commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2019-02-13 10:07:58 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new.28833 (New) Package is "easy-rsa" Wed Feb 13 10:07:58 2019 rev:10 rq:674316 version:3.0.6 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2018-12-04 20:56:12.440727393 +0100 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new.28833/easy-rsa.changes 2019-02-13 10:08:09.737519083 +0100 @@ -1,0 +2,15 @@ +Tue Feb 12 12:26:17 UTC 2019 - Tuukka Pasanen + +- update to 3.0.6 (2019-02-01) + * Certifcates that are revoked now move to a revoked subdirectory (#63) + * EasyRSA no longer clobbers non-EASYRSA environment variables (#277) + * More sane string checking, allowingn for commas in CN (#267) + * Support for reasonCode in CRL (#280) + * Better handling for capturing passphrases (#230, others) + * Improved LibreSSL/MacOS support + * Adds support to renew certificates up to 30 days before expiration (#286) +- This changes previous behavior allowing for certificate creation using + duplicate CNs. +- update and rebase suse-packaging.patch + +--- Old: EasyRSA-nix-3.0.5.tgz EasyRSA-nix-3.0.5.tgz.sig New: EasyRSA-unix-v3.0.6.tgz EasyRSA-unix-v3.0.6.tgz.sig Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.dxaPzG/_old 2019-02-13 10:08:14.281517926 +0100 +++ /var/tmp/diff_new_pack.dxaPzG/_new 2019-02-13 10:08:14.281517926 +0100 @@ -1,7 +1,7 @@ # # spec file for package easy-rsa # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2015 Stefan Jakobs. # # All modifications and additions to the file contributed by third parties @@ -13,21 +13,21 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -%define pname EasyRSA-nix +%define pname EasyRSA-unix Name: easy-rsa -Version:3.0.5 +Version:3.0.6 Release:0 Summary:CLI utility to build and manage a PKI CA License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz -Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig +Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz +Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz.sig # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys Source2:%{name}.keyring Patch100: suse-packaging.patch @@ -41,7 +41,7 @@ %prep #setup -q -n %{pname}-%{version} -%setup -q -n EasyRSA-%{version} +%setup -q -n EasyRSA-v%{version} %patch100 %build ++ suse-packaging.patch ++ --- /var/tmp/diff_new_pack.dxaPzG/_old 2019-02-13 10:08:14.325517915 +0100 +++ /var/tmp/diff_new_pack.dxaPzG/_new 2019-02-13 10:08:14.329517914 +0100 @@ -1,24 +1,26 @@ easyrsa.orig 2018-09-15 06:21:19.0 +0200 -+++ easyrsa2018-12-03 23:38:04.420888219 +0100 -@@ -315,7 +315,7 @@ - EASYRSA_PKI env-var undefined" +diff --git a/easyrsa b/easyrsa +index e019982..635a2b9 100755 +--- easyrsa easyrsa +@@ -376,7 +376,7 @@ $out" + verify_ssl_lib () { # make safessl-easyrsa.cnf - make_ssl_config + [ "$1" == "no_safe_ssl_config" ] || make_ssl_config # Verify EASYRSA_OPENSSL command gives expected output if [ -z "$EASYRSA_SSL_OK" ]; then -@@ -415,7 +415,7 @@ +@@ -403,7 +403,7 @@ verify_pki_init() { + help_note="Run easyrsa without commands for usage and command help." - # init-pki backend: - init_pki() { + # check that the pki dir exists - vars_source_check + vars_source_check no_safe_ssl_config - - # If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH) - if [ -e "$EASYRSA_PKI" ]; then -@@ -1124,7 +1124,7 @@ + [ -d "$EASYRSA_PKI" ] || die "\ + EASYRSA_PKI does not exist (perhaps you need to run init-pki)? + Expected to find the EASYRSA_PKI at: $EASYRSA_PKI +@@ -1452,7 +1452,7 @@ vars_setup() { vars= # set up program path @@ -27,7 +29,7 @@ # set up PKI path
