From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted Date: Wed, 22 Jun 2022 22:22:36 +0200 Message-ID: <20220622202236.3149193-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7744988011223040696==" List-Id: --===============7744988011223040696== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable - Patch https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D2feacd98982= 3aa1dbd5844c315a9abfd49060487 from May 2021 put the variable containing the .p12 content into double quo= tes which causes the contents to be treated as text whereas the .p12 file is an appl= ication file. - Most people must be downloading the zip package of .p12, ovpn.conf and ta.k= ey files so the problem was not noticed till now and flagged up in the forum. https://community.ipfire.org/t/openvpn-p12-password-on-android-problem/8127 - The problem does not occur for the .p12 file in the zip file as the downloa= ding of the zip file does not have the variable name in double quotes. - Putting the zip file variable into double quotes caused the downloaded zip = file to be corrupt and not able to be opened as an archive. - Removing the double quotes from the .p12 variable name caused the separate = .p12 file download to be able to be correctly opened. - The same quoted variable name is used also for the cacert.pem, cert.pem, se= rvercert.pem and ta.key file downloads. To be consistent the same change has been appli= ed to these. Fixes: Bug #2883 Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- html/cgi-bin/ovpnmain.cgi | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index b8c3e5064..736d17541 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -1564,7 +1564,7 @@ END print "Content-Disposition: filename=3D$cahash{$cgiparams{'KEY'}}[0]cert.pe= m\r\n\r\n"; =20 my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "${= General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem"); - print "@tmp"; + print @tmp; =20 exit(0); } else { @@ -1679,7 +1679,7 @@ END print "Content-Disposition: filename=3Dcacert.pem\r\n\r\n"; =20 my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "${G= eneral::swroot}/ovpn/ca/cacert.pem"); - print "@tmp"; + print @tmp; =20 exit(0); } @@ -1693,7 +1693,7 @@ END print "Content-Disposition: filename=3Dservercert.pem\r\n\r\n"; =20 my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "${G= eneral::swroot}/ovpn/certs/servercert.pem"); - print "@tmp"; + print @tmp; =20 exit(0); } @@ -1710,7 +1710,7 @@ END my @tmp =3D ; close(FILE); =20 - print "@tmp"; + print @tmp; =20 exit(0); } @@ -2615,7 +2615,7 @@ else my @tmp =3D ; close(FILE); =20 - print "@tmp"; + print @tmp; exit (0); =20 ### @@ -3234,7 +3234,7 @@ END my @tmp =3D ; close(FILE); =20 - print "@tmp"; + print @tmp; exit (0); } =20 --=20 2.36.1 --===============7744988011223040696==--