From 74739844b44495f7e554e7897b3cc8f85cab461b Mon Sep 17 00:00:00 2001 From: Markus Tillinger Date: Fri, 22 Jan 2021 16:17:59 +0100 Subject: [PATCH] Fixed space-related issues in export-pkcs --- easyrsa3/easyrsa | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index d14ab7e..858cf6c 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -1390,11 +1390,12 @@ Run easyrsa without commands for usage and command help." done pkcs_opts= + pkcs_certfile_path= if [ $want_ca ]; then verify_file x509 "$crt_ca" || die "\ Unable to include CA cert in the $pkcs_type output (missing file, or use noca option.) Missing file expected at: $crt_ca" - pkcs_opts="$pkcs_opts -certfile $crt_ca" + pkcs_certfile_path="$crt_ca" fi # input files must exist @@ -1412,13 +1413,14 @@ Unable to export p12 for short name '$short_name' without the key (if you want a p12 without the private key, use nokey option.) Missing key expected at: $key_in" else - pkcs_opts="$pkcs_opts -nokeys" + pkcs_opts="-nokeys" fi # export the p12: # shellcheck disable=SC2086 easyrsa_openssl pkcs12 -in "$crt_in" -inkey "$key_in" -export \ - -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ + -out "$pkcs_out" $pkcs_opts ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ Export of p12 failed: see above for related openssl errors." ;; p7) @@ -1427,14 +1429,13 @@ Export of p12 failed: see above for related openssl errors." # export the p7: # shellcheck disable=SC2086 easyrsa_openssl crl2pkcs7 -nocrl -certfile "$crt_in" \ - -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ + -out "$pkcs_out" ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ Export of p7 failed: see above for related openssl errors." ;; p8) if [ -z $want_pass ]; then pkcs_opts="-nocrypt" - else - pkcs_opts="" fi pkcs_out="$EASYRSA_PKI/private/$short_name.p8"