rpm/easy-rsa
SHA256
1
0
Fork 0
forked from pool/easy-rsa
Code Pull Requests Activity

Accepting request 653612 from network:vpn

Browse Source 
- update to 3.0.5
  * Fix #17 & #58: use AES256 for CA key
  * Also, don't use read -s, use stty -echo
  * Fix broken "nopass" option
  * Add -r to read to stop errors reported by shellcheck (and to behave)
  * remove overzealous quotes around $pkcs_opts (more SC errors)
- update and rebase suse-packaging.patch
  * fix: set_var EASYRSA in vars.example
- fix License

OBS-URL: https://build.opensuse.org/request/show/653612
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/easy-rsa?expand=0&rev=9
This commit is contained in:
Dominique Leuenberger 2018-12-04 19:55:45 +00:00 committed by Git OBS Bridge
commit 6ce1218c98
7 changed files with 98 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
EasyRSA-3.0.4.tgz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a
size 37721

BIN
EasyRSA-3.0.4.tgz.sig
View File

Binary file not shown.

3
EasyRSA-nix-3.0.5.tgz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5ebfe7dfa20008aa15cecb136f2b308f6e23e29f17568969a3ba772aa50bbb37
size 50270

BIN
EasyRSA-nix-3.0.5.tgz.sig Normal file
View File

Binary file not shown.

13
easy-rsa.changes
View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Fri Nov 30 11:10:10 UTC 2018 - chris@computersalat.de
- update to 3.0.5
* Fix #17 & #58: use AES256 for CA key
* Also, don't use read -s, use stty -echo
* Fix broken "nopass" option
* Add -r to read to stop errors reported by shellcheck (and to behave)
* remove overzealous quotes around $pkcs_opts (more SC errors)
- update and rebase suse-packaging.patch
* fix: set_var EASYRSA in vars.example
- fix License
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jan 28 19:05:46 UTC 2018 - seroton10@gmail.com Sun Jan 28 19:05:46 UTC 2018 - seroton10@gmail.com

32
easy-rsa.spec
View File

@ -17,15 +17,17 @@
# #
%define pname EasyRSA-nix
Name: easy-rsa Name: easy-rsa
Version: 3.0.4 Version: 3.0.5
Release: 0 Release: 0
Summary: CLI utility to build and manage a PKI CA Summary: CLI utility to build and manage a PKI CA
License: GPL-2.0 License: GPL-2.0-or-later
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Url: https://github.com/OpenVPN/easy-rsa Url: https://github.com/OpenVPN/easy-rsa
Source: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz
Source1: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig
# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
Source2: %{name}.keyring Source2: %{name}.keyring
Patch100: suse-packaging.patch Patch100: suse-packaging.patch
@ -38,24 +40,30 @@ easy-rsa is a CLI utility to build and manage a Public Key Infrastructure
certificates, including sub-CAs, and create Certificate Revokation Lists (CRL). certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).
%prep %prep
#setup -q -n %{pname}-%{version}
%setup -q -n EasyRSA-%{version} %setup -q -n EasyRSA-%{version}
%patch100 -p1 %patch100
%build %build
%install %install
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types
install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/
install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/ install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/
install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/
install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc gpl-2.0.txt README.quickstart.md COPYING.md %doc ChangeLog README.md README.quickstart.md
%doc doc/* %doc doc/*
%if 0%{?sle_version} == 11 || 0%{?sle_version} <= 120400
%doc COPYING.md gpl-2.0.txt
%else
%license COPYING.md gpl-2.0.txt
%endif
%{_bindir}/easyrsa %{_bindir}/easyrsa
%config(noreplace) %{_sysconfdir}/easy-rsa %config(noreplace) %{_sysconfdir}/%{name}
%changelog %changelog

70
suse-packaging.patch
View File

@ -1,36 +1,62 @@
*** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.431057777 +0200 --- easyrsa.orig 2018-09-15 06:21:19.000000000 +0200
--- easyrsa3/easyrsa 2017-07-19 05:24:59.583924924 +0200 +++ easyrsa 2018-12-03 23:38:04.420888219 +0100
*************** @@ -315,7 +315,7 @@
*** 1014,1020 **** EASYRSA_PKI env-var undefined"
# make safessl-easyrsa.cnf
- make_ssl_config
+ [ "$1" == "no_safe_ssl_config" ] || make_ssl_config
# Verify EASYRSA_OPENSSL command gives expected output
if [ -z "$EASYRSA_SSL_OK" ]; then
@@ -415,7 +415,7 @@
# init-pki backend:
init_pki() {
- vars_source_check
+ vars_source_check no_safe_ssl_config
# If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH)
if [ -e "$EASYRSA_PKI" ]; then
@@ -1124,7 +1124,7 @@
vars= vars=
# set up program path # set up program path
! prog_vars="${0%/*}/vars" - prog_vars="${0%/*}/vars"
+ prog_vars="/etc/easy-rsa/vars"
# set up PKI path # set up PKI path
pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
--- 1014,1020 ---- @@ -1154,7 +1154,7 @@
vars=
# set up program path
! prog_vars="/etc/easy-rsa/vars"
# set up PKI path
pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
***************
*** 1041,1047 ****
fi fi
# Set defaults, preferring existing env-vars if present # Set defaults, preferring existing env-vars if present
! set_var EASYRSA "${0%/*}" - set_var EASYRSA "${0%/*}"
+ set_var EASYRSA "/etc/easy-rsa"
set_var EASYRSA_OPENSSL openssl set_var EASYRSA_OPENSSL openssl
set_var EASYRSA_PKI "$PWD/pki" set_var EASYRSA_PKI "$PWD/pki"
set_var EASYRSA_DN cn_only set_var EASYRSA_DN cn_only
--- 1041,1047 ---- @@ -1185,7 +1185,11 @@
set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf"
set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf"
- set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf"
+ if touch "$EASYRSA/safessl-easyrsa.cnf" &>/dev/null; then
+ set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf"
+ else
+ set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
+ fi
fi fi
# Set defaults, preferring existing env-vars if present # Same as above for the x509-types extensions dir
! set_var EASYRSA "/etc/easy-rsa" --- vars.example.orig 2018-12-03 23:06:35.863084842 +0100
set_var EASYRSA_OPENSSL openssl +++ vars.example 2018-12-03 23:07:12.538808022 +0100
set_var EASYRSA_PKI "$PWD/pki" @@ -47,7 +47,7 @@
set_var EASYRSA_DN cn_only # itself, which is also where the configuration files are located in the
# easy-rsa tree.
-#set_var EASYRSA "${0%/*}"
+#set_var EASYRSA "/etc/easy-rsa"
# If your OpenSSL command is not in the system PATH, you will need to define the
# path to it here. Normally this means a full path to the executable, otherwise