2018-12-03 23:44:23 +01:00
|
|
|
--- easyrsa.orig 2018-09-15 06:21:19.000000000 +0200
|
|
|
|
+++ easyrsa 2018-12-03 23:38:04.420888219 +0100
|
|
|
|
@@ -315,7 +315,7 @@
|
|
|
|
EASYRSA_PKI env-var undefined"
|
|
|
|
|
|
|
|
# make safessl-easyrsa.cnf
|
|
|
|
- make_ssl_config
|
|
|
|
+ [ "$1" == "no_safe_ssl_config" ] || make_ssl_config
|
|
|
|
|
|
|
|
# Verify EASYRSA_OPENSSL command gives expected output
|
|
|
|
if [ -z "$EASYRSA_SSL_OK" ]; then
|
|
|
|
@@ -415,7 +415,7 @@
|
|
|
|
|
|
|
|
# init-pki backend:
|
|
|
|
init_pki() {
|
|
|
|
- vars_source_check
|
|
|
|
+ vars_source_check no_safe_ssl_config
|
|
|
|
|
|
|
|
# If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH)
|
|
|
|
if [ -e "$EASYRSA_PKI" ]; then
|
|
|
|
@@ -1124,7 +1124,7 @@
|
2018-12-01 18:26:16 +01:00
|
|
|
vars=
|
|
|
|
|
|
|
|
# set up program path
|
|
|
|
- prog_vars="${0%/*}/vars"
|
|
|
|
+ prog_vars="/etc/easy-rsa/vars"
|
|
|
|
# set up PKI path
|
|
|
|
pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
|
|
|
|
|
2018-12-03 23:44:23 +01:00
|
|
|
@@ -1154,7 +1154,7 @@
|
2018-12-01 18:26:16 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Set defaults, preferring existing env-vars if present
|
|
|
|
- set_var EASYRSA "${0%/*}"
|
|
|
|
+ set_var EASYRSA "/etc/easy-rsa"
|
|
|
|
set_var EASYRSA_OPENSSL openssl
|
|
|
|
set_var EASYRSA_PKI "$PWD/pki"
|
|
|
|
set_var EASYRSA_DN cn_only
|
2018-12-03 23:44:23 +01:00
|
|
|
@@ -1185,7 +1185,11 @@
|
|
|
|
set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf"
|
|
|
|
set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
|
|
|
|
else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf"
|
|
|
|
- set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf"
|
|
|
|
+ if touch "$EASYRSA/safessl-easyrsa.cnf" &>/dev/null; then
|
|
|
|
+ set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf"
|
|
|
|
+ else
|
|
|
|
+ set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
|
|
|
|
+ fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Same as above for the x509-types extensions dir
|
|
|
|
--- vars.example.orig 2018-12-03 23:06:35.863084842 +0100
|
|
|
|
+++ vars.example 2018-12-03 23:07:12.538808022 +0100
|
|
|
|
@@ -47,7 +47,7 @@
|
2018-12-01 18:26:16 +01:00
|
|
|
# itself, which is also where the configuration files are located in the
|
|
|
|
# easy-rsa tree.
|
|
|
|
|
|
|
|
-#set_var EASYRSA "${0%/*}"
|
|
|
|
+#set_var EASYRSA "/etc/easy-rsa"
|
|
|
|
|
|
|
|
# If your OpenSSL command is not in the system PATH, you will need to define the
|
|
|
|
# path to it here. Normally this means a full path to the executable, otherwise
|