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2018-12-04 20:55:45 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new.19453 (New) Package is "easy-rsa" Tue Dec 4 20:55:45 2018 rev:9 rq:653612 version:3.0.5 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2018-01-30 15:44:29.838342664 +0100 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new.19453/easy-rsa.changes 2018-12-04 20:56:12.440727393 +0100 @@ -1,0 +2,13 @@ +Fri Nov 30 11:10:10 UTC 2018 - ch...@computersalat.de + +- update to 3.0.5 + * Fix #17 & #58: use AES256 for CA key + * Also, don't use read -s, use stty -echo + * Fix broken "nopass" option + * Add -r to read to stop errors reported by shellcheck (and to behave) + * remove overzealous quotes around $pkcs_opts (more SC errors) +- update and rebase suse-packaging.patch + * fix: set_var EASYRSA in vars.example +- fix License + +--- Old: EasyRSA-3.0.4.tgz EasyRSA-3.0.4.tgz.sig New: EasyRSA-nix-3.0.5.tgz EasyRSA-nix-3.0.5.tgz.sig Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.oAmE96/_old 2018-12-04 20:56:13.404726324 +0100 +++ /var/tmp/diff_new_pack.oAmE96/_new 2018-12-04 20:56:13.404726324 +0100 @@ -17,15 +17,17 @@ # +%define pname EasyRSA-nix + Name: easy-rsa -Version:3.0.4 +Version:3.0.5 Release:0 Summary:CLI utility to build and manage a PKI CA -License:GPL-2.0 +License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz -Source1: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig +Source: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz +Source1: https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig # https://github.com/OpenVPN/easy-rsa/tree/master/release-keys Source2:%{name}.keyring Patch100: suse-packaging.patch @@ -38,24 +40,30 @@ certificates, including sub-CAs, and create Certificate Revokation Lists (CRL). %prep +#setup -q -n %{pname}-%{version} %setup -q -n EasyRSA-%{version} -%patch100 -p1 +%patch100 %build %install -install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types -install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ +install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/ +install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types +install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/ +install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/ +install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/ install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa %files %defattr(-,root,root) -%doc gpl-2.0.txt README.quickstart.md COPYING.md +%doc ChangeLog README.md README.quickstart.md %doc doc/* +%if 0%{?sle_version} == 11 || 0%{?sle_version} <= 120400 +%doc COPYING.md gpl-2.0.txt +%else +%license COPYING.md gpl-2.0.txt +%endif %{_bindir}/easyrsa -%config(noreplace) %{_sysconfdir}/easy-rsa +%config(noreplace) %{_sysconfdir}/%{name} %changelog ++ suse-packaging.patch ++ --- /var/tmp/diff_new_pack.oAmE96/_old 2018-12-04 20:56:13.444726280 +0100 +++ /var/tmp/diff_new_pack.oAmE96/_new 2018-12-04 20:56:13.444726280 +0100 @@ -1,36 +1,62 @@ -*** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.43105 +0200 easyrsa3/easyrsa 2017-07-19 05:24:59.583924924 +0200 -*** -*** 1014,1020 - vars= - - # set up program path -! prog_vars="${0%/*}/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - 1014,1020 - vars= - - # set up program path -! prog_vars="/etc/easy-rsa/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - -*** -*** 1041,1047 - fi - - # Set defaults, preferring existing env-vars if present -! set_var EASYRSA "${0%/*}" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only 1041,1047 - fi - - # Set defaults,
