[packages/easy-rsa] - easy-rsa as separate package
arekm
arekm at pld-linux.org
Wed Jan 9 11:55:53 CET 2013
commit 7b891ac12ed24aca1bf8ce7e1ad72c05c9df7518
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Jan 9 11:55:38 2013 +0100
- easy-rsa as separate package
easy-rsa.spec | 63 +++++++++++
easy-rsa2.patch | 342 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 405 insertions(+)
---
diff --git a/easy-rsa.spec b/easy-rsa.spec
new file mode 100644
index 0000000..3295d0c
--- /dev/null
+++ b/easy-rsa.spec
@@ -0,0 +1,63 @@
+Summary: Small RSA key management package
+Summary(pl.UTF-8): Mały pakiet do zarządzania kluczami RSA
+Name: easy-rsa
+Version: 2.2.0
+Release: 1
+License: GPL
+Group: Applications
+Source0: http://build.openvpn.net/downloads/releases/%{name}-%{version}_master.tar.gz
+# Source0-md5: fbf818b6e1f212e77b9ce0e6d92584a1
+Patch0: %{name}2.patch
+URL: http://openvpn.net/easyrsa.html
+Requires: grep
+Requires: openssl-tools
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+This is a small RSA key management package, based on the openssl
+command line tool, that can be found in the easy-rsa subdirectory of
+the OpenVPN distribution. While this tool is primary concerned with
+key management for the SSL VPN application space, it can also be used
+for building web certificates.
+
+%description -l pl.UTF-8
+To jest mały pakiet do zarządzania kluczami RSA, oparty na narzędziu
+linii poleceń openssl. Pakiet ten pochodzi z podkatalogu easy-rsa
+dystrybucji OpenVPN.
+
+%prep
+%setup -q -n %{name}-%{version}_master
+%patch0 -p1
+
+%build
+%configure
+
+%{__make}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/easy-rsa/keys}
+
+%{__make} install \
+ DESTDIR="$RPM_BUILD_ROOT"
+
+mv $RPM_BUILD_ROOT%{_datadir}/easy-rsa/openssl-1.0.0.cnf $RPM_BUILD_ROOT%{_sysconfdir}/easy-rsa/openssl.cnf
+rm $RPM_BUILD_ROOT%{_datadir}/easy-rsa/openssl-*.cnf
+mv $RPM_BUILD_ROOT%{_datadir}/easy-rsa/vars $RPM_BUILD_ROOT%{_sysconfdir}/easy-rsa/
+mv $RPM_BUILD_ROOT%{_datadir}/easy-rsa/pkitool $RPM_BUILD_ROOT%{_sbindir}
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%doc doc/README-2.0
+%dir %{_sysconfdir}/easy-rsa
+%attr(700,root,root) %dir %{_sysconfdir}/easy-rsa/keys
+%config(noreplace) %attr(640,root,root) %verify(not md5 mtime size) %{_sysconfdir}/easy-rsa/vars
+%config(noreplace) %attr(640,root,root) %verify(not md5 mtime size) %{_sysconfdir}/easy-rsa/openssl.cnf
+%attr(755,root,root) %{_sbindir}/pkitool
+%dir %{_datadir}/easy-rsa
+%attr(755,root,root) %{_datadir}/easy-rsa/*
diff --git a/easy-rsa2.patch b/easy-rsa2.patch
new file mode 100644
index 0000000..3d63b38
--- /dev/null
+++ b/easy-rsa2.patch
@@ -0,0 +1,342 @@
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-ca openvpn-2.2.0/easy-rsa/2.0/build-ca
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-ca 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-ca 2011-04-27 22:34:59.357652908 +0200
+@@ -4,5 +4,5 @@
+ # Build a root certificate
+ #
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --initca $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --initca $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-dh openvpn-2.2.0/easy-rsa/2.0/build-dh
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-dh 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-dh 2011-04-27 22:36:11.867656490 +0200
+@@ -3,8 +3,12 @@
+ # Build Diffie-Hellman parameters for the server side
+ # of an SSL/TLS connection.
+
++if [ -z "$EASY_RSA" ]; then
++ . /etc/easy-rsa/vars
++fi
++
+ if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then
+- $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
++ openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
+ else
+ echo 'Please source the vars script first (i.e. "source ./vars")'
+ echo 'Make sure you have edited it to reflect your configuration.'
