Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2018-12-04 20:55:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new.19453 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "easy-rsa" Tue Dec 4 20:55:45 2018 rev:9 rq:653612 version:3.0.5 Changes: -------- --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes 2018-01-30 15:44:29.838342664 +0100 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new.19453/easy-rsa.changes 2018-12-04 20:56:12.440727393 +0100 @@ -1,0 +2,13 @@ +Fri Nov 30 11:10:10 UTC 2018 - [email protected] + +- update to 3.0.5 + * Fix #17 & #58: use AES256 for CA key + * Also, don't use read -s, use stty -echo + * Fix broken "nopass" option + * Add -r to read to stop errors reported by shellcheck (and to behave) + * remove overzealous quotes around $pkcs_opts (more SC errors) +- update and rebase suse-packaging.patch + * fix: set_var EASYRSA in vars.example +- fix License + +------------------------------------------------------------------- Old: ---- EasyRSA-3.0.4.tgz EasyRSA-3.0.4.tgz.sig New: ---- EasyRSA-nix-3.0.5.tgz EasyRSA-nix-3.0.5.tgz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ easy-rsa.spec ++++++ --- /var/tmp/diff_new_pack.oAmE96/_old 2018-12-04 20:56:13.404726324 +0100 +++ /var/tmp/diff_new_pack.oAmE96/_new 2018-12-04 20:56:13.404726324 +0100 @@ -17,15 +17,17 @@ # +%define pname EasyRSA-nix + Name: easy-rsa -Version: 3.0.4 +Version: 3.0.5 Release: 0 Summary: CLI utility to build and manage a PKI CA -License: GPL-2.0 +License: GPL-2.0-or-later Group: Productivity/Networking/Security Url: https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz -Source1: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig +Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz +Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys Source2: %{name}.keyring Patch100: suse-packaging.patch @@ -38,24 +40,30 @@ certificates, including sub-CAs, and create Certificate Revokation Lists (CRL). %prep +#setup -q -n %{pname}-%{version} %setup -q -n EasyRSA-%{version} -%patch100 -p1 +%patch100 %build %install -install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types -install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ +install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/ +install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types +install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/ +install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/ +install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/ install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa %files %defattr(-,root,root) -%doc gpl-2.0.txt README.quickstart.md COPYING.md +%doc ChangeLog README.md README.quickstart.md %doc doc/* +%if 0%{?sle_version} == 11 || 0%{?sle_version} <= 120400 +%doc COPYING.md gpl-2.0.txt +%else +%license COPYING.md gpl-2.0.txt +%endif %{_bindir}/easyrsa -%config(noreplace) %{_sysconfdir}/easy-rsa +%config(noreplace) %{_sysconfdir}/%{name} %changelog ++++++ suse-packaging.patch ++++++ --- /var/tmp/diff_new_pack.oAmE96/_old 2018-12-04 20:56:13.444726280 +0100 +++ /var/tmp/diff_new_pack.oAmE96/_new 2018-12-04 20:56:13.444726280 +0100 @@ -1,36 +1,62 @@ -*** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.431057777 +0200 ---- easyrsa3/easyrsa 2017-07-19 05:24:59.583924924 +0200 -*************** -*** 1014,1020 **** - vars= - - # set up program path -! prog_vars="${0%/*}/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - ---- 1014,1020 ---- - vars= - - # set up program path -! prog_vars="/etc/easy-rsa/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - -*************** -*** 1041,1047 **** - fi - - # Set defaults, preferring existing env-vars if present -! set_var EASYRSA "${0%/*}" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only ---- 1041,1047 ---- - fi - - # Set defaults, preferring existing env-vars if present -! set_var EASYRSA "/etc/easy-rsa" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only +--- easyrsa.orig 2018-09-15 06:21:19.000000000 +0200 ++++ easyrsa 2018-12-03 23:38:04.420888219 +0100 +@@ -315,7 +315,7 @@ + EASYRSA_PKI env-var undefined" + + # make safessl-easyrsa.cnf +- make_ssl_config ++ [ "$1" == "no_safe_ssl_config" ] || make_ssl_config + + # Verify EASYRSA_OPENSSL command gives expected output + if [ -z "$EASYRSA_SSL_OK" ]; then +@@ -415,7 +415,7 @@ + + # init-pki backend: + init_pki() { +- vars_source_check ++ vars_source_check no_safe_ssl_config + + # If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH) + if [ -e "$EASYRSA_PKI" ]; then +@@ -1124,7 +1124,7 @@ + vars= + + # set up program path +- prog_vars="${0%/*}/vars" ++ prog_vars="/etc/easy-rsa/vars" + # set up PKI path + pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" + +@@ -1154,7 +1154,7 @@ + fi + + # Set defaults, preferring existing env-vars if present +- set_var EASYRSA "${0%/*}" ++ set_var EASYRSA "/etc/easy-rsa" + set_var EASYRSA_OPENSSL openssl + set_var EASYRSA_PKI "$PWD/pki" + set_var EASYRSA_DN cn_only +@@ -1185,7 +1185,11 @@ + set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf" + set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf" + else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf" +- set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf" ++ if touch "$EASYRSA/safessl-easyrsa.cnf" &>/dev/null; then ++ set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf" ++ else ++ set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf" ++ fi + fi + + # Same as above for the x509-types extensions dir +--- vars.example.orig 2018-12-03 23:06:35.863084842 +0100 ++++ vars.example 2018-12-03 23:07:12.538808022 +0100 +@@ -47,7 +47,7 @@ + # itself, which is also where the configuration files are located in the + # easy-rsa tree. + +-#set_var EASYRSA "${0%/*}" ++#set_var EASYRSA "/etc/easy-rsa" + + # If your OpenSSL command is not in the system PATH, you will need to define the + # path to it here. Normally this means a full path to the executable, otherwise
