'case' is "immune" to standard word splitting and globbing but
code-style now demands that 'case' does not get treated differently.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
SC2086 - Double quote to prevent globbing and word splitting.
It is not suitable to quote $opts and $EASYRSA_EXTRA_EXTS
because then they are passed to SSL as a single option
with spaces, which is not the intended use.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
* EASYRSA_CA_EXTRA_EXTS: Created to avoid clash with EASYRSA_EXTRA_EXTS
EASYRSA_CA_EXTRA_EXTS was an interim hack to avoid triggering a code
injection buried deep inside easyrsa_openssl(), when building a CA.
Fixed by Commit: 057be57825616199d125dfffbc5abfa9efaae792
Remove EASYRSA_CA_EXTRA_EXTS:
Created by Commit: 6f138abb5b091fe7715fa7c8c6369d7704b6f177
The result is for all extra extensions to be subject to the same code.
The CA no longer has to dodge the code injection.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
'init-pki' is run in two different states:
* Without a pre-existing PKI
* With a pre-existing PKI
This causes 'init-pki' temporary session directory status to be undefined.
If a PKI does exist then a "session" directory will exist.
If a PKI does not exist then a "session" will not be defined and a directory
will not exist.
Additionally, a 'soft' init-pki leaves the current "session" directory
completely intact.
Resolve this by Always deleting the old "session" and creating a new "session".
* Only 'init-pki' is allowed to do this.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
mktemp was used to create temp-files but it is not POSIX and
the version shipped for Windows has known bugs.
Replace mktemp with atomic directory and file creation using mkdir
and mv, both of which are atomic.
The temporary directory "session" directory is created using mkdir
with a 32bit random number for the name.
eg: /tmp/easyrsa-temp/b01dface
The temporary file is created by moving another file into the place
of the temp-file, with a 32bit random number for the name.
eg: /tmp/easyrsa-temp/b01dface/c01dface
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
The problem:
* crypto_opts="$crypto_opts -pass file:$out_key_pass_tmp"
This cannot be reliably expanded and passed as an unquoted option.
This is due to the unquoted file name $out_key_pass_tmp.
The solution:
* Do not polute $crypto_opts with password related options.
* Specifiy the correct '-pass/-passin/-passout file:xx' for each command.
This allows "$out_key_pass_tmp" to be corrrectly quoted.
Also, apply the same quoting technique to $crypto_opts.
Minor alterations to OpenSSL command line layout, readability.
Comment out the replaced code, not removed. For comparison.
(Follow-up patch will remove the comments)
Full unit-tests completed throughout development.
Manually tested multiple password protected PKIs.
OpenSSL 1.1.1 and 3.0.2
Not tested:
* OpenSSL options: -pass/-passin-/passout file:"$out_key_pass_tmp"
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
The config file is unambiguously and previously created by
install_data_to_pki().
The config file location is exported in the previous command.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This code injection 'attempted' to insert a temp-file created with
EASYRSA_EXTRA_EXTS data. The insertion would take place at the awk
script marker "^#%EXTRA_EXTS%". However, this marker has already
been replaced by gen_req(), thus the condition to insert the code
was never met and the code injection has never taken place.
Testing this, I created a new marker for this injection to key from
and, due to the file-name variable not having been quoted, the test
fails when the file name has a space in it.
General tidy-up of easyrsa_openssl()
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
