diff --git a/EasyRSA-3.0.4.tgz b/EasyRSA-3.0.4.tgz deleted file mode 100644 index 2a1f86c..0000000 --- a/EasyRSA-3.0.4.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a -size 37721 diff --git a/EasyRSA-3.0.4.tgz.sig b/EasyRSA-3.0.4.tgz.sig deleted file mode 100644 index 97c2526..0000000 Binary files a/EasyRSA-3.0.4.tgz.sig and /dev/null differ diff --git a/EasyRSA-nix-3.0.5.tgz b/EasyRSA-nix-3.0.5.tgz new file mode 100644 index 0000000..34417b8 --- /dev/null +++ b/EasyRSA-nix-3.0.5.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5ebfe7dfa20008aa15cecb136f2b308f6e23e29f17568969a3ba772aa50bbb37 +size 50270 diff --git a/EasyRSA-nix-3.0.5.tgz.sig b/EasyRSA-nix-3.0.5.tgz.sig new file mode 100644 index 0000000..c440b74 Binary files /dev/null and b/EasyRSA-nix-3.0.5.tgz.sig differ diff --git a/easy-rsa.changes b/easy-rsa.changes index c782361..b82d48d 100644 --- a/easy-rsa.changes +++ b/easy-rsa.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Fri Nov 30 11:10:10 UTC 2018 - chris@computersalat.de + +- update to 3.0.5 + * Fix #17 & #58: use AES256 for CA key + * Also, don't use read -s, use stty -echo + * Fix broken "nopass" option + * Add -r to read to stop errors reported by shellcheck (and to behave) + * remove overzealous quotes around $pkcs_opts (more SC errors) +- update and rebase suse-packaging.patch + * fix: set_var EASYRSA in vars.example +- fix License + ------------------------------------------------------------------- Sun Jan 28 19:05:46 UTC 2018 - seroton10@gmail.com diff --git a/easy-rsa.spec b/easy-rsa.spec index 752ee44..3cacb3d 100644 --- a/easy-rsa.spec +++ b/easy-rsa.spec @@ -13,19 +13,21 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # +%define pname EasyRSA-nix + Name: easy-rsa -Version: 3.0.4 +Version: 3.0.5 Release: 0 Summary: CLI utility to build and manage a PKI CA -License: GPL-2.0 +License: GPL-2.0-or-later Group: Productivity/Networking/Security Url: https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz -Source1: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig +Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz +Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys Source2: %{name}.keyring Patch100: suse-packaging.patch @@ -38,24 +40,30 @@ easy-rsa is a CLI utility to build and manage a Public Key Infrastructure certificates, including sub-CAs, and create Certificate Revokation Lists (CRL). %prep +#setup -q -n %{pname}-%{version} %setup -q -n EasyRSA-%{version} -%patch100 -p1 +%patch100 %build %install -install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types -install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ +install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/ +install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types +install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/ +install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/ +install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/ install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa %files %defattr(-,root,root) -%doc gpl-2.0.txt README.quickstart.md COPYING.md +%doc ChangeLog README.md README.quickstart.md %doc doc/* +%if 0%{?sle_version} == 11 || 0%{?sle_version} <= 120400 +%doc COPYING.md gpl-2.0.txt +%else +%license COPYING.md gpl-2.0.txt +%endif %{_bindir}/easyrsa -%config(noreplace) %{_sysconfdir}/easy-rsa +%config(noreplace) %{_sysconfdir}/%{name} %changelog diff --git a/suse-packaging.patch b/suse-packaging.patch index 4fa91ba..c2973b3 100644 --- a/suse-packaging.patch +++ b/suse-packaging.patch @@ -1,36 +1,35 @@ -*** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.431057777 +0200 ---- easyrsa3/easyrsa 2017-07-19 05:24:59.583924924 +0200 -*************** -*** 1014,1020 **** - vars= - - # set up program path -! prog_vars="${0%/*}/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - ---- 1014,1020 ---- - vars= - - # set up program path -! prog_vars="/etc/easy-rsa/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - -*************** -*** 1041,1047 **** - fi - - # Set defaults, preferring existing env-vars if present -! set_var EASYRSA "${0%/*}" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only ---- 1041,1047 ---- - fi - - # Set defaults, preferring existing env-vars if present -! set_var EASYRSA "/etc/easy-rsa" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only +Index: easyrsa +=================================================================== +--- easyrsa.orig ++++ easyrsa +@@ -1124,7 +1124,7 @@ vars_setup() { + vars= + + # set up program path +- prog_vars="${0%/*}/vars" ++ prog_vars="/etc/easy-rsa/vars" + # set up PKI path + pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" + +@@ -1154,7 +1154,7 @@ Note: using Easy-RSA configuration from: + fi + + # Set defaults, preferring existing env-vars if present +- set_var EASYRSA "${0%/*}" ++ set_var EASYRSA "/etc/easy-rsa" + set_var EASYRSA_OPENSSL openssl + set_var EASYRSA_PKI "$PWD/pki" + set_var EASYRSA_DN cn_only +Index: vars.example +=================================================================== +--- vars.example.orig ++++ vars.example +@@ -47,7 +47,7 @@ fi + # itself, which is also where the configuration files are located in the + # easy-rsa tree. + +-#set_var EASYRSA "${0%/*}" ++#set_var EASYRSA "/etc/easy-rsa" + + # If your OpenSSL command is not in the system PATH, you will need to define the + # path to it here. Normally this means a full path to the executable, otherwise