* [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted
@ 2022-06-22 20:22 Adolf Belka
2022-06-22 21:51 ` Tom Rymes
2022-06-23 12:56 ` Michael Tremer
0 siblings, 2 replies; 3+ messages in thread
From: Adolf Belka @ 2022-06-22 20:22 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2783 bytes --]
- Patch https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=2feacd989823aa1dbd5844c315a9abfd49060487
from May 2021 put the variable containing the .p12 content into double quotes which
causes the contents to be treated as text whereas the .p12 file is an application file.
- Most people must be downloading the zip package of .p12, ovpn.conf and ta.key files so
the problem was not noticed till now and flagged up in the forum.
https://community.ipfire.org/t/openvpn-p12-password-on-android-problem/8127
- The problem does not occur for the .p12 file in the zip file as the downloading of the
zip file does not have the variable name in double quotes.
- Putting the zip file variable into double quotes caused the downloaded zip file to be
corrupt and not able to be opened as an archive.
- Removing the double quotes from the .p12 variable name caused the separate .p12 file
download to be able to be correctly opened.
- The same quoted variable name is used also for the cacert.pem, cert.pem, servercert.pem
and ta.key file downloads. To be consistent the same change has been applied to these.
Fixes: Bug #2883
Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
html/cgi-bin/ovpnmain.cgi | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index b8c3e5064..736d17541 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1564,7 +1564,7 @@ END
print "Content-Disposition: filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- print "@tmp";
+ print @tmp;
exit(0);
} else {
@@ -1679,7 +1679,7 @@ END
print "Content-Disposition: filename=cacert.pem\r\n\r\n";
my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/cacert.pem");
- print "@tmp";
+ print @tmp;
exit(0);
}
@@ -1693,7 +1693,7 @@ END
print "Content-Disposition: filename=servercert.pem\r\n\r\n";
my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
- print "@tmp";
+ print @tmp;
exit(0);
}
@@ -1710,7 +1710,7 @@ END
my @tmp = <FILE>;
close(FILE);
- print "@tmp";
+ print @tmp;
exit(0);
}
@@ -2615,7 +2615,7 @@ else
my @tmp = <FILE>;
close(FILE);
- print "@tmp";
+ print @tmp;
exit (0);
###
@@ -3234,7 +3234,7 @@ END
my @tmp = <FILE>;
close(FILE);
- print "@tmp";
+ print @tmp;
exit (0);
}
--
2.36.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted
2022-06-22 20:22 [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted Adolf Belka
@ 2022-06-22 21:51 ` Tom Rymes
2022-06-23 12:56 ` Michael Tremer
1 sibling, 0 replies; 3+ messages in thread
From: Tom Rymes @ 2022-06-22 21:51 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3224 bytes --]
Adolf: Just noting that the subject of your message says fixes #12883,
but on line 13 of your below message, it says #2883. I assume that's not
terribly important, but figured I would point it out.
On 06/22/2022 4:22 PM, Adolf Belka wrote:
> - Patch https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=2feacd989823aa1dbd5844c315a9abfd49060487
> from May 2021 put the variable containing the .p12 content into double quotes which
> causes the contents to be treated as text whereas the .p12 file is an application file.
> - Most people must be downloading the zip package of .p12, ovpn.conf and ta.key files so
> the problem was not noticed till now and flagged up in the forum.
> https://community.ipfire.org/t/openvpn-p12-password-on-android-problem/8127
> - The problem does not occur for the .p12 file in the zip file as the downloading of the
> zip file does not have the variable name in double quotes.
> - Putting the zip file variable into double quotes caused the downloaded zip file to be
> corrupt and not able to be opened as an archive.
> - Removing the double quotes from the .p12 variable name caused the separate .p12 file
> download to be able to be correctly opened.
> - The same quoted variable name is used also for the cacert.pem, cert.pem, servercert.pem
> and ta.key file downloads. To be consistent the same change has been applied to these.
