From fd982ebd4de3e10dc83fbb713ef1c6d7e2a23c82 Mon Sep 17 00:00:00 2001 From: jim-p Date: Mon, 14 Mar 2011 16:47:46 -0400 Subject: Escape values so special characters don't fail (and also helps prevent shell command injection) --- .../openvpn-client-export.inc | 14 +++++++++----- .../openvpn-client-export/vpn_openvpn_export.php | 22 +++++++++++----------- 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 49ed4ca6..c58a6c53 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -79,11 +79,15 @@ function openvpn_client_export_prefix($srvid) { } function openvpn_client_pem_to_pk12($outpath, $outpass, $crtpath, $keypath, $capath = false) { - - if ($capath) - exec("/usr/bin/openssl pkcs12 -export -in {$crtpath} -inkey {$keypath} -certfile {$capath} -out {$outpath} -passout pass:{$outpass}"); - else - exec("/usr/bin/openssl pkcs12 -export -in {$crtpath} -inkey {$keypath} -out {$outpath} -passout pass:{$outpass}"); + $eoutpath = escapeshellarg($outpath); + $eoutpass = escapeshellarg($outpass); + $ecrtpath = escapeshellarg($crtpath); + $ekeypath = escapeshellarg($keypath); + if ($capath) { + $ecapath = escapeshellarg($capath); + exec("/usr/bin/openssl pkcs12 -export -in {$ecrtpath} -inkey {$ekeypath} -certfile {$ecapath} -out {$eoutpath} -passout pass:{$eoutpass}"); + } else + exec("/usr/bin/openssl pkcs12 -export -in {$ecrtpath} -inkey {$ekeypath} -out {$eoutpath} -passout pass:{$eoutpass}"); unlink($crtpath); unlink($keypath); diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index 01a0507a..5c84ac80 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -425,22 +425,22 @@ function download_begin(act, i) { var dlurl; dlurl = "/vpn_openvpn_export.php?act=" + act; - dlurl += "&srvid=" + servers[index][0]; + dlurl += "&srvid=" + escape(servers[index][0]); if (users[i]) { - dlurl += "&usrid=" + users[i][0]; - dlurl += "&crtid=" + users[i][1]; + dlurl += "&usrid=" + escape(users[i][0]); + dlurl += "&crtid=" + escape(users[i][1]); } - dlurl += "&useaddr=" + useaddr; - dlurl += "&usetoken=" + usetoken; + dlurl += "&useaddr=" + escape(useaddr); + dlurl += "&usetoken=" + escape(usetoken); if (usepass) - dlurl += "&password=" + pass; + dlurl += "&password=" + escape(pass); if (useproxy) { - dlurl += "&proxy_addr=" + proxyaddr; - dlurl += "&proxy_port=" + proxyport; - dlurl += "&proxy_authtype=" + proxyauth; + dlurl += "&proxy_addr=" + escape(proxyaddr); + dlurl += "&proxy_port=" + escape(proxyport); + dlurl += "&proxy_authtype=" + escape(proxyauth); if (useproxypass) { - dlurl += "&proxy_user=" + proxyuser; - dlurl += "&proxy_password=" + proxypass; + dlurl += "&proxy_user=" + escape(proxyuser); + dlurl += "&proxy_password=" + escape(proxypass); } } -- cgit v1.2.3