From 338c455133c7eae8c85de4901e41d7dac10ea8668b83f5d50b80bd55e8a1e356 Mon Sep 17 00:00:00 2001
From: Olav Reinert <seroton10@gmail.com>
Date: Sat, 21 Jan 2023 19:23:18 +0000
Subject: [PATCH] Accepting request 1058877 from
 home:polslinux:branches:network:vpn

- Update to 3.1.2:
  * Command 'renew': Remove option 'nopass'
  * find_x509_types_dir(): Remove excess checks
  * Remove function find_x509_types_dir()
  * For 'init-pki hard' only, always try to create a new pki/vars file
  * Introduce global option '--notext|--no-text'
  * Minor style change
  * Introduce command 'set-pass'
  * Fix shellcheck warning for command set-pass case statement
  * cleanup(): Exit correctly for SIGINT
  * Update help: Standardise output; Improve code; Reprioritise options
  * vars.example: Add EASYRSA_NO_PASS and wrap long lines
  * Use 'unset -v', consistently
  * build-ca: Improve passphrase input mechanism
  * Remove global options '--verbose' and '--quiet' as not required
  * Remove all prerequisite code to build a safe SSL config file
  * Rename temp files to reflect the purpose
  * easyrsa_openssl(): Always set OPENSSL_CONF to EasyRSA safe SSL config
  * Replace SSL calls for serial number with function ssl_cert_serial()
  * Introduce OpenSSL only mode: No Safe SSL Config File
  * ff_date_to_cert_date(): Correct the input format for busybox date
  * Re-order easyrsa_openssl() temp-file assignment
  * Stop EASYRSA_DEBUG interfering with SSL output from subshells
  * Status reports: Recognise Expired certificates
  * New function safe_set_var(): Safe wrapper for set_var()
  * Windows, build-ca: Add input password to re-open private key
  * Renewal: General code improvements
  * cleanup(): General improvements - Create KNOWN error exit
  * build-ca: Change FATAL error to warning for old openssl-easyrsa.cnf
  * Allow --fix-offset to create post-dated certificates

OBS-URL: https://build.opensuse.org/request/show/1058877
OBS-URL: https://build.opensuse.org/package/show/network:vpn/easy-rsa?expand=0&rev=40
---
 EasyRSA-3.1.1.tgz     |   3 ---
 EasyRSA-3.1.1.tgz.sig | Bin 310 -> 0 bytes
 EasyRSA-3.1.2.tgz     |   3 +++
 EasyRSA-3.1.2.tgz.sig | Bin 0 -> 310 bytes
 easy-rsa.changes      |  42 ++++++++++++++++++++++++++++++++++++++++++
 easy-rsa.spec         |   6 ++----
 fix-747.patch         |  42 ------------------------------------------
 7 files changed, 47 insertions(+), 49 deletions(-)
 delete mode 100644 EasyRSA-3.1.1.tgz
 delete mode 100644 EasyRSA-3.1.1.tgz.sig
 create mode 100644 EasyRSA-3.1.2.tgz
 create mode 100644 EasyRSA-3.1.2.tgz.sig
 delete mode 100644 fix-747.patch

diff --git a/EasyRSA-3.1.1.tgz b/EasyRSA-3.1.1.tgz
deleted file mode 100644
index 494cab8..0000000
--- a/EasyRSA-3.1.1.tgz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:779d425cacf1de56262b7a7ed6b90b36e614ce9273f08ad7b86992740cb3b2a5
-size 68434
diff --git a/EasyRSA-3.1.1.tgz.sig b/EasyRSA-3.1.1.tgz.sig
deleted file mode 100644
index 600592489b3a04d8324bcad8cb38468840ffc9052fcb2345c4ccf5816c01f252..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 310
zcmV-60m=S}0W$;u0SEvc79j-4{G;dhhX*X)xg9TZmO>dh4Gj(j0%J+jJ^%^{5OS76
z895CN4ot-d{yDnA5uHQ>!#3e@4m<d3WXY)yh79aTp@Trf4(ZM5_nDSxD`x^njh^ba
zC{^h;5NWcdhnJdw6T2-N^W54r(aa*PJjks{u-{;a2CsTJGf|}!lB}(nYX=j!;XR4Z
z)i1qd;vWHcYeA1KuGE?hkKbHVg;uRv69!eCO{KaAJ3nX|-?*MwJzNN@6vXAE=HI=0
zg`M3WNQUy_QdS1)Mq9rwD-%gH_lJ&}4dLFD94uWnqZC_RS*$DoCmN?m9S1D(M>7Sf
z;nBZUV6))KK*yPflT&VVhxh+d6F}t3-GNQvfO_U;MBfq4h@zzt!eS*=K<NeD%}7cl
I2U`I{-;t1rt^fc4

