From eff3ecdc9d266fbad6b4e9df1dfe30a841f016d9 Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Fri, 23 Aug 2024 22:00:57 +0100
Subject: [PATCH] easyrsa_openssl(): Use '-f' to verify SSL config file exists

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index cbf89515..41ee79d3 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -1163,11 +1163,11 @@ easyrsa_openssl() {
 		rand) die "easyrsa_openssl: Illegal SSL command: rand"
 	esac
 
-	# Use local SSL cnf
-	if [ "$EASYRSA_SSL_CONF" ]; then
+	# Use $EASYRSA_SSL_CONF or $global_safe_ssl_cnf_tmp
+	if [ -f "$EASYRSA_SSL_CONF" ]; then
 		export OPENSSL_CONF="$EASYRSA_SSL_CONF"
 	else
-		[ "$OPENSSL_CONF" ] || \
+		[ -f "$OPENSSL_CONF" ] || \
 			die "easyrsa_openssl - OPENSSL_CONF undefined"
 	fi
 	verbose "= easyrsa_openssl: OPENSSL_CONF = $OPENSSL_CONF"