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-inter openvpn-2.2.0/easy-rsa/2.0/build-inter
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-inter 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-inter 2011-04-27 22:37:59.789289422 +0200
+@@ -3,5 +3,5 @@
+ # Make an intermediate CA certificate/private key pair using a locally generated
+ # root certificate.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --inter $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --inter $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key openvpn-2.2.0/easy-rsa/2.0/build-key
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key 2011-04-27 22:38:35.330924876 +0200
+@@ -3,5 +3,5 @@
+ # Make a certificate/private key pair using a locally generated
+ # root certificate.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pass openvpn-2.2.0/easy-rsa/2.0/build-key-pass
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pass 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key-pass 2011-04-27 22:39:23.919827311 +0200
+@@ -3,5 +3,5 @@
+ # Similar to build-key, but protect the private key
+ # with a password.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --pass $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --pass $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.2.0/easy-rsa/2.0/build-key-pkcs12
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pkcs12 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key-pkcs12 2011-04-27 22:40:10.288627524 +0200
+@@ -4,5 +4,5 @@
+ # root certificate and convert it to a PKCS #12 file including the
+ # the CA certificate as well.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --pkcs12 $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --pkcs12 $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key-server openvpn-2.2.0/easy-rsa/2.0/build-key-server
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key-server 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key-server 2011-04-27 22:41:24.715385295 +0200
+@@ -6,5 +6,5 @@
+ # Explicitly set nsCertType to server using the "server"
+ # extension in the openssl.cnf file.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --server $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --server $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-req openvpn-2.2.0/easy-rsa/2.0/build-req
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-req 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-req 2011-04-27 22:41:59.636992013 +0200
+@@ -3,5 +3,5 @@
+ # Build a certificate signing request and private key. Use this
+ # when your root certificate and key is not available locally.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --csr $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --csr $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-req-pass openvpn-2.2.0/easy-rsa/2.0/build-req-pass
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-req-pass 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-req-pass 2011-04-27 22:43:36.938135257 +0200
+@@ -3,5 +3,5 @@
+ # Like build-req, but protect your private key
+ # with a password.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --csr --pass $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --csr --pass $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/clean-all openvpn-2.2.0/easy-rsa/2.0/clean-all
+--- openvpn-2.2.0-orig/easy-rsa/2.0/clean-all 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/clean-all 2011-04-27 22:44:36.544210785 +0200
+@@ -4,6 +4,10 @@
+ # Note that this script does a
+ # rm -rf on $KEY_DIR so be careful!
+
++if [ -z "$EASY_RSA" ]; then
++ . /etc/easy-rsa/vars
++fi
++
+ if [ "$KEY_DIR" ]; then
+ rm -rf "$KEY_DIR"
+ mkdir "$KEY_DIR" && \
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/inherit-inter openvpn-2.2.0/easy-rsa/2.0/inherit-inter
+--- openvpn-2.2.0-orig/easy-rsa/2.0/inherit-inter 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/inherit-inter 2011-04-27 22:45:20.809580498 +0200
+@@ -9,6 +9,10 @@
+ # To build an intermediate CA, follow the same steps for a regular PKI but
+ # replace ./build-key or ./pkitool --initca with this script.
+
++if [ -z "$EASY_RSA" ]; then
++ . /etc/easy-rsa/vars
++fi
++
+ # The EXPORT_CA file will contain the CA certificate chain and should be
+ # referenced by the OpenVPN "ca" directive in config files. The ca.crt file
+ # will only contain the local intermediate CA -- it's needed by the easy-rsa
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/list-crl openvpn-2.2.0/easy-rsa/2.0/list-crl
+--- openvpn-2.2.0-orig/easy-rsa/2.0/list-crl 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/list-crl 2011-04-27 22:46:23.149114937 +0200
+@@ -2,11 +2,15 @@
+
+ # list revoked certificates
+
++if [ -z "$EASY_RSA" ]; then
++ . /etc/easy-rsa/vars
++fi
++
+ CRL="${1:-crl.pem}"
+
+ if [ "$KEY_DIR" ]; then
+ cd "$KEY_DIR" && \
+- $OPENSSL crl -text -noout -in "$CRL"
++ openssl crl -text -noout -in "$CRL"
+ else
+ echo 'Please source the vars script first (i.e. "source ./vars")'
+ echo 'Make sure you have edited it to reflect your configuration.'
