packages: openvpn/easy-rsa2.patch - adjusted to openvpn-2.2.0

marti Wed, 27 Apr 2011 14:03:57 -0700

Author: marti                        Date: Wed Apr 27 21:03:43 2011 GMT
Module: packages                      Tag: HEAD
---- Log message:
- adjusted to openvpn-2.2.0


---- Files affected:
packages/openvpn:
   easy-rsa2.patch (1.10 -> 1.11) 

---- Diffs:

================================================================
Index: packages/openvpn/easy-rsa2.patch
diff -u packages/openvpn/easy-rsa2.patch:1.10 
packages/openvpn/easy-rsa2.patch:1.11
--- packages/openvpn/easy-rsa2.patch:1.10       Sun Nov 30 00:18:20 2008
+++ packages/openvpn/easy-rsa2.patch    Wed Apr 27 23:03:38 2011
@@ -1,10 +1,7 @@
---- openvpn-2.1_rc4/easy-rsa/2.0/build-ca      2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-ca 2007-09-18 14:08:03.688714502 
+0300
-@@ -1,8 +1,8 @@
--#!/bin/bash
-+#!/bin/sh
- 
- #
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-ca 
openvpn-2.2.0/easy-rsa/2.0/build-ca
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-ca   2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-ca        2011-04-27 22:34:59.357652908 
+0200
+@@ -4,5 +4,5 @@
  # Build a root certificate
  #
  
@@ -12,30 +9,27 @@
 -"$EASY_RSA/pkitool" --interact --initca $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --initca $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-dh      2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-dh 2007-09-18 14:08:03.688714502 
+0300
-@@ -1,10 +1,13 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-dh 
openvpn-2.2.0/easy-rsa/2.0/build-dh
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-dh   2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-dh        2011-04-27 22:36:11.867656490 
+0200
+@@ -3,8 +3,12 @@
  # Build Diffie-Hellman parameters for the server side
  # of an SSL/TLS connection.
+ 
 +if [ -z "$EASY_RSA" ]; then
-+      . /etc/easy-rsa/vars
++       . /etc/easy-rsa/vars
 +fi
- 
++
  if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then
 -    $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
 +    openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
  else
      echo 'Please source the vars script first (i.e. "source ./vars")'
      echo 'Make sure you have edited it to reflect your configuration.'
---- openvpn-2.1_rc4/easy-rsa/2.0/build-inter   2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-inter      2007-09-18 
14:08:03.688714502 +0300
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-inter 
openvpn-2.2.0/easy-rsa/2.0/build-inter
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-inter        2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-inter     2011-04-27 22:37:59.789289422 
+0200
+@@ -3,5 +3,5 @@
  # Make an intermediate CA certificate/private key pair using a locally 
generated
  # root certificate.
  
@@ -43,12 +37,10 @@
 -"$EASY_RSA/pkitool" --interact --inter $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --inter $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-key     2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key        2007-09-18 
14:08:03.688714502 +0300
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key 
openvpn-2.2.0/easy-rsa/2.0/build-key
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key  2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key       2011-04-27 22:38:35.330924876 
+0200
+@@ -3,5 +3,5 @@
  # Make a certificate/private key pair using a locally generated
  # root certificate.
  
@@ -56,12 +48,10 @@
 -"$EASY_RSA/pkitool" --interact $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-key-pass        2007-04-26 
00:38:44.000000000 +0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-pass   2007-09-18 
14:08:03.688714502 +0300
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pass 
openvpn-2.2.0/easy-rsa/2.0/build-key-pass
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pass     2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key-pass  2011-04-27 22:39:23.919827311 
+0200
+@@ -3,5 +3,5 @@
  # Similar to build-key, but protect the private key
  # with a password.
  
@@ -69,13 +59,10 @@
 -"$EASY_RSA/pkitool" --interact --pass $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --pass $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-key-pkcs12      2007-04-26 
00:38:44.000000000 +0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-pkcs12 2007-09-18 
14:08:03.698714729 +0300
-@@ -1,8 +1,8 @@
--#!/bin/bash
-+#!/bin/sh
- 
- # Make a certificate/private key pair using a locally generated
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pkcs12 
openvpn-2.2.0/easy-rsa/2.0/build-key-pkcs12
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key-pkcs12   2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key-pkcs12        2011-04-27 
22:40:10.288627524 +0200
+@@ -4,5 +4,5 @@
  # root certificate and convert it to a PKCS #12 file including the
  # the CA certificate as well.
  
