Merge branch 'TinCanTech-adjust-warnings'

Signed-off-by: Richard T Bonhomme <[email protected]>
OpenVPN · Oct 10, 2023 · d958f1b · d958f1b
2 parents 00efeb8 + febdc86
commit d958f1b
Showing 1 changed file with 8 additions and 43 deletions.
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
@@ -1302,6 +1302,12 @@ init_pki() {
 		shift
 	done
 
+	# EasyRSA will NOT do 'rm -rf /'
+	case "$EASYRSA_PKI" in
+		.|..|./|../|.//*|..//*|/|//*|\\|?:|'')
+			user_error "Invalid PKI: $EASYRSA_PKI"
+	esac
+
 	# If EASYRSA_PKI exists, confirm before deletion
 	if [ -e "$EASYRSA_PKI" ]; then
 		confirm "Confirm removal: " "yes" "
@@ -1372,7 +1378,7 @@ conflicting vars files have been found elsewhere."
 	else
 		information "
 Using Easy-RSA configuration:
-* ${vars:-undefined}"
+* ${EASYRSA_VARS_FILE:-undefined}"
 	fi
 
 	# For new PKIs , pki/vars was auto-created, show message
@@ -5584,7 +5590,7 @@ EasyRSA '$cmd' does not support --startdate or --enddate"
 	if [ "$easyrsa_host_os" = win ]; then
 		if echo "$PWD" | grep -q '/Prog.*/OpenVPN/easy-rsa'
 		then
-			warn "\
+			verbose "\
 Using Windows-System-Folders for your PKI is NOT SECURE!
 Your Easy-RSA PKI CA Private Key is WORLD readable.
 
@@ -5596,12 +5602,6 @@ To correct this problem, it is recommended that you either:
 		fi
 	fi
 
-	# Use of --silent and --verbose
-	if [ "$EASYRSA_SILENT" ] && [ "$EASYRSA_VERBOSE" ]; then
-		user_error "\
-Use of --silent and --verbose is unresolvable."
-	fi
-
 	verbose "mutual_exclusions: COMPLETED"
 } # => mutual_exclusions()
 
@@ -5869,9 +5869,6 @@ ${unexpected_error}"
 
 # Verify working environment
 verify_working_env() {
-	# Do not allow demented paths, eg: '/' or '\'
-	sanitize_path
-
 	# Verify SSL Lib - One time ONLY
 	verify_ssl_lib
 
@@ -5928,38 +5925,6 @@ Temporary directory does not exist:
 	verbose "verify_working_env: COMPLETED"
 } # => verify_working_env()
 
-# Sanitize demented directory names
-sanitize_path() {
-	# Sanitize PWD
-	verbose "Working dir: $PWD"
-	case "$PWD" in
-	*/|*\\|?:)
-		user_error "\
-EasyRSA cannot be run in the root directory: $PWD"
-	esac
-
-	# Sanitize EASYRSA
-	verbose "EASYRSA: $EASYRSA"
-	case "$EASYRSA" in
-	*/|*\\|?:)
-		user_error "Invalid EASYRSA: $EASYRSA"
-	esac
-
-	# Sanitize EASYRSA_PKI
-	verbose "EASYRSA_PKI: $EASYRSA_PKI"
-	case "$EASYRSA_PKI" in
-	*/|*\\|?:)
-		user_error "Invalid EASYRSA_PKI: $EASYRSA_PKI"
-	esac
-
-	# Sanitize EASYRSA_TEMP_DIR
-	verbose "EASYRSA_TEMP_DIR: $EASYRSA_TEMP_DIR"
-	case "$EASYRSA_TEMP_DIR" in
-	*/|*\\|?:)
-		user_error "Invalid EASYRSA_TEMP_DIR: $EASYRSA_TEMP_DIR"
-	esac
-} # => sanitize_path()
-
 # variable assignment by indirection.
 # Sets '$1' as the value contained in '$2'
 # and exports (may be blank)