =) is replaced by the content of the awk variable repl, which we have set to the content of the shell variable $req_id via the -v repl="$req_id" option. It also resets the flag so we don't replace the value for any other occurence of OrganizationID.

• The "lone" 1 outside of the rules blocks { ... } is a shorthand notation and means "print the current line with all modifications made by the previous rules". The idea behind this mechanism is actually that you can state any condition outside of the rules blocks that, if it evaluates to true (or non-zero), makes awk print the current line (e.g. awk 'FNR==1' would print only the first line, because the internal line counter FNR is equal to 1 only on that line).

  Note that without any explicit print/printf command inside the rule blocks, or the "global" condition evaluating to true, awk will not print the current line.

Output for your example:

oid_section = OIDs

[req]
default_bits = 4096
prompt = no
default_md = sha256
distinguished_name = dn

attributes = v3_req

[OIDs]
OrganizationID = 2.5.4.97        # Don't touch this

[dn]
C = FO
ST = Foobar Monarchy
O = Lorem Ipsum
CN = specific.domain.com
OrganizationID =Something-New
#...

[v3_req]

This code will not modify the file but print the result to the console (so you can check if it is correct first). Once you are satisfied, either redirect the output to a new file and then replace manually, or - if your awk supports it - use the -i inplace extension (works on recent GNU awk implementations).

awk -F"=" -v OFS="=" '.. etc ..' ssl.cfg > ssl.cfg.new

or

awk -i inplace -F"=" -v OFS="=" '.. etc ..' ssl.cfg

Method1

for  i in `sed -n '/OrganizationID/{;=;}' file| sed -n '2p'`; do sed ''$i's/.*/OrganizationID = ABCDE-98765/g' file; done

Python

#!/usr/bin/python
import re
j=[]
t=0
h=re.compile(r'OrganizationID.*')
k=open('file','r')
for i in k:
    if re.search(h,i):
        t=t+1
        if (t == 2):
            y=re.sub(h,"OrganizationID = ABCDE-98765",i)
            print y.strip()
        else:
            print i.strip()
    else:
        print i.strip()

output

oid_section = OIDs

[req]
default_bits = 4096
prompt = no
default_md = sha256
distinguished_name = dn

attributes = v3_req

[OIDs]
OrganizationID = 2.5.4.97        # Don't touch this

[dn]
C = FO
ST = Foobar Monarchy
O = Lorem Ipsum
CN = specific.domain.com
OrganizationID = ABCDE-98765

Here is one way to accomplish the task using Awk. We place the REQ_ID onto the environment of awk command line from where it gets available in the builtin associative array ENVIRON

$ REQ_ID="ABCDE-98765" \
   awk '
     BEGIN { a[1] = "OrganizationID = " ENVIRON["REQ_ID"] }
     $1 == "[dn]", match($0, /^OrganizationID[[:blank:]]*=/) {
       a[0] = $0
       $0 = a[RSTART]
     }1
  ' ssl.cfg

With sed there's some more work because we have to ensure that the REQ_ID is placeable on the RHS of the s/// command.

$ REQ_ID="ABCDE-98765"; s="[[:blank:]]" 
$ req_id_esc=$(printf '%s\n' "$REQ_ID" | sed -e 's:[\&/]:\\&:g')
$ sed -e "/^[[]dn]/,/^OrganizationID$s*=/s/^\(OrganizationID\)$s*=.*/\1 = ${req_id_esc}/" ssl.cfg

$ REQ_ID="ABCDE-98765" \
   perl -pale '
      s//$1 = $ENV{REQ_ID}/ if 
        $F[0] eq "[dn]" ... /^(OrganizationID)\s*=.*/ and
        defined $1' ssl.cfg