SOURCES: easy-rsa2.patch - rediff
glen
glen at pld-linux.org
Tue Sep 18 13:03:38 CEST 2007
Author: glen Date: Tue Sep 18 11:03:38 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- rediff
---- Files affected:
SOURCES:
easy-rsa2.patch (1.5 -> 1.6)
---- Diffs:
================================================================
Index: SOURCES/easy-rsa2.patch
diff -u SOURCES/easy-rsa2.patch:1.5 SOURCES/easy-rsa2.patch:1.6
--- SOURCES/easy-rsa2.patch:1.5 Thu Dec 7 19:35:08 2006
+++ SOURCES/easy-rsa2.patch Tue Sep 18 13:03:33 2007
@@ -1,5 +1,5 @@
---- openvpn-2.0.5/easy-rsa/2.0/build-ca 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-ca 2006-06-20 18:07:58.836973652 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-ca 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-ca 2007-09-18 14:00:41.538658520 +0300
@@ -1,8 +1,8 @@
-#!/bin/bash
+#!/bin/sh
@@ -12,8 +12,8 @@
-"$EASY_RSA/pkitool" --interact --initca $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --initca $*
---- openvpn-2.0.5/easy-rsa/2.0/build-dh 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-dh 2006-06-20 18:08:01.257028006 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-dh 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-dh 2007-09-18 14:00:41.538658520 +0300
@@ -1,7 +1,10 @@
-#!/bin/bash
+#!/bin/sh
@@ -25,9 +25,9 @@
+fi
if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then
- openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
---- openvpn-2.0.5/easy-rsa/2.0/build-inter 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-inter 2006-06-20 18:08:03.467077642 +0300
+ $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-inter 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-inter 2007-09-18 14:00:41.538658520 +0300
@@ -1,7 +1,7 @@
-#!/bin/bash
+#!/bin/sh
@@ -39,8 +39,8 @@
-"$EASY_RSA/pkitool" --interact --inter $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --inter $*
---- openvpn-2.0.5/easy-rsa/2.0/build-key 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-key 2006-06-20 18:07:54.086866966 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-key 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key 2007-09-18 14:00:41.538658520 +0300
@@ -1,7 +1,7 @@
-#!/bin/bash
+#!/bin/sh
@@ -52,8 +52,8 @@
-"$EASY_RSA/pkitool" --interact $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact $*
---- openvpn-2.0.5/easy-rsa/2.0/build-key-pass 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-key-pass 2006-06-20 18:07:44.566653144 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-key-pass 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-pass 2007-09-18 14:00:41.538658520 +0300
@@ -1,7 +1,7 @@
-#!/bin/bash
+#!/bin/sh
@@ -65,8 +65,8 @@
-"$EASY_RSA/pkitool" --interact --pass $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --pass $*
---- openvpn-2.0.5/easy-rsa/2.0/build-key-pkcs12 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-key-pkcs12 2006-06-20 18:07:40.856569816 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-key-pkcs12 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-pkcs12 2007-09-18 14:00:41.538658520 +0300
@@ -1,8 +1,8 @@
-#!/bin/bash
+#!/bin/sh
@@ -79,21 +79,24 @@
-"$EASY_RSA/pkitool" --interact --pkcs12 $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --pkcs12 $*
---- openvpn-2.0.5/easy-rsa/2.0/build-key-server 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-key-server 2006-06-20 18:07:42.576608448 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-key-server 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-server 2007-09-18 14:00:41.538658520 +0300
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
# Make a certificate/private key pair using a locally generated
# root certificate.
-@@ -9,2 +9,2 @@
+@@ -6,5 +6,5 @@
+ # Explicitly set nsCertType to server using the "server"
+ # extension in the openssl.cnf file.