@@ -83,14 +70,9 @@
 -"$EASY_RSA/pkitool" --interact --pkcs12 $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --pkcs12 $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-key-server      2007-04-26 
00:38:44.000000000 +0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-key-server 2007-09-18 
14:08:03.698714729 +0300
-@@ -1,4 +1,4 @@
--#!/bin/bash
-+#!/bin/sh
- 
- # Make a certificate/private key pair using a locally generated
- # root certificate.
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-key-server 
openvpn-2.2.0/easy-rsa/2.0/build-key-server
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-key-server   2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-key-server        2011-04-27 
22:41:24.715385295 +0200
 @@ -6,5 +6,5 @@
  # Explicitly set nsCertType to server using the "server"
  # extension in the openssl.cnf file.
@@ -99,12 +81,10 @@
 -"$EASY_RSA/pkitool" --interact --server $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --server $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-req     2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-req        2007-09-18 
14:08:03.698714729 +0300
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-req 
openvpn-2.2.0/easy-rsa/2.0/build-req
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-req  2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-req       2011-04-27 22:41:59.636992013 
+0200
+@@ -3,5 +3,5 @@
  # Build a certificate signing request and private key.  Use this
  # when your root certificate and key is not available locally.
  
@@ -112,12 +92,10 @@
 -"$EASY_RSA/pkitool" --interact --csr $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --csr $*
---- openvpn-2.1_rc4/easy-rsa/2.0/build-req-pass        2007-04-26 
00:38:44.000000000 +0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/build-req-pass   2007-09-18 
14:08:03.698714729 +0300
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/build-req-pass 
openvpn-2.2.0/easy-rsa/2.0/build-req-pass
+--- openvpn-2.2.0-orig/easy-rsa/2.0/build-req-pass     2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/build-req-pass  2011-04-27 22:43:36.938135257 
+0200
+@@ -3,5 +3,5 @@
  # Like build-req, but protect your private key
  # with a password.
  
@@ -125,53 +103,45 @@
 -"$EASY_RSA/pkitool" --interact --csr --pass $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --csr --pass $*
---- openvpn-2.1_rc4/easy-rsa/2.0/clean-all     2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/clean-all        2007-09-18 
14:08:03.698714729 +0300
-@@ -1,9 +1,13 @@
--#!/bin/bash
-+#!/bin/sh
- 
- # Initialize the $KEY_DIR directory.
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/clean-all 
openvpn-2.2.0/easy-rsa/2.0/clean-all
+--- openvpn-2.2.0-orig/easy-rsa/2.0/clean-all  2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/clean-all       2011-04-27 22:44:36.544210785 
+0200
+@@ -4,6 +4,10 @@
  # Note that this script does a
  # rm -rf on $KEY_DIR so be careful!
  
 +if [ -z "$EASY_RSA" ]; then
-+      . /etc/easy-rsa/vars
++       . /etc/easy-rsa/vars
 +fi
 +
  if [ "$KEY_DIR" ]; then
      rm -rf "$KEY_DIR"
      mkdir "$KEY_DIR" && \
---- openvpn-2.1_rc4/easy-rsa/2.0/inherit-inter 2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/inherit-inter    2007-09-18 
14:08:03.698714729 +0300
-@@ -1,4 +1,4 @@
--#!/bin/bash
-+#!/bin/sh
- 
- # Build a new PKI which is rooted on an intermediate certificate generated
- # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/inherit-inter 
openvpn-2.2.0/easy-rsa/2.0/inherit-inter
+--- openvpn-2.2.0-orig/easy-rsa/2.0/inherit-inter      2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/inherit-inter   2011-04-27 22:45:20.809580498 
+0200
 @@ -9,6 +9,10 @@
  # To build an intermediate CA, follow the same steps for a regular PKI but
  # replace ./build-key or ./pkitool --initca with this script.
  
