commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2019-02-13 10:07:58
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new.28833 (New)
Package is "easy-rsa"
Wed Feb 13 10:07:58 2019 rev:10 rq:674316 version:3.0.6
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2018-12-04
20:56:12.440727393 +0100
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new.28833/easy-rsa.changes
2019-02-13 10:08:09.737519083 +0100
@@ -1,0 +2,15 @@
+Tue Feb 12 12:26:17 UTC 2019 - Tuukka Pasanen
+
+- update to 3.0.6 (2019-02-01)
+ * Certifcates that are revoked now move to a revoked subdirectory (#63)
+ * EasyRSA no longer clobbers non-EASYRSA environment variables (#277)
+ * More sane string checking, allowingn for commas in CN (#267)
+ * Support for reasonCode in CRL (#280)
+ * Better handling for capturing passphrases (#230, others)
+ * Improved LibreSSL/MacOS support
+ * Adds support to renew certificates up to 30 days before expiration (#286)
+- This changes previous behavior allowing for certificate creation using
+ duplicate CNs.
+- update and rebase suse-packaging.patch
+
+---
Old:
EasyRSA-nix-3.0.5.tgz
EasyRSA-nix-3.0.5.tgz.sig
New:
EasyRSA-unix-v3.0.6.tgz
EasyRSA-unix-v3.0.6.tgz.sig
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.dxaPzG/_old 2019-02-13 10:08:14.281517926 +0100
+++ /var/tmp/diff_new_pack.dxaPzG/_new 2019-02-13 10:08:14.281517926 +0100
@@ -1,7 +1,7 @@
#
# spec file for package easy-rsa
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015 Stefan Jakobs.
#
# All modifications and additions to the file contributed by third parties
@@ -13,21 +13,21 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
-%define pname EasyRSA-nix
+%define pname EasyRSA-unix
Name: easy-rsa
-Version:3.0.5
+Version:3.0.6
Release:0
Summary:CLI utility to build and manage a PKI CA
License:GPL-2.0-or-later
Group: Productivity/Networking/Security
Url:https://github.com/OpenVPN/easy-rsa
-Source:
https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz
-Source1:
https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig
+Source:
https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz
+Source1:
https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-v%{version}.tgz.sig
# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
Source2:%{name}.keyring
Patch100: suse-packaging.patch
@@ -41,7 +41,7 @@
%prep
#setup -q -n %{pname}-%{version}
-%setup -q -n EasyRSA-%{version}
+%setup -q -n EasyRSA-v%{version}
%patch100
%build
++ suse-packaging.patch ++
--- /var/tmp/diff_new_pack.dxaPzG/_old 2019-02-13 10:08:14.325517915 +0100
+++ /var/tmp/diff_new_pack.dxaPzG/_new 2019-02-13 10:08:14.329517914 +0100
@@ -1,24 +1,26 @@
easyrsa.orig 2018-09-15 06:21:19.0 +0200
-+++ easyrsa2018-12-03 23:38:04.420888219 +0100
-@@ -315,7 +315,7 @@
- EASYRSA_PKI env-var undefined"
+diff --git a/easyrsa b/easyrsa
+index e019982..635a2b9 100755
+--- easyrsa
easyrsa
+@@ -376,7 +376,7 @@ $out"
+ verify_ssl_lib () {
# make safessl-easyrsa.cnf
- make_ssl_config
+ [ "$1" == "no_safe_ssl_config" ] || make_ssl_config
# Verify EASYRSA_OPENSSL command gives expected output
if [ -z "$EASYRSA_SSL_OK" ]; then
-@@ -415,7 +415,7 @@
+@@ -403,7 +403,7 @@ verify_pki_init() {
+ help_note="Run easyrsa without commands for usage and command help."
- # init-pki backend:
- init_pki() {
+ # check that the pki dir exists
- vars_source_check
+ vars_source_check no_safe_ssl_config
-
- # If EASYRSA_PKI exists, confirm before we rm -rf (skiped with
EASYRSA_BATCH)
- if [ -e "$EASYRSA_PKI" ]; then
-@@ -1124,7 +1124,7 @@
+ [ -d "$EASYRSA_PKI" ] || die "\
+ EASYRSA_PKI does not exist (perhaps you need to run init-pki)?