>
> Fixes: Bug #2883
> Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> html/cgi-bin/ovpnmain.cgi | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
> index b8c3e5064..736d17541 100644
> --- a/html/cgi-bin/ovpnmain.cgi
> +++ b/html/cgi-bin/ovpnmain.cgi
> @@ -1564,7 +1564,7 @@ END
> print "Content-Disposition: filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
>
> my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> } else {
> @@ -1679,7 +1679,7 @@ END
> print "Content-Disposition: filename=cacert.pem\r\n\r\n";
>
> my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/cacert.pem");
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> }
> @@ -1693,7 +1693,7 @@ END
> print "Content-Disposition: filename=servercert.pem\r\n\r\n";
>
> my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> }
> @@ -1710,7 +1710,7 @@ END
> my @tmp = <FILE>;
> close(FILE);
>
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> }
> @@ -2615,7 +2615,7 @@ else
> my @tmp = <FILE>;
> close(FILE);
>
> - print "@tmp";
> + print @tmp;
> exit (0);
>
> ###
> @@ -3234,7 +3234,7 @@ END
> my @tmp = <FILE>;
> close(FILE);
>
> - print "@tmp";
> + print @tmp;
> exit (0);
> }
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted
2022-06-22 20:22 [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted Adolf Belka
2022-06-22 21:51 ` Tom Rymes
@ 2022-06-23 12:56 ` Michael Tremer
1 sibling, 0 replies; 3+ messages in thread
From: Michael Tremer @ 2022-06-23 12:56 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3045 bytes --]
Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>
> On 22 Jun 2022, at 21:22, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>
> - Patch https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=2feacd989823aa1dbd5844c315a9abfd49060487
> from May 2021 put the variable containing the .p12 content into double quotes which
> causes the contents to be treated as text whereas the .p12 file is an application file.
> - Most people must be downloading the zip package of .p12, ovpn.conf and ta.key files so
> the problem was not noticed till now and flagged up in the forum.
> https://community.ipfire.org/t/openvpn-p12-password-on-android-problem/8127
> - The problem does not occur for the .p12 file in the zip file as the downloading of the
> zip file does not have the variable name in double quotes.
> - Putting the zip file variable into double quotes caused the downloaded zip file to be
> corrupt and not able to be opened as an archive.
> - Removing the double quotes from the .p12 variable name caused the separate .p12 file
> download to be able to be correctly opened.
> - The same quoted variable name is used also for the cacert.pem, cert.pem, servercert.pem
> and ta.key file downloads. To be consistent the same change has been applied to these.
>
> Fixes: Bug #2883
> Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> html/cgi-bin/ovpnmain.cgi | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
> index b8c3e5064..736d17541 100644
> --- a/html/cgi-bin/ovpnmain.cgi
> +++ b/html/cgi-bin/ovpnmain.cgi
> @@ -1564,7 +1564,7 @@ END
> print "Content-Disposition: filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
>
> my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> } else {
> @@ -1679,7 +1679,7 @@ END
> print "Content-Disposition: filename=cacert.pem\r\n\r\n";
>
> my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/cacert.pem");
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> }
> @@ -1693,7 +1693,7 @@ END
> print "Content-Disposition: filename=servercert.pem\r\n\r\n";
>
> my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> }
> @@ -1710,7 +1710,7 @@ END
> my @tmp = <FILE>;
> close(FILE);
>
> - print "@tmp";
> + print @tmp;
>
> exit(0);
> }
> @@ -2615,7 +2615,7 @@ else
> my @tmp = <FILE>;
> close(FILE);
>
> - print "@tmp";
> + print @tmp;
> exit (0);
>
> ###
> @@ -3234,7 +3234,7 @@ END
> my @tmp = <FILE>;
> close(FILE);
>
> - print "@tmp";
> + print @tmp;
> exit (0);
> }
>
> --
> 2.36.1
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-06-23 12:56 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-22 20:22 [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted Adolf Belka
2022-06-22 21:51 ` Tom Rymes
2022-06-23 12:56 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox