easy-rsa/easy-rsa.spec

#
# spec file for package easy-rsa
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2015 Stefan Jakobs.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%define pname   EasyRSA
Name:           easy-rsa
Version:        3.1.2
Release:        0
Summary:        CLI utility to build and manage a PKI CA
License:        GPL-2.0-or-later
Group:          Productivity/Networking/Security
URL:            https://github.com/OpenVPN/easy-rsa
Source:         https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz
Source1:        https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig
# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
Source2:        %{name}.keyring
Patch100:       suse-packaging.patch
BuildArch:      noarch

%description
easy-rsa is a CLI utility to build and manage a Public Key Infrastructure
(PKI). Once the Certificate Authority (CA) is created, you can request and sign
certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).

%prep
%setup -q -n %{pname}-%{version}
%patch100

%build

%install
install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/
install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types
install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/
install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/
install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/
install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa

%files
%doc ChangeLog README.md README.quickstart.md
%doc doc/*
%license COPYING.md gpl-2.0.txt
%{_bindir}/easyrsa
%config(noreplace) %{_sysconfdir}/%{name}

%changelog
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`#`
			`# spec file for package easy-rsa`
			`#`
Accepting request 1058877 from home:polslinux:branches:network:vpn - Update to 3.1.2: * Command 'renew': Remove option 'nopass' * find_x509_types_dir(): Remove excess checks * Remove function find_x509_types_dir() * For 'init-pki hard' only, always try to create a new pki/vars file * Introduce global option '--notext\|--no-text' * Minor style change * Introduce command 'set-pass' * Fix shellcheck warning for command set-pass case statement * cleanup(): Exit correctly for SIGINT * Update help: Standardise output; Improve code; Reprioritise options * vars.example: Add EASYRSA_NO_PASS and wrap long lines * Use 'unset -v', consistently * build-ca: Improve passphrase input mechanism * Remove global options '--verbose' and '--quiet' as not required * Remove all prerequisite code to build a safe SSL config file * Rename temp files to reflect the purpose * easyrsa_openssl(): Always set OPENSSL_CONF to EasyRSA safe SSL config * Replace SSL calls for serial number with function ssl_cert_serial() * Introduce OpenSSL only mode: No Safe SSL Config File * ff_date_to_cert_date(): Correct the input format for busybox date * Re-order easyrsa_openssl() temp-file assignment * Stop EASYRSA_DEBUG interfering with SSL output from subshells * Status reports: Recognise Expired certificates * New function safe_set_var(): Safe wrapper for set_var() * Windows, build-ca: Add input password to re-open private key * Renewal: General code improvements * cleanup(): General improvements - Create KNOWN error exit * build-ca: Change FATAL error to warning for old openssl-easyrsa.cnf * Allow --fix-offset to create post-dated certificates OBS-URL: https://build.opensuse.org/request/show/1058877 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=40 2023-01-21 20:23:18 +01:00			`# Copyright (c) 2023 SUSE LLC`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`# Copyright (c) 2015 Stefan Jakobs.`
			`#`
			`# All modifications and additions to the file contributed by third parties`
			`# remain the property of their copyright owners, unless otherwise agreed`
			`# upon. The license for this file, and modifications and additions to the`
			`# file, is the same license as for the pristine package itself (unless the`
			`# license for the pristine package is not an Open Source License, in which`
			`# case the license is the MIT License). An "Open Source License" is a`
			`# license that conforms to the Open Source Definition (Version 1.9)`
			`# published by the Open Source Initiative.`

Accepting request 673666 from home:illuusio - update to 3.0.6 (2019-02-01) * Certifcates that are revoked now move to a revoked subdirectory (#63) * EasyRSA no longer clobbers non-EASYRSA environment variables (#277) * More sane string checking, allowingn for commas in CN (#267) * Support for reasonCode in CRL (#280) * Better handling for capturing passphrases (#230, others) * Improved LibreSSL/MacOS support * Adds support to renew certificates up to 30 days before expiration (#286) - This changes previous behavior allowing for certificate creation using duplicate CNs. - update and rebase suse-packaging.patch OBS-URL: https://build.opensuse.org/request/show/673666 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=27 2019-02-12 20:55:41 +01:00			`# Please submit bugfixes or comments via https://bugs.opensuse.org/`
Accepting request 497926 from home:bruno_friedmann:branches:network:vpn - Include upstream patches + f174800.patch Generate random serial number for all certificates + 29d4dee.patch Fixes #91 basename: invalid option -- 's' + b93d0a1.patch Spelling fixes and sentence structure improvements + fb4d8d8.patch Fix comment indicating the end of the function verify_file() + b75faa4.patch Convert README and COPYING into markdown files - Rename openSUSE specific patch easyrsa.packaging.patch to easy-rsa-packaging.patch - spec-cleaner -m (Add also SUSE copyrights) OBS-URL: https://build.opensuse.org/request/show/497926 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=3 2017-05-26 19:07:13 +02:00			`#`