+ Expected to find the EASYRSA_PKI at: $EASYRSA_PKI
+@@ -1452,7 +1452,7 @@ vars_setup() {
vars=
# set up program path
@@ -27,7 +29,7 @@
# set up PKI path
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2018-12-04 20:55:45
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new.19453 (New)
Package is "easy-rsa"
Tue Dec 4 20:55:45 2018 rev:9 rq:653612 version:3.0.5
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2018-01-30
15:44:29.838342664 +0100
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new.19453/easy-rsa.changes
2018-12-04 20:56:12.440727393 +0100
@@ -1,0 +2,13 @@
+Fri Nov 30 11:10:10 UTC 2018 - ch...@computersalat.de
+
+- update to 3.0.5
+ * Fix #17 & #58: use AES256 for CA key
+ * Also, don't use read -s, use stty -echo
+ * Fix broken "nopass" option
+ * Add -r to read to stop errors reported by shellcheck (and to behave)
+ * remove overzealous quotes around $pkcs_opts (more SC errors)
+- update and rebase suse-packaging.patch
+ * fix: set_var EASYRSA in vars.example
+- fix License
+
+---
Old:
EasyRSA-3.0.4.tgz
EasyRSA-3.0.4.tgz.sig
New:
EasyRSA-nix-3.0.5.tgz
EasyRSA-nix-3.0.5.tgz.sig
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.oAmE96/_old 2018-12-04 20:56:13.404726324 +0100
+++ /var/tmp/diff_new_pack.oAmE96/_new 2018-12-04 20:56:13.404726324 +0100
@@ -17,15 +17,17 @@
#
+%define pname EasyRSA-nix
+
Name: easy-rsa
-Version:3.0.4
+Version:3.0.5
Release:0
Summary:CLI utility to build and manage a PKI CA
-License:GPL-2.0
+License:GPL-2.0-or-later
Group: Productivity/Networking/Security
Url:https://github.com/OpenVPN/easy-rsa
-Source:
https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz
-Source1:
https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig
+Source:
https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz
+Source1:
https://github.com/OpenVPN/%{name}/releases/download/v%{version}/%{pname}-%{version}.tgz.sig
# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
Source2:%{name}.keyring
Patch100: suse-packaging.patch
@@ -38,24 +40,30 @@
certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).
%prep
+#setup -q -n %{pname}-%{version}
%setup -q -n EasyRSA-%{version}
-%patch100 -p1
+%patch100
%build
%install
-install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/
-install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types
-install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/
-install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/
-install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
+install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/
+install -dm0755 %{buildroot}/%{_sysconfdir}/%{name}/x509-types
+install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/%{name}/
+install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/%{name}/
+install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/%{name}/x509-types/
install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa
%files
%defattr(-,root,root)
-%doc gpl-2.0.txt README.quickstart.md COPYING.md
+%doc ChangeLog README.md README.quickstart.md
%doc doc/*
+%if 0%{?sle_version} == 11 || 0%{?sle_version} <= 120400
+%doc COPYING.md gpl-2.0.txt
+%else
+%license COPYING.md gpl-2.0.txt
+%endif
%{_bindir}/easyrsa
-%config(noreplace) %{_sysconfdir}/easy-rsa
+%config(noreplace) %{_sysconfdir}/%{name}
%changelog
++ suse-packaging.patch ++
--- /var/tmp/diff_new_pack.oAmE96/_old 2018-12-04 20:56:13.444726280 +0100
+++ /var/tmp/diff_new_pack.oAmE96/_new 2018-12-04 20:56:13.444726280 +0100
@@ -1,36 +1,62 @@
-*** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.43105 +0200
easyrsa3/easyrsa 2017-07-19 05:24:59.583924924 +0200
-***
-*** 1014,1020
- vars=
-
- # set up program path
-! prog_vars="${0%/*}/vars"
- # set up PKI path
- pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
-
1014,1020
- vars=
-
- # set up program path
-! prog_vars="/etc/easy-rsa/vars"
- # set up PKI path
- pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
-
-***
-*** 1041,1047
- fi
-
- # Set defaults, preferring existing env-vars if present
-! set_var EASYRSA "${0%/*}"
- set_var EASYRSA_OPENSSL openssl
- set_var EASYRSA_PKI "$PWD/pki"
- set_var EASYRSA_DN cn_only
1041,1047
- fi
-
- # Set defaults,
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2018-01-30 15:44:13
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Tue Jan 30 15:44:13 2018 rev:8 rq:570787 version:3.0.4
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-10-26
18:44:14.496350296 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2018-01-30
15:44:29.838342664 +0100
@@ -1,0 +2,8 @@
+Sun Jan 28 19:05:46 UTC 2018 - seroto...@gmail.com
+
+- Upgrade to version 3.0.4
+ * Remove use of egrep (#154)
+ * Finally(?) fix the subjectAltName issues (really fixes #168)
+- Improve RPM description
+
+---
Old:
EasyRSA-3.0.3.tgz
EasyRSA-3.0.3.tgz.sig
New:
EasyRSA-3.0.4.tgz
EasyRSA-3.0.4.tgz.sig
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.hj9Ekj/_old 2018-01-30 15:44:30.342319136 +0100
+++ /var/tmp/diff_new_pack.hj9Ekj/_new 2018-01-30 15:44:30.346318950 +0100
@@ -1,7 +1,7 @@
#
# spec file for package easy-rsa
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015 Stefan Jakobs.
