Accepting request 850786 from home:oreinert:branches:network:vpn

- update to 3.0.8 (2020-09-09) * Provide --version option (#372) * Version information now within generated certificates like on *nix * Fixed issue where gen-dh overwrote existing files without warning (#373) * Fixed issue with ED/EC certificates were still signed by RSA (#374) * Added support for export-p8 (#339) * Clarified error message (#384) * 2->3 upgrade now errors and prints message when vars isn't found (#377) * Update OpenSSL Windows binaries to 1.1.1g * Reverted OpenSSL back to 1.1.0j OBS-URL: https://build.opensuse.org/request/show/850786 OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=29
2020-11-26 07:01:50 +00:00 · 2020-11-26 07:01:50 +00:00 · 512e30e743
commit 512e30e743
parent fef3269612
7 changed files with 33 additions and 72 deletions
--- a/EasyRSA-3.0.8.tgz
+++ b/EasyRSA-3.0.8.tgz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cae114c212a5be4d89f2253d36c70ab94f68d295f24e8b6711c2cab0fabf7e18
+size 48907
--- a/EasyRSA-3.0.8.tgz.sig
+++ b/EasyRSA-3.0.8.tgz.sig
--- a/EasyRSA-unix-v3.0.6.tgz
+++ b/EasyRSA-unix-v3.0.6.tgz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cb29aed2d27824e59dbaad547f11dcab380a53c9fe05681249e804af436f1396
-size 40840
--- a/EasyRSA-unix-v3.0.6.tgz.sig
+++ b/EasyRSA-unix-v3.0.6.tgz.sig
--- a/easy-rsa.changes
+++ b/easy-rsa.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Wed Nov 25 16:48:19 UTC 2020 - Olav Reinert <seroton10@gmail.com>
+
+- update to 3.0.8 (2020-09-09)
+  * Provide --version option (#372)
+  * Version information now within generated certificates like on *nix
+  * Fixed issue where gen-dh overwrote existing files without warning (#373)
+  * Fixed issue with ED/EC certificates were still signed by RSA (#374)
+  * Added support for export-p8 (#339)
+  * Clarified error message (#384)
+  * 2->3 upgrade now errors and prints message when vars isn't found (#377)
+  * Update OpenSSL Windows binaries to 1.1.1g
+  * Reverted OpenSSL back to 1.1.0j
+
 -------------------------------------------------------------------
 Tue Feb 12 12:26:17 UTC 2019 - Tuukka Pasanen <tuukka.pasanen@ilmi.fi>

--- a/easy-rsa.spec
+++ b/easy-rsa.spec
@ -1,7 +1,7 @@
 #
 # spec file for package easy-rsa
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 # Copyright (c) 2015 Stefan Jakobs.
 #
 # All modifications and additions to the file contributed by third parties
@ -17,17 +17,17 @@
 #


-%define pname   EasyRSA-unix
+%define pname   EasyRSA

 Name:           easy-rsa
-Version:        3.0.6
+Version:        3.0.8
 Release:        0
 Summary:        CLI utility to build and manage a PKI CA
 License:        GPL-2.0-or-later
 Group:          Productivity/Networking/Security
-Url:            https://github.com/OpenVPN/easy-rsa
-Source:         https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz
-Source1:        https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz.sig
+URL:            https://github.com/OpenVPN/easy-rsa
+Source:         https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz
+Source1:        https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig
 # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
 Source2:        %{name}.keyring
 Patch100:       suse-packaging.patch
@ -40,8 +40,7 @@ easy-rsa is a CLI utility to build and manage a Public Key Infrastructure
 certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).

 %prep
-#setup -q -n %{pname}-%{version}
-%setup -q -n EasyRSA-v%{version}
+%setup -q -n %{pname}-%{version}
 %patch100

 %build
--- a/suse-packaging.patch
+++ b/suse-packaging.patch
@ -1,66 +1,14 @@
-diff --git a/easyrsa b/easyrsa
-index e019982..635a2b9 100755
--- easyrsa
-+++ easyrsa
-@@ -376,7 +376,7 @@ $out"
- 
- verify_ssl_lib () {
- 	# make safessl-easyrsa.cnf
-	make_ssl_config
-+	[ "$1" == "no_safe_ssl_config" ] || make_ssl_config
- 
- 	# Verify EASYRSA_OPENSSL command gives expected output
- 	if [ -z "$EASYRSA_SSL_OK" ]; then
-@@ -403,7 +403,7 @@ verify_pki_init() {
- 	help_note="Run easyrsa without commands for usage and command help."
- 
- 	# check that the pki dir exists
-	vars_source_check
-+	vars_source_check no_safe_ssl_config
- 	[ -d "$EASYRSA_PKI" ] || die "\
- EASYRSA_PKI does not exist (perhaps you need to run init-pki)?
- Expected to find the EASYRSA_PKI at: $EASYRSA_PKI
-@@ -1452,7 +1452,7 @@ vars_setup() {
+--- easyrsa.orig	2020-11-20 15:05:31.051230522 +0100
+++ easyrsa	2020-11-20 15:08:45.769207521 +0100
+@@ -1664,10 +1664,7 @@
 	vars=
 
 	# set up program path
-	prog_vars="${0%/*}/vars"
-+	prog_vars="/etc/easy-rsa/vars"
+-	prog_file="$0"
+-	prog_file2="$(which -- "$prog_file" 2>/dev/null)" && prog_file="$prog_file2"
+-	prog_file2="$(readlink -f "$prog_file" 2>/dev/null)" && prog_file="$prog_file2"
+-	prog_dir="${prog_file%/*}"
+	prog_dir="/etc/easy-rsa"
+ 	prog_vars="${prog_dir}/vars"
 	# set up PKI path
 	pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
- 
-@@ -1482,7 +1482,7 @@ Note: using Easy-RSA configuration from: $vars"
- 	fi
- 	
- 	# Set defaults, preferring existing env-vars if present
-	set_var EASYRSA		"${0%/*}"
-+	set_var EASYRSA		"/etc/easy-rsa"
- 	set_var EASYRSA_OPENSSL	openssl
- 	set_var EASYRSA_PKI	"$PWD/pki"
- 	set_var EASYRSA_DN	cn_only
-@@ -1510,7 +1510,11 @@ Note: using Easy-RSA configuration from: $vars"
- 	set_var EASYRSA_DIGEST		sha256
- 
- 	set_var EASYRSA_SSL_CONF	"$EASYRSA_PKI/openssl-easyrsa.cnf"
-	set_var EASYRSA_SAFE_CONF	"$EASYRSA_PKI/safessl-easyrsa.cnf"
-+        if touch "$EASYRSA/safessl-easyrsa.cnf" &>/dev/null; then
-+                set_var EASYRSA_SAFE_CONF       "$EASYRSA/safessl-easyrsa.cnf"
-+        else
-+                set_var EASYRSA_SAFE_CONF       "$EASYRSA_PKI/safessl-easyrsa.cnf"
-+        fi
- 
- 	# Same as above for the x509-types extensions dir
- 	if [ -d "$EASYRSA_PKI/x509-types" ]; then
-diff --git a/vars.example b/vars.example
-index f03ea6e..2e1d781 100644
--- vars.example
-+++ vars.example
-@@ -47,7 +47,7 @@ fi
- # itself, which is also where the configuration files are located in the
- # easy-rsa tree.
- 
-#set_var EASYRSA	"${0%/*}"
-+#set_var EASYRSA	"/etc/easy-rsa"
- 
- # If your OpenSSL command is not in the system PATH, you will need to define the
- # path to it here. Normally this means a full path to the executable, otherwise