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/pkitool openvpn-2.2.0/easy-rsa/2.0/pkitool
+--- openvpn-2.2.0-orig/easy-rsa/2.0/pkitool 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/pkitool 2011-04-27 22:53:35.735697923 +0200
+@@ -42,6 +42,10 @@
+ exit 1
+ }
+
++if [ -z "$EASY_RSA" ]; then
++ . /etc/easy-rsa/vars
++fi
++
+ need_vars()
+ {
+ echo ' Please edit the vars script to reflect your configuration,'
+@@ -172,16 +176,16 @@
+ if [ -z "$PKCS11_LABEL" ]; then
+ die "Please specify library name, slot and label"
+ fi
+- $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-token --slot "$PKCS11_SLOT" \
++ pkcs11-tool --module "$PKCS11_MODULE_PATH" --init-token --slot "$PKCS11_SLOT" \
+ --label "$PKCS11_LABEL" &&
+- $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-pin --slot "$PKCS11_SLOT"
++ pkcs11-tool --module "$PKCS11_MODULE_PATH" --init-pin --slot "$PKCS11_SLOT"
+ exit $?;;
+ --pkcs11-slots)
+ PKCS11_MODULE_PATH="$2"
+ if [ -z "$PKCS11_MODULE_PATH" ]; then
+ die "Please specify library name"
+ fi
+- $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-slots
++ pkcs11-tool --module "$PKCS11_MODULE_PATH" --list-slots
+ exit 0;;
+ --pkcs11-objects)
+ PKCS11_MODULE_PATH="$2"
+@@ -189,7 +193,7 @@
+ if [ -z "$PKCS11_SLOT" ]; then
+ die "Please specify library name and slot"
+ fi
+- $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-objects --login --slot "$PKCS11_SLOT"
++ pkcs11-tool --module "$PKCS11_MODULE_PATH" --list-objects --login --slot "$PKCS11_SLOT"
+ exit 0;;
+
+ --help|--usage)
+@@ -206,7 +210,7 @@
+ done
+
+ if ! [ -z "$BATCH" ]; then
+- if $OPENSSL version | grep 0.9.6 > /dev/null; then
++ if openssl version | grep 0.9.6 > /dev/null; then
+ die "Batch mode is unsupported in openssl<0.9.7"
+ fi
+ fi
+@@ -311,7 +315,7 @@
+
+ # Make sure $KEY_CONFIG points to the correct version
+ # of openssl.cnf
+- if $GREP -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then
++ if grep -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then
+ :
+ else
+ echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to the wrong"
+@@ -322,7 +326,7 @@
+
+ # Build root CA
+ if [ $DO_ROOT -eq 1 ]; then
+- $OPENSSL req $BATCH -days $CA_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE -sha1 \
++ openssl req $BATCH -days $CA_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE -sha1 \
+ -x509 -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \
+ chmod 0600 "$CA.key"
+ else
+@@ -345,7 +349,7 @@
+ export PKCS11_PIN
+
+ echo "Generating key pair on PKCS#11 token..."
