Fix taint check in old password.

1ef13494 · Leigh B Stoller · f0870a32 · 1ef13494
Commit 1ef13494 authored 9 years ago by Leigh B Stoller
--- a/account/mkusercert.in
+++ b/account/mkusercert.in
@@ -207,7 +207,10 @@ if (defined($options{"c"}) || defined($options{"C"})) {
    if (defined($options{"c"})) {
 	$old_password = $options{"c"};
    }
-    elsif ($target_user->SSLPassPhrase(1, \$old_password) == 0) {
+    elsif ($target_user->SSLPassPhrase(1, \$old_password)) {
+	$old_password = undef;
+    }
+    if (defined($old_password)) {
 	#
 	# Make sure its all escaped since any printable char is allowed.
 	#