The CA.pl script used to build single-string string commandlines to pass
to a shell via `system(command_string)`. That was fragile and not a best
practice.
This PR replaces `system(command_string)` with `system { executable } @argv`,
which avoids the shell whenever possible (at least Unix-like systems and
Windows). The only question mark is whether some sort of quoting is
needed for VMS to preserve the case of commandline arguments even when
processes are spawned directly, rather than via the shell.
Unfortunately, given the way that some environment variables and
command-line options are used to construct the commands to run,
the result is still brittle. The CA.pl utility really should
be replaced with something better.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27432)
projects / thirdparty / openssl.git / commit