+
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --server $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --server $*
---- openvpn-2.0.5/easy-rsa/2.0/build-req 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-req 2006-06-20 18:07:57.116935021 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-req 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-req 2007-09-18 14:00:41.538658520 +0300
@@ -1,7 +1,7 @@
-#!/bin/bash
+#!/bin/sh
@@ -105,8 +108,8 @@
-"$EASY_RSA/pkitool" --interact --csr $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --csr $*
---- openvpn-2.0.5/easy-rsa/2.0/build-req-pass 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/build-req-pass 2006-06-20 18:07:48.716746354 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/build-req-pass 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-req-pass 2007-09-18 14:00:41.548658748 +0300
@@ -1,7 +1,7 @@
-#!/bin/bash
+#!/bin/sh
@@ -118,8 +121,8 @@
-"$EASY_RSA/pkitool" --interact --csr --pass $*
+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
+/usr/sbin/pkitool --interact --csr --pass $*
---- openvpn-2.0.5/easy-rsa/2.0/clean-all 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/clean-all 2006-06-20 18:07:35.556450775 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/clean-all 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/clean-all 2007-09-18 14:00:41.548658748 +0300
@@ -1,9 +1,13 @@
-#!/bin/bash
+#!/bin/sh
@@ -135,8 +138,8 @@
if [ "$KEY_DIR" ]; then
rm -rf "$KEY_DIR"
mkdir "$KEY_DIR" && \
---- openvpn-2.0.5/easy-rsa/2.0/inherit-inter 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/inherit-inter 2006-06-20 18:07:51.916818227 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/inherit-inter 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/inherit-inter 2007-09-18 14:00:41.548658748 +0300
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
@@ -154,8 +157,8 @@
# The EXPORT_CA file will contain the CA certificate chain and should be
# referenced by the OpenVPN "ca" directive in config files. The ca.crt file
# will only contain the local intermediate CA -- it's needed by the easy-rsa
---- openvpn-2.0.5/easy-rsa/2.0/list-crl 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/list-crl 2006-06-20 18:07:29.446313541 +0300
+--- openvpn-2.1_rc4/easy-rsa/2.0/list-crl 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/list-crl 2007-09-18 14:00:41.548658748 +0300
@@ -1,6 +1,9 @@
-#!/bin/bash
+#!/bin/sh
@@ -167,11 +170,11 @@
CRL="${1:-crl.pem}"
---- openvpn-2.0.5/easy-rsa/2.0.orig/pkitool 2005-11-02 20:42:38.000000000 +0200
-+++ openvpn-2.0.5/easy-rsa/2.0/pkitool 2006-03-02 16:34:06.000000000 +0200
-@@ -34,6 +34,10 @@
- GREP=grep
- OPENSSL=openssl
+--- openvpn-2.1_rc4/easy-rsa/2.0/pkitool 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/pkitool 2007-09-18 14:00:41.548658748 +0300
+@@ -39,6 +39,10 @@
+ exit 1
+ }
+if [ -z "$EASY_RSA" ]; then
+ . /etc/easy-rsa/vars
@@ -180,44 +183,12 @@
need_vars()
{
echo ' Please edit the vars script to reflect your configuration,'
---- openvpn-2.0.5/easy-rsa/2.0/sign-req 2006-03-02 16:34:06.000000000 +0200
-+++ openvpn-2.0.7-bash/easy-rsa/2.0/sign-req 2006-06-20 18:07:38.856524895 +0300
-@@ -1,7 +1,7 @@
+--- openvpn-2.1_rc4/easy-rsa/2.0/revoke-full 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/revoke-full 2007-09-18 14:00:41.548658748 +0300
+@@ -1,7 +1,10 @@
-#!/bin/bash
+#!/bin/sh
- # Sign a certificate signing request (a .csr file)
- # with a local root certificate and key.