 +if [ -z "$EASY_RSA" ]; then
-+      . /etc/easy-rsa/vars
++       . /etc/easy-rsa/vars
 +fi
 +
  # The EXPORT_CA file will contain the CA certificate chain and should be
  # referenced by the OpenVPN "ca" directive in config files.  The ca.crt file
  # will only contain the local intermediate CA -- it's needed by the easy-rsa
---- openvpn-2.1_rc4/easy-rsa/2.0/list-crl      2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/list-crl 2007-09-18 14:08:03.698714729 
+0300
-@@ -1,12 +1,15 @@
--#!/bin/bash
-+#!/bin/sh
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/list-crl 
openvpn-2.2.0/easy-rsa/2.0/list-crl
+--- openvpn-2.2.0-orig/easy-rsa/2.0/list-crl   2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/list-crl        2011-04-27 22:46:23.149114937 
+0200
+@@ -2,11 +2,15 @@
  
  # list revoked certificates
+ 
 +if [ -z "$EASY_RSA" ]; then
-+      . /etc/easy-rsa/vars
++       . /etc/easy-rsa/vars
 +fi
- 
++
  CRL="${1:-crl.pem}"
  
  if [ "$KEY_DIR" ]; then
@@ -181,20 +151,21 @@
  else
      echo 'Please source the vars script first (i.e. "source ./vars")'
      echo 'Make sure you have edited it to reflect your configuration.'
---- openvpn-2.1_rc4/easy-rsa/2.0/pkitool       2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/pkitool  2007-09-18 14:08:59.219977182 
+0300
-@@ -39,6 +39,10 @@
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/pkitool 
openvpn-2.2.0/easy-rsa/2.0/pkitool
+--- openvpn-2.2.0-orig/easy-rsa/2.0/pkitool    2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/pkitool 2011-04-27 22:53:35.735697923 +0200
+@@ -42,6 +42,10 @@
      exit 1
  }
  
 +if [ -z "$EASY_RSA" ]; then
-+      . /etc/easy-rsa/vars
++       . /etc/easy-rsa/vars
 +fi
 +
  need_vars()
  {
      echo '  Please edit the vars script to reflect your configuration,'
-@@ -164,16 +168,16 @@
+@@ -172,16 +176,16 @@
                     if [ -z "$PKCS11_LABEL" ]; then
                       die "Please specify library name, slot and label"
                     fi
@@ -214,7 +185,7 @@
                     exit 0;;
        --pkcs11-objects)
                     PKCS11_MODULE_PATH="$2"
-@@ -181,7 +185,7 @@
+@@ -189,7 +193,7 @@
                     if [ -z "$PKCS11_SLOT" ]; then
                       die "Please specify library name and slot"
                     fi
@@ -222,8 +193,8 @@
 +                   pkcs11-tool --module "$PKCS11_MODULE_PATH" --list-objects 
--login --slot "$PKCS11_SLOT"
                     exit 0;;
  
-       # errors
-@@ -192,7 +196,7 @@
+         --help|--usage)
+@@ -206,7 +210,7 @@
  done
  
  if ! [ -z "$BATCH" ]; then
@@ -232,7 +203,7 @@
                die "Batch mode is unsupported in openssl<0.9.7"
        fi
  fi
-@@ -285,7 +289,7 @@
+@@ -311,7 +315,7 @@
  
      # Make sure $KEY_CONFIG points to the correct version
      # of openssl.cnf
@@ -241,7 +212,7 @@
        :
      else
        echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to 
the wrong"
-@@ -296,7 +300,7 @@
+@@ -322,7 +326,7 @@
  
      # Build root CA
      if [ $DO_ROOT -eq 1 ]; then
@@ -250,7 +221,7 @@
            -x509 -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \
            chmod 0600 "$CA.key"
      else        
-@@ -319,7 +323,7 @@
+@@ -345,7 +349,7 @@
                export PKCS11_PIN
  
                echo "Generating key pair on PKCS#11 token..."
@@ -259,7 +230,7 @@
                        --login --pin "$PKCS11_PIN" \
                        --key-type rsa:1024 \
                        --slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label 
"$PKCS11_LABEL" || exit 1
-@@ -327,19 +331,19 @@
+@@ -353,19 +357,19 @@
        fi
  