#
# All modifications and additions to the file contributed by third parties
@@ -18,7 +18,7 @@
Name: easy-rsa
-Version:3.0.3
+Version:3.0.4
Release:0
Summary:CLI utility to build and manage a PKI CA
License:GPL-2.0
@@ -33,9 +33,9 @@
BuildArch: noarch
%description
-easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms,
-this means to create a root certificate authority, and request and sign
-certificates, including sub-CAs and certificate revokation lists (CRL).
+easy-rsa is a CLI utility to build and manage a Public Key Infrastructure
+(PKI). Once the Certificate Authority (CA) is created, you can request and sign
+certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).
%prep
%setup -q -n EasyRSA-%{version}
@@ -47,7 +47,7 @@
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types
install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/
-install -Dm0644 openssl-1.0.cnf
%{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf
+install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/
install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa
++ EasyRSA-3.0.3.tgz -> EasyRSA-3.0.4.tgz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/EasyRSA-3.0.3/ChangeLog new/EasyRSA-3.0.4/ChangeLog
--- old/EasyRSA-3.0.3/ChangeLog 2015-09-03 01:54:57.0 +0200
+++ new/EasyRSA-3.0.4/ChangeLog 2018-01-21 16:37:25.0 +0100
@@ -1,5 +1,27 @@
Easy-RSA 3 ChangeLog
+3.0.4 (TBD)
+* Remove use of egrep (#154)
+* Integrate with Travis-CI (#165)
+* Remove "local" from variable assignment (#165)
+* Other changes related to Travis-CI fixes
+ * Assign values to variables defined previously w/local
+* Finally(?) fix the subjectAltName issues I presented earlier (really
+fixes #168
+
+3.0.3 (2017-08-22)
+* Include mktemp windows binary
+* copy CSR extensions into signed certificate
+
+
+3.0.2 (2017-08-21)
+* add missing windows binaries
+
+
+3.0.1 (2015-10-25)
+* correct some packaging errors
+
+
3.0.0 (2015-09-07)
* cab4a07 Fix typo: Hellman
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/EasyRSA-3.0.3/README.md new/EasyRSA-3.0.4/README.md
--- old/EasyRSA-3.0.3/README.md 1970-01-01 01:00:00.0 +0100
+++ new/EasyRSA-3.0.4/README.md 2018-01-21 16:37:25.0 +0100
@@ -0,0 +1,52 @@
+# Overview
+
+easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms,
+this means to create a root certificate authority, and request and sign
+certificates, including sub-CAs and certificate revocation lists (CRL).
+
+# Downloads
+
+If you are looking for release downloads, please see the releases section on
+GitHub. Releases are also available as source checkouts using named tags.
+
+# Documentation
+
+For 3.x project documentation and usage, see the
[README.quickstart.md](README.quickstart.md) file or
+the more detailed docs under the doc/ directory. The .md files are in Markdown
+format and can be converted to html files as desired for release packages, or
+read as-is in plaintext.
+
+# Getting help using easy-rsa
+
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2017-10-26 18:44:10
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Thu Oct 26 18:44:10 2017 rev:7 rq:535010 version:3.0.3
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-10-18
10:55:05.395902697 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-10-26
18:44:14.496350296 +0200
@@ -1,0 +2,6 @@
+Wed Oct 18 08:40:40 UTC 2017 - astie...@suse.com
+
+- update release tarball instead of git snapshot
+- add upstream signing keyring and verify source signature
+
+---
Old:
v3.0.3.tar.gz
New:
EasyRSA-3.0.3.tgz
EasyRSA-3.0.3.tgz.sig
easy-rsa.keyring
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.4dQt7I/_old 2017-10-26 18:44:15.384308856 +0200
+++ /var/tmp/diff_new_pack.4dQt7I/_new 2017-10-26 18:44:15.388308669 +0200
@@ -24,7 +24,10 @@
License:GPL-2.0
Group: Productivity/Networking/Security
Url:https://github.com/OpenVPN/easy-rsa
-Source: https://github.com/OpenVPN/easy-rsa/archive/v%{version}.tar.gz
+Source:
https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz
+Source1:
https://github.com/OpenVPN/easy-rsa/releases/download/v%{version}/EasyRSA-%{version}.tgz.sig
+# https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
+Source2:%{name}.keyring
Patch100: suse-packaging.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
@@ -35,23 +38,22 @@
certificates, including sub-CAs and certificate revokation lists (CRL).
%prep
-%setup -q
-%patch100 -p0
+%setup -q -n EasyRSA-%{version}
+%patch100 -p1
%build
%install
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types
-install -Dm0644 easyrsa3/vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/
-install -Dm0644 easyrsa3/openssl-1.0.cnf
%{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf
-install -Dm0644 easyrsa3/x509-types/*
%{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
-install -Dm0755 easyrsa3/easyrsa %{buildroot}/%{_bindir}/easyrsa
+install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/
+install -Dm0644 openssl-1.0.cnf
%{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf
+install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
+install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa
%files
%defattr(-,root,root)
-%doc KNOWN_ISSUES README.md README.quickstart.md COPYING.md
-%doc Licensing/*
+%doc gpl-2.0.txt README.quickstart.md COPYING.md
%doc doc/*
%{_bindir}/easyrsa
%config(noreplace) %{_sysconfdir}/easy-rsa
++ easy-rsa.keyring ++
1745 lines (skipped)
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2017-10-18 10:55:04
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Wed Oct 18 10:55:04 2017 rev:6 rq:534600 version:3.0.3
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-09-12
19:54:11.829181862 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-10-18
10:55:05.395902697 +0200
@@ -1,0 +2,20 @@
+Mon Oct 16 06:38:49 UTC 2017 - seroto...@gmail.com
+
+- Update to version 3.0.3
+- Rename easy-rsa-packaging.patch to suse-packaging.patch
+- Remove obsolete upstream patches:
+ * f174800.patch
+ * 29d4dee.patch
+ * b93d0a1.patch
+ * fb4d8d8.patch
+ * b75faa4.patch
+ * 6436eaf.patch
+ * e9e8e27.patch
+ * 534f673.patch
+ * d20d2b3.patch
+ * 4eac410.patch
+ * a138c0d.patch
+ * 83a1a21.patch
+
+
+---
Old:
29d4dee.patch
3.0.1.tar.gz
4eac410.patch
534f673.patch
6436eaf.patch
83a1a21.patch
a138c0d.patch
b75faa4.patch
b93d0a1.patch
d20d2b3.patch
e9e8e27.patch
easy-rsa-packaging.patch
f174800.patch
fb4d8d8.patch
New:
suse-packaging.patch
v3.0.3.tar.gz
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.9gVLPY/_old 2017-10-18 10:55:11.475617475 +0200
+++ /var/tmp/diff_new_pack.9gVLPY/_new 2017-10-18 10:55:11.479617288 +0200
@@ -18,40 +18,14 @@
Name: easy-rsa
-Version:3.0.1
+Version:3.0.3
Release:0
Summary:CLI utility to build and manage a PKI CA
License:GPL-2.0
Group: Productivity/Networking/Security
Url:https://github.com/OpenVPN/easy-rsa
-Source: https://github.com/OpenVPN/easy-rsa/archive/%{version}.tar.gz
-# Fixed upstream issues
-# Generate random serial number for all certificates
-Patch0: https://github.com/OpenVPN/easy-rsa/commit/f174800.patch
-# Fixes #91 basename: invalid option -- 's'.
-Patch1: https://github.com/OpenVPN/easy-rsa/commit/29d4dee.patch
-# spelling fixes and setence structure improvements
-Patch2: https://github.com/OpenVPN/easy-rsa/commit/b93d0a1.patch
-# Fix comment indicating the end of the function verify_file() comment.
-Patch3: https://github.com/OpenVPN/easy-rsa/commit/fb4d8d8.patch
-# Convert README and COPYING into markdown files
-Patch4: https://github.com/OpenVPN/easy-rsa/commit/b75faa4.patch
-# Add CN as SAN (if none requested) on server certs by default
-Patch5: https://github.com/OpenVPN/easy-rsa/commit/6436eaf.patch
-# Moved @ValdikSS's serial randomization to sign_req
-Patch6: https://github.com/OpenVPN/easy-rsa/commit/e9e8e27.patch
-# Make $PWD/pki the default PKI location
-Patch7: https://github.com/OpenVPN/easy-rsa/commit/534f673.patch
-# Update docs and examples to fit changes in 534f673
-Patch8: https://github.com/OpenVPN/easy-rsa/commit/d20d2b3.patch
-# Fix string comprehension
-Patch9: https://github.com/OpenVPN/easy-rsa/commit/4eac410.patch
-# Fix incorrect "openssl rand" usage
-Patch10:https://github.com/OpenVPN/easy-rsa/commit/a138c0d.patch
-# Add --copy-ext option
-Patch11:https://github.com/OpenVPN/easy-rsa/commit/83a1a21.patch
-# openSUSE specific
-Patch100: easy-rsa-packaging.patch
+Source: https://github.com/OpenVPN/easy-rsa/archive/v%{version}.tar.gz
+Patch100: suse-packaging.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
@@ -62,27 +36,8 @@
%prep
%setup -q
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-%patch10 -p1
-%patch11 -p1
%patch100 -p0
-# Add this for SLE11, patch tool can't rename file.
-# Next release we should publish .md documentation.
-%if 0%{?sles_version} > 0 && 0%{?sles_version} < 12
-mv -v COPYING COPYING.md
-mv -v README README.md
-%endif
-
%build
%install
++ suse-packaging.patch ++
*** easyrsa3/easyrsa.orig 2017-07-18 23:46:26.43105 +0200
--- easyrsa3/easyrsa2017-07-19 05:24:59.583924924 +0200
***
*** 1014,1020
local vars=
# set up program path
! local prog_vars="${0%/*}/vars"
# set up PKI path
local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
--- 1014,1020
local vars=
# set up program path
! local prog_vars="/etc/easy-rsa/vars"
# set up PKI path
local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
***
*** 1041,1047
fi
# Set
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2017-09-12 19:54:05
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Tue Sep 12 19:54:05 2017 rev:5 rq:522753 version:3.0.1
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-07-25
11:41:33.746463623 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-09-12
19:54:11.829181862 +0200
@@ -1,0 +2,29 @@
+Wed Aug 23 09:06:23 UTC 2017 - seroto...@gmail.com
+
+- Include upstream patches:
+ + 4eac410.patch
+ Fix string comprehension
+ + a138c0d.patch
+ Fix incorrect "openssl rand" usage
+ + 83a1a21.patch
+ Add --copy-ext option
+
+
+---
+Fri Jul 28 21:27:09 UTC 2017 - seroto...@gmail.com
+
+- Include upstream patches:
+ + d20d2b3.patch
+ Update docs and examples to fit changes in 534f673
+- Adapted easy-rsa-packaging.patch to work with upstream patch
+
+---
+Mon Jul 24 23:04:34 UTC 2017 - seroto...@gmail.com
+
+- Include upstream patches:
+ + 534f673.patch
+ Make $PWD/pki the default PKI location
+- Adapted easy-rsa-packaging.patch to work with upstream patch
+- Treat /etc/easy-rsa as public default config, no default vars
+
+---
New:
4eac410.patch
534f673.patch
83a1a21.patch
a138c0d.patch
d20d2b3.patch
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.GxWzqy/_old 2017-09-12 19:54:12.573077266 +0200
+++ /var/tmp/diff_new_pack.GxWzqy/_new 2017-09-12 19:54:12.573077266 +0200
@@ -40,6 +40,16 @@
Patch5: https://github.com/OpenVPN/easy-rsa/commit/6436eaf.patch
# Moved @ValdikSS's serial randomization to sign_req
Patch6: https://github.com/OpenVPN/easy-rsa/commit/e9e8e27.patch
+# Make $PWD/pki the default PKI location
+Patch7: https://github.com/OpenVPN/easy-rsa/commit/534f673.patch
+# Update docs and examples to fit changes in 534f673
+Patch8: https://github.com/OpenVPN/easy-rsa/commit/d20d2b3.patch
+# Fix string comprehension
+Patch9: https://github.com/OpenVPN/easy-rsa/commit/4eac410.patch
+# Fix incorrect "openssl rand" usage
+Patch10:https://github.com/OpenVPN/easy-rsa/commit/a138c0d.patch
+# Add --copy-ext option
+Patch11:https://github.com/OpenVPN/easy-rsa/commit/83a1a21.patch
# openSUSE specific
Patch100: easy-rsa-packaging.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -59,8 +69,12 @@
%patch4 -p1
%patch5 -p1
%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
%patch100 -p0
-sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"%{_sysconfdir}/easy-rsa";'
easyrsa3/vars.example
# Add this for SLE11, patch tool can't rename file.
# Next release we should publish .md documentation.
@@ -72,9 +86,9 @@
%build
%install
-install -dm0700 %{buildroot}/%{_sysconfdir}/easy-rsa/
+install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types
-install -Dm0644 easyrsa3/vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/vars
+install -Dm0644 easyrsa3/vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/
install -Dm0644 easyrsa3/openssl-1.0.cnf
%{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf
install -Dm0644 easyrsa3/x509-types/*
%{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
install -Dm0755 easyrsa3/easyrsa %{buildroot}/%{_bindir}/easyrsa
++ 4eac410.patch ++
>From 4eac410bce13a4730aa160ba48e6fa0aef7edd7c Mon Sep 17 00:00:00 2001
From: azvyagintsev
Date: Tue, 4 Jul 2017 20:14:57 +0300
Subject: [PATCH] Fix string comprehension
- "[[" syntax work only in "Bash"
---
easyrsa3/easyrsa | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index e004e2b..901a52f 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -641,8 +641,7 @@ $(display_dn req "$req_in")
# If type is server and no subjectAltName was requested,
# add one to the extensions file
- if [[ "$crt_type" == 'server' ]]
- then
+ if [ "$crt_type" = 'server' ]; then
echo "$EASYRSA_EXTRA_EXTS" |
grep -q subjectAltName ||
print $(default_server_san "$req_in")
@@ -941,8 +940,7 @@ default_server_san() {
awk -F'=' '/^ *CN=/{print $2}'
)
echo "$cn" | egrep -q
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2017-07-25 11:41:18
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Tue Jul 25 11:41:18 2017 rev:4 rq:512354 version:3.0.1
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-06-12
15:33:59.451166936 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-07-25
11:41:33.746463623 +0200
@@ -1,0 +2,9 @@
+Tue Jul 18 18:32:22 UTC 2017 - seroto...@gmail.com
+
+- Include upstream patches:
+ + 6436eaf.patch
+ Add CN as SAN (if none requested) on server certs by default
+ + e9e8e27.patch
+ Moved @ValdikSS's serial randomization to sign_req
+
+---
New:
6436eaf.patch
e9e8e27.patch
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.lpU0p1/_old 2017-07-25 11:41:34.402371019 +0200
+++ /var/tmp/diff_new_pack.lpU0p1/_new 2017-07-25 11:41:34.406370454 +0200
@@ -36,6 +36,10 @@
Patch3: https://github.com/OpenVPN/easy-rsa/commit/fb4d8d8.patch
# Convert README and COPYING into markdown files
Patch4: https://github.com/OpenVPN/easy-rsa/commit/b75faa4.patch
+# Add CN as SAN (if none requested) on server certs by default
+Patch5: https://github.com/OpenVPN/easy-rsa/commit/6436eaf.patch
+# Moved @ValdikSS's serial randomization to sign_req
+Patch6: https://github.com/OpenVPN/easy-rsa/commit/e9e8e27.patch
# openSUSE specific
Patch100: easy-rsa-packaging.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -53,6 +57,8 @@
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
%patch100 -p0
sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"%{_sysconfdir}/easy-rsa";'
easyrsa3/vars.example
++ 6436eaf.patch ++
commit 6436eaf8c1e5e3c44d23c1c7a0a5fef14f19d375
Author: Martin Schmitt
Date: Fri Jun 30 16:12:13 2017 +0200
Add CN as SAN (if none requested) on server certs by default
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 088faeb..f5ec797 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -627,6 +627,15 @@ $(display_dn req "$req_in")
esac
fi
+ # If type is server and no subjectAltName was requested,
+ # add one to the extensions file
+ if [[ "$crt_type" == 'server' ]]
+ then
+ echo "$EASYRSA_EXTRA_EXTS" |
+ grep -q subjectAltName ||
+ print $(default_server_san "$req_in")
+ fi
+
# Add any advanced extensions supplied by env-var:
[ -n "$EASYRSA_EXTRA_EXTS" ] && print "$EASYRSA_EXTRA_EXTS"
@@ -923,6 +932,22 @@ display_dn() {
print "$("$EASYRSA_OPENSSL" $format -in "$path" -noout -subject
-nameopt multiline)"
} # => display_dn()
+# generate default SAN from req/X509, passed by full pathname
+default_server_san() {
+ local path="$1"
+ local cn=$(
+ "$EASYRSA_OPENSSL" req -in "$path" -noout -subject -nameopt
sep_multiline |
+ awk -F'=' '/^ *CN=/{print $2}'
+ )
+ echo "$cn" | egrep -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
+ if [[ $? -eq 0 ]]
+ then
+ print "subjectAltName = IP:$cn"
+ else
+ print "subjectAltName = DNS:$cn"
+ fi
+} # => default_server_san()
+
# verify a file seems to be a valid req/X509
verify_file() {
local format="$1" path="$2"
++ e9e8e27.patch ++
commit e9e8e272e0eb5225ecfb0d8a0953a5b480c5e85d
Author: Martin Schmitt
Date: Fri Jun 30 17:04:31 2017 +0200
Moved @ValdikSS's serial randomization to sign_req
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index f5ec797..cff63f2 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -569,6 +569,18 @@ sign_req() {
local req_in="$EASYRSA_PKI/reqs/$2.req"
local crt_out="$EASYRSA_PKI/issued/$2.crt"
+ # Randomize Serial number
+ local i= serial= check_serial=
+ for i in 1 2 3 4 5; do
+ "$EASYRSA_OPENSSL" rand -hex 16 -out "$EASYRSA_PKI/serial"
+ serial="$(cat "$EASYRSA_PKI/serial")"
+ check_serial="$("$EASYRSA_OPENSSL" ca -config
"$EASYRSA_SSL_CONF" -status "$serial" 2>&1)"
+ case "$check_serial" in
+ *"not present in db"*) break ;;
+ *) continue ;;
+ esac
+ done
+
# Support batch by internal caller:
[ "$3" = "batch" ]
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2017-06-12 15:33:58
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Mon Jun 12 15:33:58 2017 rev:3 rq:502703 version:3.0.1
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-05-31
12:19:18.308102231 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-06-12
15:33:59.451166936 +0200
@@ -1,0 +2,5 @@
+Mon Jun 5 18:38:00 UTC 2017 - seroto...@gmail.com
+
+- Undo removal of .md suffix on markdown documentation
+
+---
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.pDebt1/_old 2017-06-12 15:34:00.235056376 +0200
+++ /var/tmp/diff_new_pack.pDebt1/_new 2017-06-12 15:34:00.239055811 +0200
@@ -63,13 +63,6 @@
mv -v README README.md
%endif
-mv -v COPYING.md COPYING
-mv -v README.md README
-mv -v README.quickstart.md README.quickstart
-for f in doc/*.md; do
- mv $f ${f%.md}
-done
-
%build
%install
@@ -82,7 +75,7 @@
%files
%defattr(-,root,root)
-%doc KNOWN_ISSUES README README.quickstart COPYING
+%doc KNOWN_ISSUES README.md README.quickstart.md COPYING.md
%doc Licensing/*
%doc doc/*
%{_bindir}/easyrsa
commit easy-rsa for openSUSE:Factory
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory
checked in at 2017-05-31 12:18:07
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
Package is "easy-rsa"
Wed May 31 12:18:07 2017 rev:2 rq:498607 version:3.0.1
Changes:
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes2017-02-03
17:36:11.445527613 +0100
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2017-05-31
12:19:18.308102231 +0200
@@ -1,0 +2,19 @@
+Sat May 27 07:30:22 UTC 2017 - br...@ioda-net.ch
+
+- Add special %if for SLE11 as patch tool can't rename files.
+- Include upstream patches
+ + f174800.patch
+ Generate random serial number for all certificates
+ + 29d4dee.patch
+ Fixes #91 basename: invalid option -- 's'
+ + b93d0a1.patch
+ Spelling fixes and sentence structure improvements
+ + fb4d8d8.patch
+ Fix comment indicating the end of the function verify_file()
+ + b75faa4.patch
+ Convert README and COPYING into markdown files
+- Rename openSUSE specific patch easyrsa.packaging.patch to
+ easy-rsa-packaging.patch
+- spec-cleaner -m (Add also SUSE copyrights)
+
+---
Old:
easy-rsa-3.0.1.tar.gz
easyrsa.packaging.patch
New:
29d4dee.patch
3.0.1.tar.gz
b75faa4.patch
b93d0a1.patch
easy-rsa-packaging.patch
f174800.patch
fb4d8d8.patch
Other differences:
--
++ easy-rsa.spec ++
--- /var/tmp/diff_new_pack.uNphnX/_old 2017-05-31 12:19:19.079993268 +0200
+++ /var/tmp/diff_new_pack.uNphnX/_new 2017-05-31 12:19:19.083992704 +0200
@@ -1,6 +1,7 @@
#
# spec file for package easy-rsa
#
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015 Stefan Jakobs.
#
# All modifications and additions to the file contributed by third parties
@@ -12,15 +13,31 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
+
Name: easy-rsa
Version:3.0.1
-Release:1
-License:GPL-2.0
+Release:0
Summary:CLI utility to build and manage a PKI CA
-Url:https://github.com/OpenVPN/easy-rsa
+License:GPL-2.0
Group: Productivity/Networking/Security
-Source: %{name}-%{version}.tar.gz
-Patch0: easyrsa.packaging.patch
+Url:https://github.com/OpenVPN/easy-rsa
+Source: https://github.com/OpenVPN/easy-rsa/archive/%{version}.tar.gz
+# Fixed upstream issues
+# Generate random serial number for all certificates
+Patch0: https://github.com/OpenVPN/easy-rsa/commit/f174800.patch
+# Fixes #91 basename: invalid option -- 's'.
+Patch1: https://github.com/OpenVPN/easy-rsa/commit/29d4dee.patch
+# spelling fixes and setence structure improvements
+Patch2: https://github.com/OpenVPN/easy-rsa/commit/b93d0a1.patch
+# Fix comment indicating the end of the function verify_file() comment.
+Patch3: https://github.com/OpenVPN/easy-rsa/commit/fb4d8d8.patch
+# Convert README and COPYING into markdown files
+Patch4: https://github.com/OpenVPN/easy-rsa/commit/b75faa4.patch
+# openSUSE specific
+Patch100: easy-rsa-packaging.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
@@ -31,9 +48,24 @@
%prep
%setup -q
-%patch0 -p0
-sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"/etc/easy-rsa";'
easyrsa3/vars.example
-mv README.quickstart.md README.quickstart
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch100 -p0
+sed -i 's;#\(set_var EASYRSA \)"$PWD";\1"%{_sysconfdir}/easy-rsa";'
easyrsa3/vars.example
+
+# Add this for SLE11, patch tool can't rename file.
+# Next release we should publish .md documentation.
+%if 0%{?sles_version} > 0 && 0%{?sles_version} < 12
+mv -v COPYING COPYING.md
+mv -v README README.md
+%endif
+
+mv -v COPYING.md COPYING
+mv -v README.md README
+mv -v README.quickstart.md README.quickstart
for f in doc/*.md; do
mv $f ${f%.md}
done
@@ -48,11 +80,12 @@
install -Dm0644 easyrsa3/x509-types/*
%{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
install -Dm0755 easyrsa3/easyrsa %{buildroot}/%{_bindir}/easyrsa
-
%files
%defattr(-,root,root)
%doc KNOWN_ISSUES README README.quickstart COPYING
+%doc Licensing/*
%doc doc/*
%{_bindir}/easyrsa
%config(noreplace) %{_sysconfdir}/easy-rsa
+%changelog
++ 29d4dee.patch ++
>From 29d4dee508706a34b50c20d338b3f2d452446716 Mon Sep 17 00:00:00 2001
From: Thomas Szteliga
Date: Mon, 21 Mar 2016 17:25:58 +0100
Subject: [PATCH] Fixes #91 basename:
