diff options
Diffstat (limited to 'package/openvpn/patches')
| -rw-r--r-- | package/openvpn/patches/easy-rsa.patch | 218 | 
1 files changed, 218 insertions, 0 deletions
| diff --git a/package/openvpn/patches/easy-rsa.patch b/package/openvpn/patches/easy-rsa.patch new file mode 100644 index 000000000..957fe336e --- /dev/null +++ b/package/openvpn/patches/easy-rsa.patch @@ -0,0 +1,218 @@ +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-ca openvpn-2.0.8/easy-rsa/2.0/build-ca +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-ca	2005-11-02 19:42:38.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-ca	2006-10-13 18:14:32.000000000 +0200 +@@ -1,8 +1,7 @@ +-#!/bin/bash ++#!/bin/sh +  + # + # Build a root certificate + # +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --initca $* ++/usr/sbin/pkitool --interact --initca $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-dh openvpn-2.0.8/easy-rsa/2.0/build-dh +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-dh	2006-06-28 08:29:27.000000000 +0200 ++++ openvpn-2.0.8/easy-rsa/2.0/build-dh	2006-10-13 18:13:40.000000000 +0200 +@@ -1,4 +1,6 @@ +-#!/bin/bash ++#!/bin/sh ++ ++. /etc/easy-rsa/vars +  + # Build Diffie-Hellman parameters for the server side + # of an SSL/TLS connection. +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-inter openvpn-2.0.8/easy-rsa/2.0/build-inter +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-inter	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-inter	2006-10-13 18:14:32.000000000 +0200 +@@ -1,7 +1,6 @@ +-#!/bin/bash ++#!/bin/sh +  + # Make an intermediate CA certificate/private key pair using a locally generated + # root certificate. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --inter $* ++/usr/sbin/pkitool --interact --inter $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key openvpn-2.0.8/easy-rsa/2.0/build-key +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-key	2006-10-13 18:14:32.000000000 +0200 +@@ -1,7 +1,6 @@ +-#!/bin/bash ++#!/bin/sh +  + # Make a certificate/private key pair using a locally generated + # root certificate. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact $* ++/usr/sbin/pkitool --interact $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass openvpn-2.0.8/easy-rsa/2.0/build-key-pass +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-key-pass	2006-10-13 18:14:32.000000000 +0200 +@@ -1,7 +1,6 @@ +-#!/bin/bash ++#!/bin/sh +  + # Similar to build-key, but protect the private key + # with a password. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --pass $* ++/usr/sbin/pkitool --interact --pass $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12 +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12	2006-10-13 18:14:32.000000000 +0200 +@@ -1,8 +1,7 @@ +-#!/bin/bash ++#!/bin/sh +  + # Make a certificate/private key pair using a locally generated + # root certificate and convert it to a PKCS #12 file including the + # the CA certificate as well. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --pkcs12 $* ++/usr/sbin/pkitool --interact --pkcs12 $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server openvpn-2.0.8/easy-rsa/2.0/build-key-server +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-key-server	2006-10-13 18:14:32.000000000 +0200 +@@ -1,4 +1,4 @@ +-#!/bin/bash ++#!/bin/sh +  + # Make a certificate/private key pair using a locally generated + # root certificate. +@@ -6,5 +6,4 @@ + # Explicitly set nsCertType to server using the "server" + # extension in the openssl.cnf file. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --server $* ++/usr/sbin/pkitool --interact --server $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req openvpn-2.0.8/easy-rsa/2.0/build-req +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req	2005-11-02 19:42:38.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-req	2006-10-13 18:14:32.000000000 +0200 +@@ -1,7 +1,6 @@ +-#!/bin/bash ++#!/bin/sh +  + # Build a certificate signing request and private key.  Use this + # when your root certificate and key is not available locally. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --csr $* ++/usr/sbin/pkitool --interact --csr $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass openvpn-2.0.8/easy-rsa/2.0/build-req-pass +--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/build-req-pass	2006-10-13 18:14:32.000000000 +0200 +@@ -1,7 +1,6 @@ +-#!/bin/bash ++#!/bin/sh +  + # Like build-req, but protect your private key + # with a password. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --csr --pass $* ++/usr/sbin/pkitool --interact --csr --pass $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/clean-all openvpn-2.0.8/easy-rsa/2.0/clean-all +--- openvpn-2.0.8_orig/easy-rsa/2.0/clean-all	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/clean-all	2006-10-13 18:13:40.000000000 +0200 +@@ -1,4 +1,6 @@ +-#!/bin/bash ++#!/bin/sh ++ ++. /etc/easy-rsa/vars +  + # Initialize the $KEY_DIR directory. + # Note that this script does a +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter openvpn-2.0.8/easy-rsa/2.0/inherit-inter +--- openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter	2005-11-02 19:42:38.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/inherit-inter	2006-10-13 18:13:40.000000000 +0200 +@@ -1,4 +1,6 @@ +-#!/bin/bash ++#!/bin/sh ++ ++. /etc/easy-rsa/vars +  + # Build a new PKI which is rooted on an intermediate certificate generated + # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/list-crl openvpn-2.0.8/easy-rsa/2.0/list-crl +--- openvpn-2.0.8_orig/easy-rsa/2.0/list-crl	2006-06-28 08:29:27.000000000 +0200 ++++ openvpn-2.0.8/easy-rsa/2.0/list-crl	2006-10-13 18:13:40.000000000 +0200 +@@ -1,4 +1,6 @@ +-#!/bin/bash ++#!/bin/sh ++ ++. /etc/easy-rsa/vars +  + # list revoked certificates +  +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/pkitool openvpn-2.0.8/easy-rsa/2.0/pkitool +--- openvpn-2.0.8_orig/easy-rsa/2.0/pkitool	2006-06-28 08:29:27.000000000 +0200 ++++ openvpn-2.0.8/easy-rsa/2.0/pkitool	2006-10-13 18:13:40.000000000 +0200 +@@ -1,5 +1,7 @@ + #!/bin/sh +  ++. /etc/easy-rsa/vars ++ + #  OpenVPN -- An application to securely tunnel IP networks + #             over a single TCP/UDP port, with support for SSL/TLS-based + #             session authentication and key exchange, +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full openvpn-2.0.8/easy-rsa/2.0/revoke-full +--- openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full	2006-06-28 08:29:27.000000000 +0200 ++++ openvpn-2.0.8/easy-rsa/2.0/revoke-full	2006-10-13 18:13:40.000000000 +0200 +@@ -1,4 +1,6 @@ +-#!/bin/bash ++#!/bin/sh ++ ++. /etc/easy-rsa/vars +  + # revoke a certificate, regenerate CRL, + # and verify revocation +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/sign-req openvpn-2.0.8/easy-rsa/2.0/sign-req +--- openvpn-2.0.8_orig/easy-rsa/2.0/sign-req	2005-11-02 19:42:39.000000000 +0100 ++++ openvpn-2.0.8/easy-rsa/2.0/sign-req	2006-10-13 18:14:32.000000000 +0200 +@@ -1,7 +1,6 @@ +-#!/bin/bash ++#!/bin/sh +  + # Sign a certificate signing request (a .csr file) + # with a local root certificate and key. +  +-export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --sign $* ++/usr/sbin/pkitool --interact --sign $* +diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/vars openvpn-2.0.8/easy-rsa/2.0/vars +--- openvpn-2.0.8_orig/easy-rsa/2.0/vars	2006-06-28 08:29:27.000000000 +0200 ++++ openvpn-2.0.8/easy-rsa/2.0/vars	2006-10-13 18:24:03.000000000 +0200 +@@ -12,7 +12,7 @@ + # This variable should point to + # the top level of the easy-rsa + # tree. +-export EASY_RSA="`pwd`" ++export EASY_RSA="/etc/easy-rsa" +  + # + # This variable should point to +@@ -26,7 +26,7 @@ + # This variable should point to + # the openssl.cnf file included + # with easy-rsa. +-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` ++export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA` +  + # Edit this variable to point to + # your soon-to-be-created key +@@ -39,7 +39,7 @@ + export KEY_DIR="$EASY_RSA/keys" +  + # Issue rm -rf warning +-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR ++echo NOTE: If you run /usr/sbin/clean-all, I will be doing a rm -rf on $KEY_DIR +  + # Increase this to 2048 if you + # are paranoid.  This will slow | 