Accepting request 850786 from home:oreinert:branches:network:vpn - update to 3.0.8 (2020-09-09) * Provide --version option (#372) * Version information now within generated certificates like on nix Fixed issue where gen-dh overwrote existing files without warning (#373) * Fixed issue with ED/EC certificates were still signed by RSA (#374) * Added support for export-p8 (#339) * Clarified error message (#384) * 2->3 upgrade now errors and prints message when vars isn't found (#377) * Update OpenSSL Windows binaries to 1.1.1g * Reverted OpenSSL back to 1.1.0j OBS-URL: https://build.opensuse.org/request/show/850786 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=29 2020-11-26 08:01:50 +01:00			`%define pname EasyRSA`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`Name: easy-rsa`
Accepting request 1058877 from home:polslinux:branches:network:vpn - Update to 3.1.2: * Command 'renew': Remove option 'nopass' * find_x509_types_dir(): Remove excess checks * Remove function find_x509_types_dir() * For 'init-pki hard' only, always try to create a new pki/vars file * Introduce global option '--notext\|--no-text' * Minor style change * Introduce command 'set-pass' * Fix shellcheck warning for command set-pass case statement * cleanup(): Exit correctly for SIGINT * Update help: Standardise output; Improve code; Reprioritise options * vars.example: Add EASYRSA_NO_PASS and wrap long lines * Use 'unset -v', consistently * build-ca: Improve passphrase input mechanism * Remove global options '--verbose' and '--quiet' as not required * Remove all prerequisite code to build a safe SSL config file * Rename temp files to reflect the purpose * easyrsa_openssl(): Always set OPENSSL_CONF to EasyRSA safe SSL config * Replace SSL calls for serial number with function ssl_cert_serial() * Introduce OpenSSL only mode: No Safe SSL Config File * ff_date_to_cert_date(): Correct the input format for busybox date * Re-order easyrsa_openssl() temp-file assignment * Stop EASYRSA_DEBUG interfering with SSL output from subshells * Status reports: Recognise Expired certificates * New function safe_set_var(): Safe wrapper for set_var() * Windows, build-ca: Add input password to re-open private key * Renewal: General code improvements * cleanup(): General improvements - Create KNOWN error exit * build-ca: Change FATAL error to warning for old openssl-easyrsa.cnf * Allow --fix-offset to create post-dated certificates OBS-URL: https://build.opensuse.org/request/show/1058877 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=40 2023-01-21 20:23:18 +01:00			`Version: 3.1.2`
Accepting request 497926 from home:bruno_friedmann:branches:network:vpn - Include upstream patches + f174800.patch Generate random serial number for all certificates + 29d4dee.patch Fixes #91 basename: invalid option -- 's' + b93d0a1.patch Spelling fixes and sentence structure improvements + fb4d8d8.patch Fix comment indicating the end of the function verify_file() + b75faa4.patch Convert README and COPYING into markdown files - Rename openSUSE specific patch easyrsa.packaging.patch to easy-rsa-packaging.patch - spec-cleaner -m (Add also SUSE copyrights) OBS-URL: https://build.opensuse.org/request/show/497926 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=3 2017-05-26 19:07:13 +02:00			`Release: 0`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`Summary: CLI utility to build and manage a PKI CA`
Accepting request 652846 from home:computersalat:devel:vpn update to 3.0.5, fix License OBS-URL: https://build.opensuse.org/request/show/652846 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=24 2018-12-01 18:26:16 +01:00			`License: GPL-2.0-or-later`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`Group: Productivity/Networking/Security`
Accepting request 850786 from home:oreinert:branches:network:vpn - update to 3.0.8 (2020-09-09) * Provide --version option (#372) * Version information now within generated certificates like on nix Fixed issue where gen-dh overwrote existing files without warning (#373) * Fixed issue with ED/EC certificates were still signed by RSA (#374) * Added support for export-p8 (#339) * Clarified error message (#384) * 2->3 upgrade now errors and prints message when vars isn't found (#377) * Update OpenSSL Windows binaries to 1.1.1g * Reverted OpenSSL back to 1.1.0j OBS-URL: https://build.opensuse.org/request/show/850786 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=29 2020-11-26 08:01:50 +01:00			`URL: https://github.com/OpenVPN/easy-rsa`
Accepting request 1001320 from home:sp1rit:testing Update to 3.1.0 OBS-URL: https://build.opensuse.org/request/show/1001320 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=33 2022-09-18 10:44:22 +02:00			`Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz`
			`Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig`
Accepting request 534897 from home:AndreasStieger:branches:network:vpn - update release tarball instead of git snapshot - add upstream signing keyring and verify source signature OBS-URL: https://build.opensuse.org/request/show/534897 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=17 2017-10-18 19:20:23 +02:00			`# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys`
			`Source2: %{name}.keyring`
Update to version 3.0.3 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=14 2017-10-16 08:44:30 +02:00			`Patch100: suse-packaging.patch`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`BuildArch: noarch`

