From 84485fe60794570045619ab05f1304dd67ee8f9c Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Tue, 17 Jul 2018 02:00:00 -0500 Subject: Fix invalid OpenSSL command syntax --- src/libtdeldap.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index c8957cd..e3e7fe6 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -4444,7 +4444,7 @@ int LDAPManager::generatePublicKerberosCACertificate(LDAPCertConfig certinfo, LD printf("ERROR: Unable to generate OpenSSL configuration file! Details: '%s'\n", errstr.ascii()); return -1; } - subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5/CN=%6/emailAddress=%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress); + subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5/CN=%6/emailAddress=%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress); command = TQString("openssl req -days %1 -key \"%2\" -new -x509 -out \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.caExpiryDays).arg(KERBEROS_PKI_PEMKEY_FILE).arg(KERBEROS_PKI_PEM_FILE).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); if (system(command) < 0) { printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); @@ -4484,7 +4484,7 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP common_name = TQString("/CN=%1").arg(realmcfg.kdc); } - subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); + subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); if (system(command) < 0) { printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); @@ -4535,7 +4535,7 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal common_name = TQString("/CN=%1").arg(realmcfg.kdc); } - subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); + subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); if (system(command) < 0) { printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); @@ -4638,7 +4638,7 @@ int LDAPManager::generateClientCertificatePublicCertificate(int expirydays, LDAP common_name = TQString("/CN=%1").arg(user.name); } - subject = TQString("\"%1%2\"").arg(openssldcForRealm(realmcfg.name)).arg(common_name); + subject = TQString("%1%2").arg(openssldcForRealm(realmcfg.name)).arg(common_name); command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(client_cfgfile).arg(subject); if (system(command) < 0) { if (errstr) *errstr = TQString("Execution of \"%s\" failed").arg(command); -- cgit v1.2.3