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2018-01-30 15:44:13 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Tue Jan 30 15:44:13 2018 rev:8 rq:570787 version:3.0.4 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-10-26 18:44:14.496350296 +0200 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2018-01-30 15:44:29.838342664 +0100 @@ -1,0 +2,8 @@ +Sun Jan 28 19:05:46 UTC 2018 - seroto...@gmail.com + +- Upgrade to version 3.0.4 + * Remove use of egrep (#154) + * Finally(?) fix the subjectAltName issues (really fixes #168) +- Improve RPM description + +--- Old: EasyRSA-3.0.3.tgz EasyRSA-3.0.3.tgz.sig New: EasyRSA-3.0.4.tgz EasyRSA-3.0.4.tgz.sig Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.hj9Ekj/_old 2018-01-30 15:44:30.342319136 +0100 +++ /var/tmp/diff_new_pack.hj9Ekj/_new 2018-01-30 15:44:30.346318950 +0100 @@ -1,7 +1,7 @@ # # spec file for package easy-rsa # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2015 Stefan Jakobs. # # All modifications and additions to the file contributed by third parties @@ -18,7 +18,7 @@ Name: easy-rsa -Version:3.0.3 +Version:3.0.4 Release:0 Summary:CLI utility to build and manage a PKI CA License:GPL-2.0 @@ -33,9 +33,9 @@ BuildArch: noarch %description -easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms, -this means to create a root certificate authority, and request and sign -certificates, including sub-CAs and certificate revokation lists (CRL). +easy-rsa is a CLI utility to build and manage a Public Key Infrastructure +(PKI). Once the Certificate Authority (CA) is created, you can request and sign +certificates, including sub-CAs, and create Certificate Revokation Lists (CRL). %prep %setup -q -n EasyRSA-%{version} @@ -47,7 +47,7 @@ install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 openssl-1.0.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf +install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/ install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa ++ EasyRSA-3.0.3.tgz -> EasyRSA-3.0.4.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/ChangeLog new/EasyRSA-3.0.4/ChangeLog --- old/EasyRSA-3.0.3/ChangeLog 2015-09-03 01:54:57.0 +0200 +++ new/EasyRSA-3.0.4/ChangeLog 2018-01-21 16:37:25.0 +0100 @@ -1,5 +1,27 @@ Easy-RSA 3 ChangeLog +3.0.4 (TBD) +* Remove use of egrep (#154) +* Integrate with Travis-CI (#165) +* Remove "local" from variable assignment (#165) +* Other changes related to Travis-CI fixes + * Assign values to variables defined previously w/local +* Finally(?) fix the subjectAltName issues I presented earlier (really +fixes #168 + +3.0.3 (2017-08-22) +* Include mktemp windows binary +* copy CSR extensions into signed certificate + + +3.0.2 (2017-08-21) +* add missing windows binaries + + +3.0.1 (2015-10-25) +* correct some packaging errors + + 3.0.0 (2015-09-07) * cab4a07 Fix typo: Hellman diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/README.md new/EasyRSA-3.0.4/README.md --- old/EasyRSA-3.0.3/README.md 1970-01-01 01:00:00.0 +0100 +++ new/EasyRSA-3.0.4/README.md 2018-01-21 16:37:25.0 +0100 @@ -0,0 +1,52 @@ +# Overview + +easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms, +this means to create a root certificate authority, and request and sign +certificates, including sub-CAs and certificate revocation lists (CRL). + +# Downloads + +If you are looking for release downloads, please see the releases section on +GitHub. Releases are also available as source checkouts using named tags. + +# Documentation + +For 3.x project documentation and usage, see the [README.quickstart.md](README.quickstart.md) file or +the more detailed docs under the doc/ directory. The .md files are in Markdown +format and can be converted to html files as desired for release packages, or +read as-is in plaintext. + +# Getting help using easy-rsa +
