nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

check for failed easyrsa_mktemp

Browse Source 
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
This commit is contained in:
Luiz Angelo Daros de Luca 2019-05-30 18:52:27 -03:00
parent 8374fcb4da
commit 12ee30a802
No known key found for this signature in database
GPG Key ID: BB11DBBAD1073B56
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
easyrsa3/easyrsa
View File

@ -334,10 +334,10 @@ easyrsa_openssl() {
return
fi
easyrsa_openssl_conf=$(easyrsa_mktemp)
easyrsa_openssl_conf=$(easyrsa_mktemp) || die "Failed to create temporary file"
easyrsa_extra_exts=
if [ -n "$EASYRSA_EXTRA_EXTS" ]; then
easyrsa_extra_exts=$(easyrsa_mktemp)
easyrsa_extra_exts=$(easyrsa_mktemp) || die "Failed to create temporary file"
cat >"$easyrsa_extra_exts" <<-EOF
req_extensions = req_extra
[ req_extra ]
@ -576,11 +576,11 @@ current CA keypair. If you intended to start a new CA, run init-pki first."
# shellcheck disable=SC2015
[ "$EASYRSA_BATCH" ] && opts="$opts -batch" || export EASYRSA_REQ_CN="Easy-RSA CA"
out_key_tmp="$(easyrsa_mktemp)"
out_file_tmp="$(easyrsa_mktemp)"
out_key_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
out_file_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
# Get password from user if necessary
if [ ! $nopass ] && ( [ -z "$EASYRSA_PASSOUT" ] || [ -z "$EASYRSA_PASSIN" ] ); then
out_key_pass_tmp="$(easyrsa_mktemp)"
out_key_pass_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
echo
printf "Enter New CA Key Passphrase: "
hide_read_pass kpass
@ -703,7 +703,7 @@ $EASYRSA_EXTRA_EXTS"
{ while ( getline<"/dev/stdin" ) {print} next }
{print}
}'
conf_tmp="$(easyrsa_mktemp)"
conf_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
print "$extra_exts" | \
awk "$awkscript" "$EASYRSA_SSL_CONF" \
> "$conf_tmp" \
@ -712,8 +712,8 @@ $EASYRSA_EXTRA_EXTS"
EASYRSA_SSL_CONF="$conf_tmp"
fi
key_out_tmp="$(easyrsa_mktemp)"
req_out_tmp="$(easyrsa_mktemp)"
key_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
req_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
# generate request
[ $EASYRSA_BATCH ] && opts="$opts -batch"
# shellcheck disable=2086,2148
@ -792,7 +792,7 @@ $(display_dn req "$req_in")
" # => confirm end
# Generate the extensions file for this cert:
ext_tmp="$(easyrsa_mktemp)"
ext_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
{
# Append first any COMMON file (if present) then the cert-type extensions
cat "$EASYRSA_EXT_DIR/COMMON"
@ -834,7 +834,7 @@ Failed to create temp extension file (bad permissions?) at:
$ext_tmp"
# sign request
crt_out_tmp="$(easyrsa_mktemp)"
crt_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
easyrsa_openssl ca -utf8 -in "$req_in" -out "$crt_out_tmp" \
-extfile "$ext_tmp" -days "$EASYRSA_CERT_EXPIRE" -batch $opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|| die "signing failed (openssl output above may have more detail)"
@ -1178,7 +1178,7 @@ gen_crl() {
verify_ca_init
out_file="$EASYRSA_PKI/crl.pem"
out_file_tmp="$(easyrsa_mktemp)"
out_file_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
CRL Generation failed.
"
@ -1336,7 +1336,7 @@ $file"
If the key is currently encrypted you must supply the decryption passphrase.
${crypto:+You will then enter a new PEM passphrase for this key.$NL}"
out_key_tmp="$(easyrsa_mktemp)"
out_key_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
easyrsa_openssl "$key_type" -in "$file" -out "$out_key_tmp" $crypto ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
Failed to change the private key passphrase. See above for possible openssl
error messages."