			`%description`
Improve RPM description OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=20 2018-01-28 20:06:35 +01:00			`easy-rsa is a CLI utility to build and manage a Public Key Infrastructure`
			`(PKI). Once the Certificate Authority (CA) is created, you can request and sign`
			`certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00
			`%prep`
Accepting request 1001320 from home:sp1rit:testing Update to 3.1.0 OBS-URL: https://build.opensuse.org/request/show/1001320 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=33 2022-09-18 10:44:22 +02:00			`%setup -q -n %{pname}-%{version}`
Accepting request 652846 from home:computersalat:devel:vpn update to 3.0.5, fix License OBS-URL: https://build.opensuse.org/request/show/652846 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=24 2018-12-01 18:26:16 +01:00			`%patch100`
Accepting request 497926 from home:bruno_friedmann:branches:network:vpn - Include upstream patches + f174800.patch Generate random serial number for all certificates + 29d4dee.patch Fixes #91 basename: invalid option -- 's' + b93d0a1.patch Spelling fixes and sentence structure improvements + fb4d8d8.patch Fix comment indicating the end of the function verify_file() + b75faa4.patch Convert README and COPYING into markdown files - Rename openSUSE specific patch easyrsa.packaging.patch to easy-rsa-packaging.patch - spec-cleaner -m (Add also SUSE copyrights) OBS-URL: https://build.opensuse.org/request/show/497926 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=3 2017-05-26 19:07:13 +02:00
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`%build`

			`%install`
Accepting request 652846 from home:computersalat:devel:vpn update to 3.0.5, fix License OBS-URL: https://build.opensuse.org/request/show/652846 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=24 2018-12-01 18:26:16 +01:00			`install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/`
			`install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types`
			`install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/`
			`install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/`
			`install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/`
Accepting request 534897 from home:AndreasStieger:branches:network:vpn - update release tarball instead of git snapshot - add upstream signing keyring and verify source signature OBS-URL: https://build.opensuse.org/request/show/534897 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=17 2017-10-18 19:20:23 +02:00			`install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00
			`%files`
Accepting request 652846 from home:computersalat:devel:vpn update to 3.0.5, fix License OBS-URL: https://build.opensuse.org/request/show/652846 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=24 2018-12-01 18:26:16 +01:00			`%doc ChangeLog README.md README.quickstart.md`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`%doc doc/*`
Accepting request 652846 from home:computersalat:devel:vpn update to 3.0.5, fix License OBS-URL: https://build.opensuse.org/request/show/652846 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=24 2018-12-01 18:26:16 +01:00			`%license COPYING.md gpl-2.0.txt`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00			`%{_bindir}/easyrsa`
Accepting request 652846 from home:computersalat:devel:vpn update to 3.0.5, fix License OBS-URL: https://build.opensuse.org/request/show/652846 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=24 2018-12-01 18:26:16 +01:00			`%config(noreplace) %{_sysconfdir}/%{name}`
Accepting request 411583 from home:stefjakobs Hi, I'm not sure if this is the right location for this package, but as easy-rsa is a sub project of openvpn it might fit in the vpn project. Thanks for considering to accept this package. Stefan OBS-URL: https://build.opensuse.org/request/show/411583 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=1 2016-11-29 09:34:59 +01:00
Accepting request 497926 from home:bruno_friedmann:branches:network:vpn - Include upstream patches + f174800.patch Generate random serial number for all certificates + 29d4dee.patch Fixes #91 basename: invalid option -- 's' + b93d0a1.patch Spelling fixes and sentence structure improvements + fb4d8d8.patch Fix comment indicating the end of the function verify_file() + b75faa4.patch Convert README and COPYING into markdown files - Rename openSUSE specific patch easyrsa.packaging.patch to easy-rsa-packaging.patch - spec-cleaner -m (Add also SUSE copyrights) OBS-URL: https://build.opensuse.org/request/show/497926 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=3 2017-05-26 19:07:13 +02:00			`%changelog`