EASYRSA_KEY_SIZE must be set, regardless of algorithm used

[TinCanTech]

EASYRSA_KEY_SIZE (RSA default_bits; default 2048) must always be set because it is present in the SSL config file. If it is unset then this causes an error when OpenSSL expands the config file, due to missing value for default_bits.

The cause of the missing value is:

easy-rsa/easyrsa3/easyrsa

Lines 5197 to 5210 in 2141bfa

	set_var EASYRSA_ALGO rsa
	case "$EASYRSA_ALGO" in
	rsa)
	set_var EASYRSA_KEY_SIZE 2048
	;;
	ec)
	set_var EASYRSA_CURVE secp384r1
	;;
	ed)
	set_var EASYRSA_CURVE ed25519
	;;
	*) die "Unknown algorithm '$EASYRSA_ALGO'"
	esac

When EASYRSA_ALGO does not equal rsa then EASYRSA_KEY_SIZE remains unset.

The config section which this effects is:

easy-rsa/easyrsa3/openssl-easyrsa.cnf

Lines 55 to 63 in 2141bfa

	####################################################################
	# Easy-RSA request handling
	# We key off $DN_MODE to determine how to format the DN
	[ req ]
	default_bits = $ENV::EASYRSA_KEY_SIZE
	default_keyfile = privkey.pem
	default_md = $ENV::EASYRSA_DIGEST
	distinguished_name = $ENV::EASYRSA_DN
	x509_extensions = easyrsa_ca # The extensions to add to the self signed cert