diff --git a/EasyRSA-3.1.2.tgz b/EasyRSA-3.1.2.tgz
new file mode 100644
index 0000000..e4b2ba7
--- /dev/null
+++ b/EasyRSA-3.1.2.tgz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d63cf129490ffd6d8792ede7344806c506c82c32428b5bb609ad97ca6a6e4499
+size 68984
diff --git a/EasyRSA-3.1.2.tgz.sig b/EasyRSA-3.1.2.tgz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..7d19621dcd10e097210707629f357bed8b97966e682da069684df54d15007bed
GIT binary patch
literal 310
zcmV-60m=S}0W$;u0SEvc79j-4{G;dhhX*X)xg9TZmO>dh4Gj(j0%O6_xc~|Y5OS76
z895CN4p&nL|6rOF102mOPzh-k;fD5nft>Eo%wemcb8(A>%bEPQ?*5RcoGSdvkmSPG
zG!13?4v%AiZ0(3ZO`y;_C=(_85@#~l5k>T*qx6cKRoLK<yEhKUz`jmOz_dq+b&riM
z>a{OO=R=Awg8shiBr-jCHzLOP>?6^{k`FfrC$TFP)(#dAJsP4RdKJk*JWXbDNIiFo
z4Rv*mghlFbs}tw*AU0C{ZjLPfL)Oq34rtz%$)x3|y1)|utz`e7ON~p}#IA4NWC|$|
zEOCa5r2;gYbimzH#2CW-lxIN6?yc!XmU7pKOHH1cHC^i1%;FRUuPhAM55-aOyv}nX
Iau-Yw;<osZOaK4?

literal 0
HcmV?d00001

diff --git a/easy-rsa.changes b/easy-rsa.changes
index 5ad6aaa..349b39b 100644
--- a/easy-rsa.changes
+++ b/easy-rsa.changes
@@ -1,3 +1,45 @@
+-------------------------------------------------------------------
+Tue Jan 17 11:06:55 UTC 2023 - Paolo Stivanin <info@paolostivanin.com>
+
+- Update to 3.1.2:
+  * Command 'renew': Remove option 'nopass' 
+  * find_x509_types_dir(): Remove excess checks
+  * Remove function find_x509_types_dir() 
+  * For 'init-pki hard' only, always try to create a new pki/vars file 
+  * Introduce global option '--notext|--no-text' 
+  * Minor style change
+  * Introduce command 'set-pass' 
+  * Fix shellcheck warning for command set-pass case statement 
+  * cleanup(): Exit correctly for SIGINT 
+  * Update help: Standardise output; Improve code; Reprioritise options
+  * vars.example: Add EASYRSA_NO_PASS and wrap long lines
+  * Use 'unset -v', consistently
+  * build-ca: Improve passphrase input mechanism 
+  * Remove global options '--verbose' and '--quiet' as not required
+  * Remove all prerequisite code to build a safe SSL config file
+  * Rename temp files to reflect the purpose 
+  * easyrsa_openssl(): Always set OPENSSL_CONF to EasyRSA safe SSL config 
+  * Replace SSL calls for serial number with function ssl_cert_serial() 
+  * Introduce OpenSSL only mode: No Safe SSL Config File 
+  * ff_date_to_cert_date(): Correct the input format for busybox date 
+  * Re-order easyrsa_openssl() temp-file assignment 
+  * Stop EASYRSA_DEBUG interfering with SSL output from subshells 
+  * Status reports: Recognise Expired certificates 
+  * New function safe_set_var(): Safe wrapper for set_var() 
+  * Windows, build-ca: Add input password to re-open private key 
+  * Renewal: General code improvements 
+  * cleanup(): General improvements - Create KNOWN error exit 
+  * build-ca: Change FATAL error to warning for old openssl-easyrsa.cnf 
+  * Allow --fix-offset to create post-dated certificates 
+  * Default settings: Make default Edwards curve ED25519
+  * cleanup(): Exit with numeric error-code only 
+  * init-pki(): Introduce second warning before HARD removal
+  * build-full: Always enable inline file creation 
+  * Global option '--passout' always take priority ONLY
+  * Status Reports: Set 'LC_TIME=C.UTF-8', only used for reports 
+  * Option --fix-offset: Adjust off-by-one day
+- Drop fix-747.patch
+
 -------------------------------------------------------------------
 Tue Dec 13 23:09:09 UTC 2022 - Olav Reinert <seroton10@gmail.com>
 