-
--export EASY_RSA="${EASY_RSA:-.}"
--"$EASY_RSA/pkitool" --interact --sign $*
-+export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
-+/usr/sbin/pkitool --interact --sign $*
---- openvpn-2.0.5/easy-rsa/2.0.orig/vars 2005-11-02 20:42:39.000000000 +0200
-+++ openvpn-2.0.5/easy-rsa/2.0/vars 2006-03-02 16:34:06.000000000 +0200
-@@ -12,7 +12,7 @@
- # This variable should point to
- # the top level of the easy-rsa
- # tree.
--export EASY_RSA="`pwd`"
-+export EASY_RSA="/etc/easy-rsa"
-
- # This variable should point to
- # the openssl.cnf file included
-@@ -29,9 +29,6 @@
- # it correctly!
- export KEY_DIR="$EASY_RSA/keys"
-
--# Issue rm -rf warning
--echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
--
- # Increase this to 2048 if you
- # are paranoid. This will slow
- # down TLS negotiation performance
---- openvpn-2.0.5/easy-rsa/2.0/revoke-full 2005-11-02 20:42:39.000000000 +0200
-+++ /home/glen/revoke-full 2006-03-22 13:58:57.000000000 +0200
-@@ -2,6 +2,9 @@
-
# revoke a certificate, regenerate CRL,
# and verify revocation
+if [ -z "$EASY_RSA" ]; then
@@ -226,15 +197,7 @@
CRL="crl.pem"
RT="revoke-test.pem"
---- openvpn-2.0.7-bash/easy-rsa/2.0/revoke-full 2006-06-20 18:07:46.746702107 +0300
-+++ openvpn-2.0.9/easy-rsa/2.0/revoke-full 2006-12-07 20:29:18.323709601 +0200
-@@ -1,4 +1,4 @@
--#!/bin/bash
-+#!/bin/sh
-
- # revoke a certificate, regenerate CRL,
- # and verify revocation
-@@ -23,7 +23,7 @@
+@@ -20,7 +23,7 @@
export KEY_OU=""
# revoke key and generate a new CRL
@@ -243,7 +206,7 @@
# generate a new CRL -- try to be compatible with
# intermediate PKIs
-@@ -35,7 +35,7 @@
+@@ -32,7 +35,7 @@
fi
# verify the revocation
@@ -252,8 +215,30 @@
else
echo 'Please source the vars script first (i.e. "source ./vars")'
echo 'Make sure you have edited it to reflect your configuration.'
---- openvpn-2.0.9/easy-rsa/2.0/vars~ 2006-12-07 20:33:11.688972229 +0200
-+++ openvpn-2.0.9/easy-rsa/2.0/vars 2006-12-07 20:33:13.999024320 +0200
+--- openvpn-2.1_rc4/easy-rsa/2.0/sign-req 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/sign-req 2007-09-18 14:00:41.548658748 +0300
+@@ -1,7 +1,7 @@
+-#!/bin/bash
++#!/bin/sh
+
+ # Sign a certificate signing request (a .csr file)
+ # with a local root certificate and key.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --sign $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --sign $*
+--- openvpn-2.1_rc4/easy-rsa/2.0/vars 2007-04-26 00:38:44.000000000 +0300
++++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/vars 2007-09-18 14:00:41.548658748 +0300
+@@ -12,7 +12,7 @@
+ # This variable should point to
+ # the top level of the easy-rsa
+ # tree.
+-export EASY_RSA="`pwd`"
++export EASY_RSA="/etc/easy-rsa"
+
+ #
+ # This variable should point to
@@ -26,7 +26,7 @@
# This variable should point to
# the openssl.cnf file included
@@ -263,3 +248,13 @@
# Edit this variable to point to
# your soon-to-be-created key
+@@ -38,9 +38,6 @@
+ # it correctly!
+ export KEY_DIR="$EASY_RSA/keys"
+
+-# Issue rm -rf warning
+-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
+-
+ # Increase this to 2048 if you
+ # are paranoid. This will slow
+ # down TLS negotiation performance
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/easy-rsa2.patch?r1=1.5&r2=1.6&f=u
More information about the pld-cvs-commit
mailing list