From patchwork Tue Jan 30 17:45:43 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Tremer <michael.tremer@ipfire.org>
X-Patchwork-Id: 7513
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4TPXdd2CJcz3xN2
	for <patchwork@web04.haj.ipfire.org>; Tue, 30 Jan 2024 17:45:57 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4TPXdY5NLwzlg;
	Tue, 30 Jan 2024 17:45:53 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4TPXdY3mTLz32j1;
	Tue, 30 Jan 2024 17:45:53 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4TPXdW2dcCz2xcF
	for <development@lists.ipfire.org>; Tue, 30 Jan 2024 17:45:51 +0000 (UTC)
Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "michael.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4TPXdV5b02zLW;
	Tue, 30 Jan 2024 17:45:50 +0000 (UTC)
Received: by michael.haj.ipfire.org (Postfix, from userid 0)
	id 4TPXdV35v1zThPd; Tue, 30 Jan 2024 17:45:47 +0000 (UTC)
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 2/3] vpnmain.cgi: Return the entire error message if OpenSSL
 fails
Date: Tue, 30 Jan 2024 17:45:43 +0000
Message-Id: <20240130174544.3986725-2-michael.tremer@ipfire.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240130174544.3986725-1-michael.tremer@ipfire.org>
References: <20240130174544.3986725-1-michael.tremer@ipfire.org>
MIME-Version: 1.0
Message-ID-Hash: DJPB6VK6UPL2A3ZYKGZRHWFNB4P2NPTI
X-Message-ID-Hash: DJPB6VK6UPL2A3ZYKGZRHWFNB4P2NPTI
X-MailFrom: root@michael.haj.ipfire.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
CC: Michael Tremer <michael.tremer@ipfire.org>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
Archived-At: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/DJPB6VK6UPL2A3ZYKGZRHWFNB4P2NPTI/>
List-Archive: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Owner: <mailto:development-owner@lists.ipfire.org>
List-Post: <mailto:development@lists.ipfire.org>
List-Subscribe: <mailto:development-join@lists.ipfire.org>
List-Unsubscribe: <mailto:development-leave@lists.ipfire.org>

The function did not evaluate the return code which is why it used a
hack to figure out if some output is an error or not.

This is being fixed in this commit and the entire output is being
returned if the return code is non-zero.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 html/cgi-bin/vpnmain.cgi | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 8b05a0de7..d82e6b5c9 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -229,13 +229,14 @@ sub callssl ($) {
 	my $opt = shift;
 	my $retssl = `/usr/bin/openssl $opt 2>&1`; #redirect stderr
 	my $ret = '';
-	foreach my $line (split (/\n/, $retssl)) {
-		&General::log("ipsec", "$line") if (0); # 1 for verbose logging
-		$ret .= '<br>'.$line if ( $line =~ /error|unknown/ );
-	}
-	if ($ret) {
-		$ret= &Header::cleanhtml($ret);
+
+	if ($?) {
+		foreach my $line (split (/\n/, $retssl)) {
+			&General::log("ipsec", "$line") if (0); # 1 for verbose logging
+			$ret .= '<br>' . &Header::escape($line);
+		}
 	}
+
 	return $ret ? "$Lang::tr{'openssl produced an error'}: $ret" : '' ;
 }
 ###