diff --git a/EasyRSA-3.0.8.tgz b/EasyRSA-3.0.8.tgz new file mode 100644 index 0000000..1f7b2b0 --- /dev/null +++ b/EasyRSA-3.0.8.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cae114c212a5be4d89f2253d36c70ab94f68d295f24e8b6711c2cab0fabf7e18 +size 48907 diff --git a/EasyRSA-3.0.8.tgz.sig b/EasyRSA-3.0.8.tgz.sig new file mode 100644 index 0000000..4d67491 Binary files /dev/null and b/EasyRSA-3.0.8.tgz.sig differ diff --git a/EasyRSA-unix-v3.0.6.tgz b/EasyRSA-unix-v3.0.6.tgz deleted file mode 100644 index 9f1d1f0..0000000 --- a/EasyRSA-unix-v3.0.6.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cb29aed2d27824e59dbaad547f11dcab380a53c9fe05681249e804af436f1396 -size 40840 diff --git a/EasyRSA-unix-v3.0.6.tgz.sig b/EasyRSA-unix-v3.0.6.tgz.sig deleted file mode 100644 index 9c9eee0..0000000 Binary files a/EasyRSA-unix-v3.0.6.tgz.sig and /dev/null differ diff --git a/easy-rsa.changes b/easy-rsa.changes index eea678f..f49384f 100644 --- a/easy-rsa.changes +++ b/easy-rsa.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Wed Nov 25 16:48:19 UTC 2020 - Olav Reinert + +- update to 3.0.8 (2020-09-09) + * Provide --version option (#372) + * Version information now within generated certificates like on *nix + * Fixed issue where gen-dh overwrote existing files without warning (#373) + * Fixed issue with ED/EC certificates were still signed by RSA (#374) + * Added support for export-p8 (#339) + * Clarified error message (#384) + * 2->3 upgrade now errors and prints message when vars isn't found (#377) + * Update OpenSSL Windows binaries to 1.1.1g + * Reverted OpenSSL back to 1.1.0j + ------------------------------------------------------------------- Tue Feb 12 12:26:17 UTC 2019 - Tuukka Pasanen diff --git a/easy-rsa.spec b/easy-rsa.spec index 10636f3..f5e2f20 100644 --- a/easy-rsa.spec +++ b/easy-rsa.spec @@ -1,7 +1,7 @@ # # spec file for package easy-rsa # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # Copyright (c) 2015 Stefan Jakobs. # # All modifications and additions to the file contributed by third parties @@ -17,17 +17,17 @@ # -%define pname EasyRSA-unix +%define pname EasyRSA Name: easy-rsa -Version: 3.0.6 +Version: 3.0.8 Release: 0 Summary: CLI utility to build and manage a PKI CA License: GPL-2.0-or-later Group: Productivity/Networking/Security -Url: https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz -Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz.sig +URL: https://github.com/OpenVPN/easy-rsa +Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz +Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys Source2: %{name}.keyring Patch100: suse-packaging.patch @@ -40,8 +40,7 @@ easy-rsa is a CLI utility to build and manage a Public Key Infrastructure certificates, including sub-CAs, and create Certificate Revokation Lists (CRL). %prep -#setup -q -n %{pname}-%{version} -%setup -q -n EasyRSA-v%{version} +%setup -q -n %{pname}-%{version} %patch100 %build diff --git a/suse-packaging.patch b/suse-packaging.patch index ad4e418..e659660 100644 --- a/suse-packaging.patch +++ b/suse-packaging.patch @@ -1,66 +1,14 @@ -diff --git a/easyrsa b/easyrsa -index e019982..635a2b9 100755 ---- easyrsa -+++ easyrsa -@@ -376,7 +376,7 @@ $out" - - verify_ssl_lib () { - # make safessl-easyrsa.cnf -- make_ssl_config -+ [ "$1" == "no_safe_ssl_config" ] || make_ssl_config - - # Verify EASYRSA_OPENSSL command gives expected output - if [ -z "$EASYRSA_SSL_OK" ]; then -@@ -403,7 +403,7 @@ verify_pki_init() { - help_note="Run easyrsa without commands for usage and command help." - - # check that the pki dir exists -- vars_source_check -+ vars_source_check no_safe_ssl_config - [ -d "$EASYRSA_PKI" ] || die "\ - EASYRSA_PKI does not exist (perhaps you need to run init-pki)? - Expected to find the EASYRSA_PKI at: $EASYRSA_PKI -@@ -1452,7 +1452,7 @@ vars_setup() { +--- easyrsa.orig 2020-11-20 15:05:31.051230522 +0100 ++++ easyrsa 2020-11-20 15:08:45.769207521 +0100 +@@ -1664,10 +1664,7 @@ vars= # set up program path -- prog_vars="${0%/*}/vars" -+ prog_vars="/etc/easy-rsa/vars" +- prog_file="$0" +- prog_file2="$(which -- "$prog_file" 2>/dev/null)" && prog_file="$prog_file2" +- prog_file2="$(readlink -f "$prog_file" 2>/dev/null)" && prog_file="$prog_file2" +- prog_dir="${prog_file%/*}" ++ prog_dir="/etc/easy-rsa" + prog_vars="${prog_dir}/vars" # set up PKI path pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - -@@ -1482,7 +1482,7 @@ Note: using Easy-RSA configuration from: $vars" - fi - - # Set defaults, preferring existing env-vars if present -- set_var EASYRSA "${0%/*}" -+ set_var EASYRSA "/etc/easy-rsa" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only -@@ -1510,7 +1510,11 @@ Note: using Easy-RSA configuration from: $vars" - set_var EASYRSA_DIGEST sha256 - - set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf" -- set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf" -+ if touch "$EASYRSA/safessl-easyrsa.cnf" &>/dev/null; then -+ set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf" -+ else -+ set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf" -+ fi - - # Same as above for the x509-types extensions dir - if [ -d "$EASYRSA_PKI/x509-types" ]; then -diff --git a/vars.example b/vars.example -index f03ea6e..2e1d781 100644 ---- vars.example -+++ vars.example -@@ -47,7 +47,7 @@ fi - # itself, which is also where the configuration files are located in the - # easy-rsa tree. - --#set_var EASYRSA "${0%/*}" -+#set_var EASYRSA "/etc/easy-rsa" - - # If your OpenSSL command is not in the system PATH, you will need to define the - # path to it here. Normally this means a full path to the executable, otherwise