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2017-10-26 18:44:10 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Thu Oct 26 18:44:10 2017 rev:7 rq:535010 version:3.0.3 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-10-18 10:55:05.395902697 +0200 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-10-26 18:44:14.496350296 +0200 @@ -1,0 +2,6 @@ +Wed Oct 18 08:40:40 UTC 2017 - astie...@suse.com + +- update release tarball instead of git snapshot +- add upstream signing keyring and verify source signature + +--- Old: v3.0.3.tar.gz New: EasyRSA-3.0.3.tgz EasyRSA-3.0.3.tgz.sig easy-rsa.keyring Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.4dQt7I/_old 2017-10-26 18:44:15.384308856 +0200 +++ /var/tmp/diff_new_pack.4dQt7I/_new 2017-10-26 18:44:15.388308669 +0200 @@ -24,7 +24,10 @@ License:GPL-2.0 Group: Productivity/Networking/Security Url:https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/easy-rsa/archive/v%{version}.tar.gz +Source: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz +Source1: https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig +# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys +Source2:%{name}.keyring Patch100: suse-packaging.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch @@ -35,23 +38,22 @@ certificates, including sub-CAs and certificate revokation lists (CRL). %prep -%setup -q -%patch100 -p0 +%setup -q -n EasyRSA-%{version} +%patch100 -p1 %build %install install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types -install -Dm0644 easyrsa3/vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ -install -Dm0644 easyrsa3/openssl-1.0.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf -install -Dm0644 easyrsa3/x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ -install -Dm0755 easyrsa3/easyrsa %{buildroot}/%{_bindir}/easyrsa +install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ +install -Dm0644 openssl-1.0.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf +install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ +install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa %files %defattr(-,root,root) -%doc KNOWN_ISSUES README.md README.quickstart.md COPYING.md -%doc Licensing/* +%doc gpl-2.0.txt README.quickstart.md COPYING.md %doc doc/* %{_bindir}/easyrsa %config(noreplace) %{_sysconfdir}/easy-rsa ++ easy-rsa.keyring ++ 1745 lines (skipped)
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2017-10-18 10:55:04 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Wed Oct 18 10:55:04 2017 rev:6 rq:534600 version:3.0.3 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-09-12 19:54:11.829181862 +0200 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-10-18 10:55:05.395902697 +0200 @@ -1,0 +2,20 @@ +Mon Oct 16 06:38:49 UTC 2017 - seroto...@gmail.com + +- Update to version 3.0.3 +- Rename easy-rsa-packaging.patch to suse-packaging.patch +- Remove obsolete upstream patches: + * f174800.patch + * 29d4dee.patch + * b93d0a1.patch + * fb4d8d8.patch + * b75faa4.patch + * 6436eaf.patch + * e9e8e27.patch + * 534f673.patch + * d20d2b3.patch + * 4eac410.patch + * a138c0d.patch + * 83a1a21.patch + + +--- Old: 29d4dee.patch 3.0.1.tar.gz 4eac410.patch 534f673.patch 6436eaf.patch 83a1a21.patch a138c0d.patch b75faa4.patch b93d0a1.patch d20d2b3.patch e9e8e27.patch easy-rsa-packaging.patch f174800.patch fb4d8d8.patch New: suse-packaging.patch v3.0.3.tar.gz Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.9gVLPY/_old 2017-10-18 10:55:11.475617475 +0200 +++ /var/tmp/diff_new_pack.9gVLPY/_new 2017-10-18 10:55:11.479617288 +0200 @@ -18,40 +18,14 @@ Name: easy-rsa -Version:3.0.1 +Version:3.0.3 Release:0 Summary:CLI utility to build and manage a PKI CA License:GPL-2.0 Group: Productivity/Networking/Security Url:https://github.com/OpenVPN/easy-rsa -Source: https://github.com/OpenVPN/easy-rsa/archive/%{version}.tar.gz -# Fixed upstream issues -# Generate random serial number for all certificates -Patch0: https://github.com/OpenVPN/easy-rsa/commit/f174800.patch -# Fixes #91 basename: invalid option -- 's'. -Patch1: https://github.com/OpenVPN/easy-rsa/commit/29d4dee.patch -# spelling fixes and setence structure improvements -Patch2: https://github.com/OpenVPN/easy-rsa/commit/b93d0a1.patch -# Fix comment indicating the end of the function verify_file() comment. -Patch3: https://github.com/OpenVPN/easy-rsa/commit/fb4d8d8.patch -# Convert README and COPYING into markdown files -Patch4: https://github.com/OpenVPN/easy-rsa/commit/b75faa4.patch -# Add CN as SAN (if none requested) on server certs by default -Patch5: https://github.com/OpenVPN/easy-rsa/commit/6436eaf.patch -# Moved @ValdikSS's serial randomization to sign_req -Patch6: https://github.com/OpenVPN/easy-rsa/commit/e9e8e27.patch -# Make $PWD/pki the default PKI location -Patch7: https://github.com/OpenVPN/easy-rsa/commit/534f673.patch -# Update docs and examples to fit changes in 534f673 -Patch8: https://github.com/OpenVPN/easy-rsa/commit/d20d2b3.patch -# Fix string comprehension -Patch9: https://github.com/OpenVPN/easy-rsa/commit/4eac410.patch -# Fix incorrect "openssl rand" usage -Patch10:https://github.com/OpenVPN/easy-rsa/commit/a138c0d.patch -# Add --copy-ext option -Patch11:https://github.com/OpenVPN/easy-rsa/commit/83a1a21.patch -# openSUSE specific -Patch100: easy-rsa-packaging.patch +Source: https://github.com/OpenVPN/easy-rsa/archive/v%{version}.tar.gz +Patch100: suse-packaging.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch @@ -62,27 +36,8 @@ %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 %patch100 -p0 -# Add this for SLE11, patch tool can't rename file. -# Next release we should publish .md documentation. -%if 0%{?sles_version} > 0 && 0%{?sles_version} < 12 -mv -v COPYING COPYING.md -mv -v README README.md -%endif - %build %install ++ suse-packaging.patch ++ *** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.43105 +0200 --- easyrsa3/easyrsa2017-07-19 05:24:59.583924924 +0200 *** *** 1014,1020 local vars= # set up program path ! local prog_vars="${0%/*}/vars" # set up PKI path local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" --- 1014,1020 local vars= # set up program path ! local prog_vars="/etc/easy-rsa/vars" # set up PKI path local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" *** *** 1041,1047 fi # Set
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2017-09-12 19:54:05 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Tue Sep 12 19:54:05 2017 rev:5 rq:522753 version:3.0.1 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-07-25 11:41:33.746463623 +0200 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-09-12 19:54:11.829181862 +0200 @@ -1,0 +2,29 @@ +Wed Aug 23 09:06:23 UTC 2017 - seroto...@gmail.com + +- Include upstream patches: + + 4eac410.patch + Fix string comprehension + + a138c0d.patch + Fix incorrect "openssl rand" usage + + 83a1a21.patch + Add --copy-ext option + + +--- +Fri Jul 28 21:27:09 UTC 2017 - seroto...@gmail.com + +- Include upstream patches: + + d20d2b3.patch + Update docs and examples to fit changes in 534f673 +- Adapted easy-rsa-packaging.patch to work with upstream patch + +--- +Mon Jul 24 23:04:34 UTC 2017 - seroto...@gmail.com + +- Include upstream patches: + + 534f673.patch + Make $PWD/pki the default PKI location +- Adapted easy-rsa-packaging.patch to work with upstream patch +- Treat /etc/easy-rsa as public default config, no default vars + +--- New: 4eac410.patch 534f673.patch 83a1a21.patch a138c0d.patch d20d2b3.patch Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.GxWzqy/_old 2017-09-12 19:54:12.573077266 +0200 +++ /var/tmp/diff_new_pack.GxWzqy/_new 2017-09-12 19:54:12.573077266 +0200 @@ -40,6 +40,16 @@ Patch5: https://github.com/OpenVPN/easy-rsa/commit/6436eaf.patch # Moved @ValdikSS's serial randomization to sign_req Patch6: https://github.com/OpenVPN/easy-rsa/commit/e9e8e27.patch +# Make $PWD/pki the default PKI location +Patch7: https://github.com/OpenVPN/easy-rsa/commit/534f673.patch +# Update docs and examples to fit changes in 534f673 +Patch8: https://github.com/OpenVPN/easy-rsa/commit/d20d2b3.patch +# Fix string comprehension +Patch9: https://github.com/OpenVPN/easy-rsa/commit/4eac410.patch +# Fix incorrect "openssl rand" usage +Patch10:https://github.com/OpenVPN/easy-rsa/commit/a138c0d.patch +# Add --copy-ext option +Patch11:https://github.com/OpenVPN/easy-rsa/commit/83a1a21.patch # openSUSE specific Patch100: easy-rsa-packaging.