diff --git a/easy-rsa.spec b/easy-rsa.spec
index 189fb87..fdb0484 100644
--- a/easy-rsa.spec
+++ b/easy-rsa.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package easy-rsa
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 # Copyright (c) 2015 Stefan Jakobs.
 #
 # All modifications and additions to the file contributed by third parties
@@ -19,7 +19,7 @@
 
 %define pname   EasyRSA
 Name:           easy-rsa
-Version:        3.1.1
+Version:        3.1.2
 Release:        0
 Summary:        CLI utility to build and manage a PKI CA
 License:        GPL-2.0-or-later
@@ -29,7 +29,6 @@ Source:         https://github.com/OpenVPN/%{name}/releases/download/v%{version}
 Source1:        https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig
 # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
 Source2:        %{name}.keyring
-Patch1:         fix-747.patch
 Patch100:       suse-packaging.patch
 BuildArch:      noarch
 
@@ -40,7 +39,6 @@ certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).
 
 %prep
 %setup -q -n %{pname}-%{version}
-%patch1 -p2
 %patch100
 
 %build
diff --git a/fix-747.patch b/fix-747.patch
deleted file mode 100644
index 67e1354..0000000
--- a/fix-747.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-commit 4472516e24b068542cfd1ff5c3e51c3b89eb38b1
-Author: Richard T Bonhomme <tincantech@protonmail.com>
-Date:   Mon Oct 31 00:34:42 2022 +0000
-
-    Reset option flag check 'number_only' per option
-    
-    Squashed commit of the following:
-    
-    commit 4aada5ffcd8cff893618bbbfe24f589f33665352
-    Merge: 439cdc1 6f8ba1e
-    Author: Richard T Bonhomme <tincantech@protonmail.com>
-    Date:   Mon Oct 31 00:31:56 2022 +0000
-    
-        Merge branch 'bugfix-number-only' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-bugfix-number-only
-    
-        Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
-    
-    commit 6f8ba1e608d5223efa9dd296ed2c61418da991aa
-    Author: Richard T Bonhomme <tincantech@protonmail.com>
-    Date:   Sun Oct 30 23:56:46 2022 +0000
-    
-        Reset option flag check 'number_only' per option
-    
-        Closes: #747
-    
-        Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
-    
-    Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
-
-diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
-index 6ee8f73..8909977 100755
---- a/easyrsa3/easyrsa
-+++ b/easyrsa3/easyrsa
-@@ -4897,7 +4897,7 @@ unset -v die_error_exit easyrsa_error_exit \
- # Parse options
- while :; do
- 	# Separate option from value:
--	unset -v opt val is_empty empty_ok
-+	unset -v opt val is_empty empty_ok number_only
- 	opt="${1%%=*}"
- 	val="${1#*=}"
-