From 4463e1d08fd7eebaa73f7d79634b93d1e34d7b42 Mon Sep 17 00:00:00 2001
From: Eric F Crist <ecrist@secure-computing.net>
Date: Tue, 15 Mar 2022 18:58:22 -0500
Subject: [PATCH] Use openssl rand -hex 3 instead of mktemp

This removes our dependency on an external non-POSIX mktemp
implementation and uses openssl's built in rand function.

Addresses #478

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
---
 easyrsa3/easyrsa | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 36e154d..796b612 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -332,16 +332,9 @@ easyrsa_mktemp() {
 	       die "Could not create temporary directory '$EASYRSA_TEMP_DIR_session'. Permission or concurrency problem?"
 	[ -d "$EASYRSA_TEMP_DIR_session" ] || die "Temporary directory '$EASYRSA_TEMP_DIR_session' does not exist"
 
-	template="$EASYRSA_TEMP_DIR_session/tmp.XXXXXX"
-	tempfile=$(mktemp "$template") || return
-
-	# win32 mktemp shipped by easyrsa returns template as file!
-	if [ "$template" = "$tempfile" ]; then
-		# but win32 mktemp -d does work
-		# but win32 mktemp -u does not work
-		tempfile=$(mktemp -du "$tempfile") || return
-		printf "" > "$tempfile" || return
-	fi
+	tempfile="$EASYRSA_TEMP_DIR_session/tmp.$($EASYRSA_OPENSSL rand -hex 3)" || return
+	printf "" > "$tempfile" || return
+	
 	echo "$tempfile"
 } # => easyrsa_mktemp