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -59,8 +69,12 @@ %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 %patch100 -p0 -sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"%{_sysconfdir}/easy-rsa";' easyrsa3/vars.example # Add this for SLE11, patch tool can't rename file. # Next release we should publish .md documentation. @@ -72,9 +86,9 @@ %build %install -install -dm0700 %{buildroot}/%{_sysconfdir}/easy-rsa/ +install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/ install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types -install -Dm0644 easyrsa3/vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/vars +install -Dm0644 easyrsa3/vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/ install -Dm0644 easyrsa3/openssl-1.0.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf install -Dm0644 easyrsa3/x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ install -Dm0755 easyrsa3/easyrsa %{buildroot}/%{_bindir}/easyrsa ++ 4eac410.patch ++ >From 4eac410bce13a4730aa160ba48e6fa0aef7edd7c Mon Sep 17 00:00:00 2001 From: azvyagintsevDate: Tue, 4 Jul 2017 20:14:57 +0300 Subject: [PATCH] Fix string comprehension - "[[" syntax work only in "Bash" --- easyrsa3/easyrsa | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index e004e2b..901a52f 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -641,8 +641,7 @@ $(display_dn req "$req_in") # If type is server and no subjectAltName was requested, # add one to the extensions file - if [[ "$crt_type" == 'server' ]] - then + if [ "$crt_type" = 'server' ]; then echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName || print $(default_server_san "$req_in") @@ -941,8 +940,7 @@ default_server_san() { awk -F'=' '/^ *CN=/{print $2}' ) echo "$cn" | egrep -q
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2017-07-25 11:41:18 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Tue Jul 25 11:41:18 2017 rev:4 rq:512354 version:3.0.1 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-06-12 15:33:59.451166936 +0200 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-07-25 11:41:33.746463623 +0200 @@ -1,0 +2,9 @@ +Tue Jul 18 18:32:22 UTC 2017 - seroto...@gmail.com + +- Include upstream patches: + + 6436eaf.patch + Add CN as SAN (if none requested) on server certs by default + + e9e8e27.patch + Moved @ValdikSS's serial randomization to sign_req + +--- New: 6436eaf.patch e9e8e27.patch Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.lpU0p1/_old 2017-07-25 11:41:34.402371019 +0200 +++ /var/tmp/diff_new_pack.lpU0p1/_new 2017-07-25 11:41:34.406370454 +0200 @@ -36,6 +36,10 @@ Patch3: https://github.com/OpenVPN/easy-rsa/commit/fb4d8d8.patch # Convert README and COPYING into markdown files Patch4: https://github.com/OpenVPN/easy-rsa/commit/b75faa4.patch +# Add CN as SAN (if none requested) on server certs by default +Patch5: https://github.com/OpenVPN/easy-rsa/commit/6436eaf.patch +# Moved @ValdikSS's serial randomization to sign_req +Patch6: https://github.com/OpenVPN/easy-rsa/commit/e9e8e27.patch # openSUSE specific Patch100: easy-rsa-packaging.