From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 2/3] Partially revert "vpnmain.cgi: Use new system methods" Date: Tue, 13 Jul 2021 15:30:52 +0000 Message-ID: <20210713153053.11281-2-michael.tremer@ipfire.org> In-Reply-To: <20210713153053.11281-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7505145359156987322==" List-Id: --===============7505145359156987322== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This reverts commit a81cbf61273536ee36f3d26504aabdcd65d39cca. It was no longer possible to generate the root/host certificates. Signed-off-by: Michael Tremer --- html/cgi-bin/vpnmain.cgi | 52 +++++++++++++--------------------------- 1 file changed, 16 insertions(+), 36 deletions(-) diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 8f13cf51f..80e93ffd3 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -226,13 +226,9 @@ sub newcleanssldatabase { ### sub callssl ($) { my $opt =3D shift; - - # Split the given argument string into single pieces and assign them to an = array. - my @opts =3D split(/ /, $opt); - - my @retssl =3D &General::system_output("/usr/bin/openssl", @opts); #redirec= t stderr + my $retssl =3D `/usr/bin/openssl $opt 2>&1`; #redirect stderr my $ret =3D ''; - foreach my $line (split (/\n/, @retssl)) { + foreach my $line (split (/\n/, $retssl)) { &General::log("ipsec", "$line") if (0); # 1 for verbose logging $ret .=3D '
'.$line if ( $line =3D~ /error|unknown/ ); } @@ -246,21 +242,13 @@ sub callssl ($) { ### sub getCNfromcert ($) { #&General::log("ipsec", "Extracting name from $_[0]..."); - my @temp =3D &General::system_output("/usr/bin/openssl", "x509", "-text", "= -in", "$_[0]"); - my $temp; - - foreach my $line (@temp) { - if ($line =3D~ /Subject:.*CN =3D (.*)[\n]/) { - $temp =3D $1; - $temp =3D~ s+/Email+, E+; - $temp =3D~ s/ ST =3D / S =3D /; - $temp =3D~ s/,//g; - $temp =3D~ s/\'//g; - - last; - } - } - + my $temp =3D `/usr/bin/openssl x509 -text -in $_[0]`; + $temp =3D~ /Subject:.*CN =3D (.*)[\n]/; + $temp =3D $1; + $temp =3D~ s+/Email+, E+; + $temp =3D~ s/ ST =3D / S =3D /; + $temp =3D~ s/,//g; + $temp =3D~ s/\'//g; return $temp; } ### @@ -268,19 +256,11 @@ sub getCNfromcert ($) { ### sub getsubjectfromcert ($) { #&General::log("ipsec", "Extracting subject from $_[0]..."); - my @temp =3D &General::system_output("/usr/bin/openssl", "x509", "-text", "= -in", "$_[0]"); - my $temp; - - foreach my $line (@temp) { - if($line =3D~ /Subject: (.*)[\n]/) { - $temp =3D $1; - $temp =3D~ s+/Email+, E+; - $temp =3D~ s/ ST =3D / S =3D /; - - last; - } - } - + my $temp =3D `/usr/bin/openssl x509 -text -in $_[0]`; + $temp =3D~ /Subject: (.*)[\n]/; + $temp =3D $1; + $temp =3D~ s+/Email+, E+; + $temp =3D~ s/ ST =3D / S =3D /; return $temp; } ### @@ -689,8 +669,8 @@ END $errormessage =3D $!; goto UPLOADCA_ERROR; } - my @temp =3D &General::system_output("/usr/bin/openssl", "x509", "-text", "= -in", "$filename"); - if (! grep(/CA:TRUE/, @temp)) { + my $temp =3D `/usr/bin/openssl x509 -text -in $filename`; + if ($temp !~ /CA:TRUE/i) { $errormessage =3D $Lang::tr{'not a valid ca certificate'}; unlink ($filename); goto UPLOADCA_ERROR; --=20 2.31.0 --===============7505145359156987322==--