Overhaul vars detection

[TinCanTech]

Processing vars at init-pki was intentionally kept to minimum, due to
complications with user expectations verses Easy-RSA preferences.

This overhaul aims to finalise Easy-RSA interference with vars.

1. Prefer that vars is in the PKI but only force that at init-pki,
   when no other vars files can be found. Otherwise, do not create a
   template vars and leave it to the user, with appropriate messages.

2. Fail all commands, except init-pki, if more than one vars exists.

3. Take special care of 'init-pki soft'.

4. For existing PKIs, be aware that vars may NOT exist.

This patch is less complicated than it appears to be.
Most of the changes are either comments or user messages.
There are some new state flags to manage the location of vars,
which are used to decide when a new vars is created and control
user messages.

Closes: #651

New message for "Using x509-types directory: $EASYRSA_EXT_DIR"
Closes: #654

Signed-off-by: Richard T Bonhomme tincantech@protonmail.com

[TinCanTech]

Scenarios (init-pki+buildca nopass twice, followed by init-pki soft+build-ca) tested:

• No vars file: init-pki+build-ca
  PKI with vars template & CA - Success.

  • Second run: init-pki+build-ca
vars in PKI: PKI with vars template & CA - Success.
  • Third run: init-pki soft+build-ca
vars in PKI: PKI with vars template & CA - Success.

• vars file in working dir:
  PKI without vars template & CA - Success.
  Message to prefer pki/vars printed, as expected - Success.

  • Second run: init-pki+build-ca
vars file in working dir: PKI without vars template & CA - Success.
    Message to prefer pki/vars printed, as expected - Success.
  • Third run: init-pki soft+build-ca
vars file in working dir: PKI without vars template & CA - Success.
    Message to prefer pki/vars printed, as expected - Success.

• vars file in program dir: /usr/local/sbin/vars
  PKI without vars template & CA - Success.
  Message to prefer pki/vars printed, as expected - Success.

  • Second run: init-pki+build-ca
vars file in program dir: PKI without vars template & CA - Success.
    Message to prefer pki/vars printed, as expected - Success.
  • Third run: init-pki soft+build-ca
vars file in program dir: PKI without vars template & CA - Success.
    Message to prefer pki/vars printed, as expected - Success.

• vars file in working dir AND program dir: init-pki
Conflicting 'vars' files found. - No PKI - Success.

• Pre-existing PKI: Add additional vars file.
  pki-init succeeds but build-ca fails, due to conflicting vars
  This is considered to be the best approach at this time.

Other strange scenarios tried by creating extra vars at inappropriate times:

• All error out with conflicting vars, except init-pki, which is consistent.

All messages are printed in logical order with suitable spacing.