From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] ovpnmain.cgi: Fix for bug #12883 - separate .p12 file corrupted Date: Thu, 23 Jun 2022 13:56:38 +0100 Message-ID: <7401CCBB-2B2E-4821-B9A2-B47729885B0C@ipfire.org> In-Reply-To: <20220622202236.3149193-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2637434313483498238==" List-Id: --===============2637434313483498238== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Michael Tremer > On 22 Jun 2022, at 21:22, Adolf Belka wrote: >=20 > - Patch https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D2feacd989= 823aa1dbd5844c315a9abfd49060487 > from May 2021 put the variable containing the .p12 content into double qu= otes which > causes the contents to be treated as text whereas the .p12 file is an app= lication file. > - Most people must be downloading the zip package of .p12, ovpn.conf and ta= .key files so > the problem was not noticed till now and flagged up in the forum. > https://community.ipfire.org/t/openvpn-p12-password-on-android-problem/81= 27 > - The problem does not occur for the .p12 file in the zip file as the downl= oading of the > zip file does not have the variable name in double quotes. > - Putting the zip file variable into double quotes caused the downloaded zi= p file to be > corrupt and not able to be opened as an archive. > - Removing the double quotes from the .p12 variable name caused the separat= e .p12 file > download to be able to be correctly opened. > - The same quoted variable name is used also for the cacert.pem, cert.pem, = servercert.pem > and ta.key file downloads. To be consistent the same change has been appl= ied to these. >=20 > Fixes: Bug #2883 > Tested-by: Adolf Belka > Signed-off-by: Adolf Belka > --- > html/cgi-bin/ovpnmain.cgi | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) >=20 > diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi > index b8c3e5064..736d17541 100644 > --- a/html/cgi-bin/ovpnmain.cgi > +++ b/html/cgi-bin/ovpnmain.cgi > @@ -1564,7 +1564,7 @@ END > print "Content-Disposition: filename=3D$cahash{$cgiparams{'KEY'}}[0]cert.p= em\r\n\r\n"; >=20 > my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "$= {General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem"); > - print "@tmp"; > + print @tmp; >=20 > exit(0); > } else { > @@ -1679,7 +1679,7 @@ END > print "Content-Disposition: filename=3Dcacert.pem\r\n\r\n"; >=20 > my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "${= General::swroot}/ovpn/ca/cacert.pem"); > - print "@tmp"; > + print @tmp; >=20 > exit(0); > } > @@ -1693,7 +1693,7 @@ END > print "Content-Disposition: filename=3Dservercert.pem\r\n\r\n"; >=20 > my @tmp =3D &General::system_output("/usr/bin/openssl", "x509", "-in", "${= General::swroot}/ovpn/certs/servercert.pem"); > - print "@tmp"; > + print @tmp; >=20 > exit(0); > } > @@ -1710,7 +1710,7 @@ END > my @tmp =3D ; > close(FILE); >=20 > - print "@tmp"; > + print @tmp; >=20 > exit(0); > } > @@ -2615,7 +2615,7 @@ else > my @tmp =3D ; > close(FILE); >=20 > - print "@tmp"; > + print @tmp; > exit (0); >=20 > ### > @@ -3234,7 +3234,7 @@ END > my @tmp =3D ; > close(FILE); >=20 > - print "@tmp"; > + print @tmp; > exit (0); > } >=20 > --=20 > 2.36.1 >=20 --===============2637434313483498238==--