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -53,6 +57,8 @@ %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 +%patch6 -p1 %patch100 -p0 sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"%{_sysconfdir}/easy-rsa";' easyrsa3/vars.example ++ 6436eaf.patch ++ commit 6436eaf8c1e5e3c44d23c1c7a0a5fef14f19d375 Author: Martin SchmittDate: Fri Jun 30 16:12:13 2017 +0200 Add CN as SAN (if none requested) on server certs by default diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index 088faeb..f5ec797 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -627,6 +627,15 @@ $(display_dn req "$req_in") esac fi + # If type is server and no subjectAltName was requested, + # add one to the extensions file + if [[ "$crt_type" == 'server' ]] + then + echo "$EASYRSA_EXTRA_EXTS" | + grep -q subjectAltName || + print $(default_server_san "$req_in") + fi + # Add any advanced extensions supplied by env-var: [ -n "$EASYRSA_EXTRA_EXTS" ] && print "$EASYRSA_EXTRA_EXTS" @@ -923,6 +932,22 @@ display_dn() { print "$("$EASYRSA_OPENSSL" $format -in "$path" -noout -subject -nameopt multiline)" } # => display_dn() +# generate default SAN from req/X509, passed by full pathname +default_server_san() { + local path="$1" + local cn=$( + "$EASYRSA_OPENSSL" req -in "$path" -noout -subject -nameopt sep_multiline | + awk -F'=' '/^ *CN=/{print $2}' + ) + echo "$cn" | egrep -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' + if [[ $? -eq 0 ]] + then + print "subjectAltName = IP:$cn" + else + print "subjectAltName = DNS:$cn" + fi +} # => default_server_san() + # verify a file seems to be a valid req/X509 verify_file() { local format="$1" path="$2" ++ e9e8e27.patch ++ commit e9e8e272e0eb5225ecfb0d8a0953a5b480c5e85d Author: Martin Schmitt Date: Fri Jun 30 17:04:31 2017 +0200 Moved @ValdikSS's serial randomization to sign_req diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index f5ec797..cff63f2 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -569,6 +569,18 @@ sign_req() { local req_in="$EASYRSA_PKI/reqs/$2.req" local crt_out="$EASYRSA_PKI/issued/$2.crt" + # Randomize Serial number + local i= serial= check_serial= + for i in 1 2 3 4 5; do + "$EASYRSA_OPENSSL" rand -hex 16 -out "$EASYRSA_PKI/serial" + serial="$(cat "$EASYRSA_PKI/serial")" + check_serial="$("$EASYRSA_OPENSSL" ca -config "$EASYRSA_SSL_CONF" -status "$serial" 2>&1)" + case "$check_serial" in + *"not present in db"*) break ;; + *) continue ;; + esac + done + # Support batch by internal caller: [ "$3" = "batch" ]
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2017-06-12 15:33:58 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Mon Jun 12 15:33:58 2017 rev:3 rq:502703 version:3.0.1 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-05-31 12:19:18.308102231 +0200 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-06-12 15:33:59.451166936 +0200 @@ -1,0 +2,5 @@ +Mon Jun 5 18:38:00 UTC 2017 - seroto...@gmail.com + +- Undo removal of .md suffix on markdown documentation + +--- Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.pDebt1/_old 2017-06-12 15:34:00.235056376 +0200 +++ /var/tmp/diff_new_pack.pDebt1/_new 2017-06-12 15:34:00.239055811 +0200 @@ -63,13 +63,6 @@ mv -v README README.md %endif -mv -v COPYING.md COPYING -mv -v README.md README -mv -v README.quickstart.md README.quickstart -for f in doc/*.md; do - mv $f ${f%.md} -done - %build %install @@ -82,7 +75,7 @@ %files %defattr(-,root,root) -%doc KNOWN_ISSUES README README.quickstart COPYING +%doc KNOWN_ISSUES README.md README.quickstart.md COPYING.md %doc Licensing/* %doc doc/* %{_bindir}/easyrsa
commit easy-rsa for openSUSE:Factory
