vars_setup(): When sourcing 'vars' restrict PATH to './'

If '--vars=vars' is used, without specifying a path to 'vars', then sourcing 'vars' fails to find './vars'. POSIX '.' searches the PATH when the file-name does not contain a slash '/'. [man dot(1p)] Since EasyRSA expects the 'vars' file to be within the current working directory, setting 'PATH=./' forces '.' to search ONLY './'. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
2023-09-14 23:16:40 +01:00 · 2023-09-14 23:16:40 +01:00 · 5a24fa7815
commit 5a24fa7815
parent 4095e334cd
1 changed files with 8 additions and 3 deletions
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@ -5788,16 +5788,21 @@ Remove 'unset' ('force_set_var' may also work)."
 		# Enable sourcing 'vars'
 		# shellcheck disable=SC2034 # appears unused
 		EASYRSA_CALLER=1
+		easyrsa_path="$PATH"
+		PATH=./

 		# Test sourcing 'vars' in a subshell
 		# shellcheck disable=1090 # can't follow .. vars
 		( . "$vars" ) || \
-			die "Failed to source the vars file."
+			die "Failed to dry-run the vars file."

 		# Source 'vars' now
 		# shellcheck disable=1090 # can't follow .. vars
-		. "$vars"
-		unset -v EASYRSA_CALLER
+		. "$vars" || \
+			die "Failed to source the vars file."
+
+		PATH="$easyrsa_path"
+		unset -v EASYRSA_CALLER easyrsa_path
 		verbose "vars_setup: sourced 'vars' OK"
 	fi