+- $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --keypairgen \
++ pkcs11-tool --module "$PKCS11_MODULE_PATH" --keypairgen \
+ --login --pin "$PKCS11_PIN" \
+ --key-type rsa:1024 \
+ --slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" || exit 1
+@@ -353,19 +357,19 @@
+ fi
+
+ # Build cert/key
+- ( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \
++ ( [ $DO_REQ -eq 0 ] || openssl req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \
+ -keyout "$FN.key" -out "$FN.csr" $REQ_EXT -config "$KEY_CONFIG" $PKCS11_ARGS ) && \
+- ( [ $DO_CA -eq 0 ] || $OPENSSL ca $BATCH -days $KEY_EXPIRE -out "$FN.crt" \
++ ( [ $DO_CA -eq 0 ] || openssl ca $BATCH -days $KEY_EXPIRE -out "$FN.crt" \
+ -in "$FN.csr" $CA_EXT -md sha1 -config "$KEY_CONFIG" ) && \
+- ( [ $DO_P12 -eq 0 ] || $OPENSSL pkcs12 -export -inkey "$FN.key" \
++ ( [ $DO_P12 -eq 0 ] || openssl pkcs12 -export -inkey "$FN.key" \
+ -in "$FN.crt" -certfile "$CA.crt" -out "$FN.p12" $NODES_P12 ) && \
+ ( [ $DO_CA -eq 0 -o $DO_P11 -eq 1 ] || chmod 0600 "$FN.key" ) && \
+ ( [ $DO_P12 -eq 0 ] || chmod 0600 "$FN.p12" )
+
+ # Load certificate into PKCS#11 token
+ if [ $DO_P11 -eq 1 ]; then
+- $OPENSSL x509 -in "$FN.crt" -inform PEM -out "$FN.crt.der" -outform DER && \
+- $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --write-object "$FN.crt.der" --type cert \
++ openssl x509 -in "$FN.crt" -inform PEM -out "$FN.crt.der" -outform DER && \
++ pkcs11-tool --module "$PKCS11_MODULE_PATH" --write-object "$FN.crt.der" --type cert \
+ --login --pin "$PKCS11_PIN" \
+ --slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL"
+ [ -e "$FN.crt.der" ]; rm "$FN.crt.der"
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/revoke-full openvpn-2.2.0/easy-rsa/2.0/revoke-full
+--- openvpn-2.2.0-orig/easy-rsa/2.0/revoke-full 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/revoke-full 2011-04-27 22:56:07.449351374 +0200
+@@ -3,6 +3,10 @@
+ # revoke a certificate, regenerate CRL,
+ # and verify revocation
+
++if [ -z "$EASY_RSA" ]; then
++ . /etc/easy-rsa/vars
++fi
++
+ CRL="crl.pem"
+ RT="revoke-test.pem"
+
+@@ -21,11 +25,11 @@
+ export KEY_NAME=""
+
+ # revoke key and generate a new CRL
+- $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG"
++ openssl ca -revoke "$1" -config "$KEY_CONFIG"
+
+ # generate a new CRL -- try to be compatible with
+ # intermediate PKIs
+- $OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG"
++ openssl ca -gencrl -out "$CRL" -config "$KEY_CONFIG"
+ if [ -e export-ca.crt ]; then
+ cat export-ca.crt "$CRL" >"$RT"
+ else
+@@ -33,7 +37,7 @@
+ fi
+
+ # verify the revocation
+- $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt"
++ openssl verify -CAfile "$RT" -crl_check "$1"
+ else
+ echo 'Please source the vars script first (i.e. "source ./vars")'
+ echo 'Make sure you have edited it to reflect your configuration.'
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/sign-req openvpn-2.2.0/easy-rsa/2.0/sign-req
+--- openvpn-2.2.0-orig/easy-rsa/2.0/sign-req 2011-04-06 18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/sign-req 2011-04-27 22:56:46.124465700 +0200
+@@ -3,5 +3,5 @@
+ # Sign a certificate signing request (a .csr file)
+ # with a local root certificate and key.
+
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --sign $*
++export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
++/usr/sbin/pkitool --interact --sign $*
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/vars openvpn-2.2.0/easy-rsa/2.0/vars
+--- openvpn-2.2.0-orig/easy-rsa/2.0/vars 2010-10-21 11:18:17.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/vars 2011-04-27 22:58:41.789791888 +0200
+@@ -12,21 +12,12 @@
+ # This variable should point to
+ # the top level of the easy-rsa
+ # tree.
+-export EASY_RSA="`pwd`"
+-
+-#
+-# This variable should point to
+-# the requested executables
+-#
+-export OPENSSL="openssl"
+-export PKCS11TOOL="pkcs11-tool"
+-export GREP="grep"
+-
++export EASY_RSA="/etc/easy-rsa"
+
+ # This variable should point to
+ # the openssl.cnf file included
+ # with easy-rsa.
+-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
++export KEY_CONFIG="$EASY_RSA/openssl.cnf"
+
+ # Edit this variable to point to
+ # your soon-to-be-created key
+@@ -38,9 +29,6 @@
+ # it correctly!
+ export KEY_DIR="$EASY_RSA/keys"
+
+-# Issue rm -rf warning
+-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
+-
+ # PKCS11 fixes
+ export PKCS11_MODULE_PATH="dummy"
+ export PKCS11_PIN="dummy"
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/easy-rsa.git/commitdiff/7b891ac12ed24aca1bf8ce7e1ad72c05c9df7518
More information about the pld-cvs-commit
mailing list