          # Build cert/key
@@ -284,22 +255,22 @@
                        --login --pin "$PKCS11_PIN" \
                        --slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label 
"$PKCS11_LABEL" 
                [ -e "$FN.crt.der" ]; rm "$FN.crt.der"
---- openvpn-2.1_rc4/easy-rsa/2.0/revoke-full   2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/revoke-full      2007-09-18 
14:08:03.698714729 +0300
-@@ -1,7 +1,10 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/revoke-full 
openvpn-2.2.0/easy-rsa/2.0/revoke-full
+--- openvpn-2.2.0-orig/easy-rsa/2.0/revoke-full        2011-04-06 
18:05:52.000000000 +0200
++++ openvpn-2.2.0/easy-rsa/2.0/revoke-full     2011-04-27 22:56:07.449351374 
+0200
+@@ -3,6 +3,10 @@
  # revoke a certificate, regenerate CRL,
  # and verify revocation
+ 
 +if [ -z "$EASY_RSA" ]; then
-+      . /etc/easy-rsa/vars
++       . /etc/easy-rsa/vars
 +fi
- 
++
  CRL="crl.pem"
  RT="revoke-test.pem"
-@@ -20,11 +23,11 @@
-     export KEY_OU=""
+ 
+@@ -21,11 +25,11 @@
+     export KEY_NAME=""
  
      # revoke key and generate a new CRL
 -    $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG"
@@ -312,7 +283,7 @@
      if [ -e export-ca.crt ]; then
        cat export-ca.crt "$CRL" >"$RT"
      else
-@@ -32,7 +35,7 @@
+@@ -33,7 +37,7 @@
      fi
      
      # verify the revocation
@@ -321,12 +292,10 @@
  else
      echo 'Please source the vars script first (i.e. "source ./vars")'
      echo 'Make sure you have edited it to reflect your configuration.'
---- openvpn-2.1_rc4/easy-rsa/2.0/sign-req      2007-04-26 00:38:44.000000000 
+0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/sign-req 2007-09-18 14:08:03.698714729 
+0300
-@@ -1,7 +1,7 @@
--#!/bin/bash
-+#!/bin/sh
- 
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/sign-req 
openvpn-2.2.0/easy-rsa/2.0/sign-req
+--- openvpn-2.2.0-orig/easy-rsa/2.0/sign-req   2011-04-06 18:05:52.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/sign-req        2011-04-27 22:56:46.124465700 
+0200
+@@ -3,5 +3,5 @@
  # Sign a certificate signing request (a .csr file)
  # with a local root certificate and key.
  
@@ -334,8 +303,9 @@
 -"$EASY_RSA/pkitool" --interact --sign $*
 +export EASY_RSA="${EASY_RSA:-/etc/easy-rsa}"
 +/usr/sbin/pkitool --interact --sign $*
---- openvpn-2.1_rc4/easy-rsa/2.0/vars  2007-04-26 00:38:44.000000000 +0300
-+++ openvpn-2.1_rc4-rsa2/easy-rsa/2.0/vars     2007-09-18 14:08:03.698714729 
+0300
+diff -ur openvpn-2.2.0-orig/easy-rsa/2.0/vars openvpn-2.2.0/easy-rsa/2.0/vars
+--- openvpn-2.2.0-orig/easy-rsa/2.0/vars       2010-10-21 11:18:17.000000000 
+0200
++++ openvpn-2.2.0/easy-rsa/2.0/vars    2011-04-27 22:58:41.789791888 +0200
 @@ -12,21 +12,12 @@
  # This variable should point to
  # the top level of the easy-rsa
================================================================

---- CVS-web:
    
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openvpn/easy-rsa2.patch?r1=1.10&r2=1.11&f=u

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

packages: openvpn/easy-rsa2.patch - adjusted to openvpn-2.2.0

Reply via email to