Hello community, here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2017-05-31 12:18:07 Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old) and /work/SRC/openSUSE:Factory/.easy-rsa.new (New) Package is "easy-rsa" Wed May 31 12:18:07 2017 rev:2 rq:498607 version:3.0.1 Changes: --- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-02-03 17:36:11.445527613 +0100 +++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-05-31 12:19:18.308102231 +0200 @@ -1,0 +2,19 @@ +Sat May 27 07:30:22 UTC 2017 - br...@ioda-net.ch + +- Add special %if for SLE11 as patch tool can't rename files. +- Include upstream patches + + f174800.patch + Generate random serial number for all certificates + + 29d4dee.patch + Fixes #91 basename: invalid option -- 's' + + b93d0a1.patch + Spelling fixes and sentence structure improvements + + fb4d8d8.patch + Fix comment indicating the end of the function verify_file() + + b75faa4.patch + Convert README and COPYING into markdown files +- Rename openSUSE specific patch easyrsa.packaging.patch to + easy-rsa-packaging.patch +- spec-cleaner -m (Add also SUSE copyrights) + +--- Old: easy-rsa-3.0.1.tar.gz easyrsa.packaging.patch New: 29d4dee.patch 3.0.1.tar.gz b75faa4.patch b93d0a1.patch easy-rsa-packaging.patch f174800.patch fb4d8d8.patch Other differences: -- ++ easy-rsa.spec ++ --- /var/tmp/diff_new_pack.uNphnX/_old 2017-05-31 12:19:19.079993268 +0200 +++ /var/tmp/diff_new_pack.uNphnX/_new 2017-05-31 12:19:19.083992704 +0200 @@ -1,6 +1,7 @@ # # spec file for package easy-rsa # +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2015 Stefan Jakobs. # # All modifications and additions to the file contributed by third parties @@ -12,15 +13,31 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + + Name: easy-rsa Version:3.0.1 -Release:1 -License:GPL-2.0 +Release:0 Summary:CLI utility to build and manage a PKI CA -Url:https://github.com/OpenVPN/easy-rsa +License:GPL-2.0 Group: Productivity/Networking/Security -Source: %{name}-%{version}.tar.gz -Patch0: easyrsa.packaging.patch +Url:https://github.com/OpenVPN/easy-rsa +Source: https://github.com/OpenVPN/easy-rsa/archive/%{version}.tar.gz +# Fixed upstream issues +# Generate random serial number for all certificates +Patch0: https://github.com/OpenVPN/easy-rsa/commit/f174800.patch +# Fixes #91 basename: invalid option -- 's'. +Patch1: https://github.com/OpenVPN/easy-rsa/commit/29d4dee.patch +# spelling fixes and setence structure improvements +Patch2: https://github.com/OpenVPN/easy-rsa/commit/b93d0a1.patch +# Fix comment indicating the end of the function verify_file() comment. +Patch3: https://github.com/OpenVPN/easy-rsa/commit/fb4d8d8.patch +# Convert README and COPYING into markdown files +Patch4: https://github.com/OpenVPN/easy-rsa/commit/b75faa4.patch +# openSUSE specific +Patch100: easy-rsa-packaging.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch @@ -31,9 +48,24 @@ %prep %setup -q -%patch0 -p0 -sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"/etc/easy-rsa";' easyrsa3/vars.example -mv README.quickstart.md README.quickstart +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch100 -p0 +sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"%{_sysconfdir}/easy-rsa";' easyrsa3/vars.example + +# Add this for SLE11, patch tool can't rename file. +# Next release we should publish .md documentation. +%if 0%{?sles_version} > 0 && 0%{?sles_version} < 12 +mv -v COPYING COPYING.md +mv -v README README.md +%endif + +mv -v COPYING.md COPYING +mv -v README.md README +mv -v README.quickstart.md README.quickstart for f in doc/*.md; do mv $f ${f%.md} done @@ -48,11 +80,12 @@ install -Dm0644 easyrsa3/x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/ install -Dm0755 easyrsa3/easyrsa %{buildroot}/%{_bindir}/easyrsa - %files %defattr(-,root,root) %doc KNOWN_ISSUES README README.quickstart COPYING +%doc Licensing/* %doc doc/* %{_bindir}/easyrsa %config(noreplace) %{_sysconfdir}/easy-rsa +%changelog ++ 29d4dee.patch ++ >From 29d4dee508706a34b50c20d338b3f2d452446716 Mon Sep 17 00:00:00 2001 From: Thomas SzteligaDate: Mon, 21 Mar 2016 17:25:58 +0100 Subject: [PATCH] Fixes #91 basename: