From 66d282e1c1035d288f386ae6a65b9d09a5fa00a2 Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Thu, 9 Feb 2023 20:47:15 +0000
Subject: [PATCH] set-var(): Check input, die on errors

Previously, set_var() had no input checking, combined with
the point that, via vars, set_var() is user facing, this
can lead to easy user errors.

Now, input is checked:
- Parameter 1 is required.
- Parameter 1 cannot contain a space.
- Less-than 3 input parameters are expected.
- Quote the expansion of the first occurence of parameter 1
  in the evaluated expression.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 9977ac6..47c52c4 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -4345,10 +4345,10 @@ Sourcing the vars file and building certificates will probably fail ..'
 # the variable when it is already defined (even if currently null)
 # Sets $1 as the value contained in $2 and exports (may be blank)
 set_var() {
-	var=$1
-	shift
-	value="$*"
-	eval "export $var=\"\${$var-$value}\""
+	[ "$1" ] || die "set_var - missing input"
+	[ "$1" = "${1% *}" ] || die "set_var - input error"
+	[ "$#" -lt 3 ] || die "set_var - excess input"
+	eval "export \"$1\"=\"\${$1-$2}\""
 } #=> set_var()