From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rymes To: development@lists.ipfire.org Subject: Re: [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted Date: Wed, 22 Jun 2022 17:51:05 -0400 Message-ID: <25b8ae57-60d3-f4c3-df2f-4dde8ab2b7cf@rymes.net> In-Reply-To: <20220622202236.3149193-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4977907859937085634==" List-Id: --===============4977907859937085634== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Adolf: Just noting that the subject of your message says fixes #12883,=20 but on line 13 of your below message, it says #2883. I assume that's not=20 terribly important, but figured I would point it out. On 06/22/2022 4:22 PM, Adolf Belka wrote: > - Patch https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D2feacd989= 823aa1dbd5844c315a9abfd49060487 > from May 2021 put the variable containing the .p12 content into double = quotes which > causes the contents to be treated as text whereas the .p12 file is an a= pplication file. > - Most people must be downloading the zip package of .p12, ovpn.conf and ta= .key files so > the problem was not noticed till now and flagged up in the forum. > https://community.ipfire.org/t/openvpn-p12-password-on-android-problem/= 8127 > - The problem does not occur for the .p12 file in the zip file as the downl= oading of the > zip file does not have the variable name in double quotes. > - Putting the zip file variable into double quotes caused the downloaded zi= p file to be > corrupt and not able to be opened as an archive. > - Removing the double quotes from the .p12 variable name caused the separat= e .p12 file > download to be able to be correctly opened. > - The same quoted variable name is used also for the cacert.pem, cert.pem, = servercert.pem > and ta.key file downloads. To be consistent the same change has been ap= plied to these. >=20 > Fixes: Bug #2883 > Tested-by: Adolf Belka > Signed-off-by: Adolf Belka > --- > html/cgi-bin/ovpnmain.cgi | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) >=20 > diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi > index b8c3e5064..736d17541 100644 > --- a/html/cgi-bin/ovpnmain.cgi > +++ b/html/cgi-bin/ovpnmain.cgi > @@ -1564,7 +1564,7 @@ END > print "Content-Disposition: filename=3D$cahash{$cgiparams{'KEY'}}[0]cert= .pem\r\n\r\n"; > =20 > my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", = "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem"); > - print "@tmp"; > + print @tmp; > =20 > exit(0); > } else { > @@ -1679,7 +1679,7 @@ END > print "Content-Disposition: filename=3Dcacert.pem\r\n\r\n"; > =20 > my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "= ${General::swroot}/ovpn/ca/cacert.pem"); > - print "@tmp"; > + print @tmp; > =20 > exit(0); > } > @@ -1693,7 +1693,7 @@ END > print "Content-Disposition: filename=3Dservercert.pem\r\n\r\n"; > =20 > my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "= ${General::swroot}/ovpn/certs/servercert.pem"); > - print "@tmp"; > + print @tmp; > =20 > exit(0); > } > @@ -1710,7 +1710,7 @@ END > my @tmp =3D ; > close(FILE); > =20 > - print "@tmp"; > + print @tmp; > =20 > exit(0); > } > @@ -2615,7 +2615,7 @@ else > my @tmp =3D ; > close(FILE); > =20 > - print "@tmp"; > + print @tmp; > exit (0); > =20 > ### > @@ -3234,7 +3234,7 @@ END > my @tmp =3D ; > close(FILE); > =20 > - print "@tmp"; > + print @tmp; > exit (0); > } > =20 --===============4977907859937085634==--