From 81ab139ebb2493929c516deedc79e9ac437df8d0 Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Tue, 24 Jan 2023 16:05:02 +0000
Subject: [PATCH] Remove hard-coded unit-test password from build-ca

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 27 ++++++++-------------------
 1 file changed, 8 insertions(+), 19 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 746e1c1..172ef75 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -1401,26 +1401,15 @@ Unable to create necessary PKI files (permissions?)"
 		out_key_pass_tmp="$(easyrsa_mktemp)" || \
 			die "out_key_pass_tmp: create"
 
-		# Dirty way to unit-test default behavior
-		if [ "$ERSA_UTEST_VERSION" ]; then
-		# Prove this works by changing passwords
-		# use: ERSA_UTEST_VERSION=9 easyrsa build-ca
-			p="EasyRSA"
-			q="EasyRSA"
-			unset -v EASYRSA_PASSIN EASYRSA_PASSOUT
-			warn "SPECIAL unit-test CA password!"
+		p=""
+		q=""
+		# Get passphrase p
+		get_passphrase p \
+			"Enter New CA Key Passphrase: "
 
-		else
-			p=""
-			q=""
-			# Get passphrase p
-			get_passphrase p \
-				"Enter New CA Key Passphrase: "
-
-			# Confirm passphrase q
-			get_passphrase q \
-				"Confirm New CA Key Passphrase: "
-		fi
+		# Confirm passphrase q
+		get_passphrase q \
+			"Confirm New CA Key Passphrase: "
 
 		# Validate passphrase
 		if [ "$p" ] && [ "$p" = "$q" ]; then