Fix invalid OpenSSL command syntax

pull/1/head
Timothy Pearson 6 years ago
parent 750af4c3f1
commit 84485fe607

@ -4444,7 +4444,7 @@ int LDAPManager::generatePublicKerberosCACertificate(LDAPCertConfig certinfo, LD
printf("ERROR: Unable to generate OpenSSL configuration file! Details: '%s'\n", errstr.ascii()); printf("ERROR: Unable to generate OpenSSL configuration file! Details: '%s'\n", errstr.ascii());
return -1; return -1;
} }
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5/CN=%6/emailAddress=%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress); subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5/CN=%6/emailAddress=%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress);
command = TQString("openssl req -days %1 -key \"%2\" -new -x509 -out \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.caExpiryDays).arg(KERBEROS_PKI_PEMKEY_FILE).arg(KERBEROS_PKI_PEM_FILE).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); command = TQString("openssl req -days %1 -key \"%2\" -new -x509 -out \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.caExpiryDays).arg(KERBEROS_PKI_PEMKEY_FILE).arg(KERBEROS_PKI_PEM_FILE).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
if (system(command) < 0) { if (system(command) < 0) {
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
@ -4484,7 +4484,7 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP
common_name = TQString("/CN=%1").arg(realmcfg.kdc); common_name = TQString("/CN=%1").arg(realmcfg.kdc);
} }
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
if (system(command) < 0) { if (system(command) < 0) {
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
@ -4535,7 +4535,7 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal
common_name = TQString("/CN=%1").arg(realmcfg.kdc); common_name = TQString("/CN=%1").arg(realmcfg.kdc);
} }
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
if (system(command) < 0) { if (system(command) < 0) {
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
@ -4638,7 +4638,7 @@ int LDAPManager::generateClientCertificatePublicCertificate(int expirydays, LDAP
common_name = TQString("/CN=%1").arg(user.name); common_name = TQString("/CN=%1").arg(user.name);
} }
subject = TQString("\"%1%2\"").arg(openssldcForRealm(realmcfg.name)).arg(common_name); subject = TQString("%1%2").arg(openssldcForRealm(realmcfg.name)).arg(common_name);
command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(client_cfgfile).arg(subject); command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(client_cfgfile).arg(subject);
if (system(command) < 0) { if (system(command) < 0) {
if (errstr) *errstr = TQString("Execution of \"%s\" failed").arg(command); if (errstr) *errstr = TQString("Execution of \"%s\" failed").arg(command);

Loading…
Cancel
Save