From 219a6dab8995aad9ac4860cc1a84d6f3509a03a4 Mon Sep 17 00:00:00 2001
From: wbx <wbx@hydrogenium.(none)>
Date: Sun, 17 May 2009 14:41:34 +0200
Subject: Initial import

---
 package/openvpn/patches/easy-rsa.patch | 218 +++++++++++++++++++++++++++++++++
 1 file changed, 218 insertions(+)
 create mode 100644 package/openvpn/patches/easy-rsa.patch

(limited to 'package/openvpn/patches')

diff --git a/package/openvpn/patches/easy-rsa.patch b/package/openvpn/patches/easy-rsa.patch
new file mode 100644
index 000000000..957fe336e
--- /dev/null
+++ b/package/openvpn/patches/easy-rsa.patch
@@ -0,0 +1,218 @@
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-ca openvpn-2.0.8/easy-rsa/2.0/build-ca
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-ca	2005-11-02 19:42:38.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-ca	2006-10-13 18:14:32.000000000 +0200
+@@ -1,8 +1,7 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ #
+ # Build a root certificate
+ #
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --initca $*
++/usr/sbin/pkitool --interact --initca $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-dh openvpn-2.0.8/easy-rsa/2.0/build-dh
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-dh	2006-06-28 08:29:27.000000000 +0200
++++ openvpn-2.0.8/easy-rsa/2.0/build-dh	2006-10-13 18:13:40.000000000 +0200
+@@ -1,4 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
++
++. /etc/easy-rsa/vars
+ 
+ # Build Diffie-Hellman parameters for the server side
+ # of an SSL/TLS connection.
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-inter openvpn-2.0.8/easy-rsa/2.0/build-inter
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-inter	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-inter	2006-10-13 18:14:32.000000000 +0200
+@@ -1,7 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Make an intermediate CA certificate/private key pair using a locally generated
+ # root certificate.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --inter $*
++/usr/sbin/pkitool --interact --inter $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key openvpn-2.0.8/easy-rsa/2.0/build-key
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-key	2006-10-13 18:14:32.000000000 +0200
+@@ -1,7 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Make a certificate/private key pair using a locally generated
+ # root certificate.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact $*
++/usr/sbin/pkitool --interact $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass openvpn-2.0.8/easy-rsa/2.0/build-key-pass
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-key-pass	2006-10-13 18:14:32.000000000 +0200
+@@ -1,7 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Similar to build-key, but protect the private key
+ # with a password.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --pass $*
++/usr/sbin/pkitool --interact --pass $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12	2006-10-13 18:14:32.000000000 +0200
+@@ -1,8 +1,7 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Make a certificate/private key pair using a locally generated
+ # root certificate and convert it to a PKCS #12 file including the
+ # the CA certificate as well.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --pkcs12 $*
++/usr/sbin/pkitool --interact --pkcs12 $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server openvpn-2.0.8/easy-rsa/2.0/build-key-server
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-key-server	2006-10-13 18:14:32.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Make a certificate/private key pair using a locally generated
+ # root certificate.
+@@ -6,5 +6,4 @@
+ # Explicitly set nsCertType to server using the "server"
+ # extension in the openssl.cnf file.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --server $*
++/usr/sbin/pkitool --interact --server $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req openvpn-2.0.8/easy-rsa/2.0/build-req
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req	2005-11-02 19:42:38.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-req	2006-10-13 18:14:32.000000000 +0200
+@@ -1,7 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Build a certificate signing request and private key.  Use this
+ # when your root certificate and key is not available locally.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --csr $*
++/usr/sbin/pkitool --interact --csr $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass openvpn-2.0.8/easy-rsa/2.0/build-req-pass
+--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/build-req-pass	2006-10-13 18:14:32.000000000 +0200
+@@ -1,7 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Like build-req, but protect your private key
+ # with a password.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --csr --pass $*
++/usr/sbin/pkitool --interact --csr --pass $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/clean-all openvpn-2.0.8/easy-rsa/2.0/clean-all
+--- openvpn-2.0.8_orig/easy-rsa/2.0/clean-all	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/clean-all	2006-10-13 18:13:40.000000000 +0200
+@@ -1,4 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
++
++. /etc/easy-rsa/vars
+ 
+ # Initialize the $KEY_DIR directory.
+ # Note that this script does a
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter openvpn-2.0.8/easy-rsa/2.0/inherit-inter
+--- openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter	2005-11-02 19:42:38.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/inherit-inter	2006-10-13 18:13:40.000000000 +0200
+@@ -1,4 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
++
++. /etc/easy-rsa/vars
+ 
+ # Build a new PKI which is rooted on an intermediate certificate generated
+ # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/list-crl openvpn-2.0.8/easy-rsa/2.0/list-crl
+--- openvpn-2.0.8_orig/easy-rsa/2.0/list-crl	2006-06-28 08:29:27.000000000 +0200
++++ openvpn-2.0.8/easy-rsa/2.0/list-crl	2006-10-13 18:13:40.000000000 +0200
+@@ -1,4 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
++
++. /etc/easy-rsa/vars
+ 
+ # list revoked certificates
+ 
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/pkitool openvpn-2.0.8/easy-rsa/2.0/pkitool
+--- openvpn-2.0.8_orig/easy-rsa/2.0/pkitool	2006-06-28 08:29:27.000000000 +0200
++++ openvpn-2.0.8/easy-rsa/2.0/pkitool	2006-10-13 18:13:40.000000000 +0200
+@@ -1,5 +1,7 @@
+ #!/bin/sh
+ 
++. /etc/easy-rsa/vars
++
+ #  OpenVPN -- An application to securely tunnel IP networks
+ #             over a single TCP/UDP port, with support for SSL/TLS-based
+ #             session authentication and key exchange,
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full openvpn-2.0.8/easy-rsa/2.0/revoke-full
+--- openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full	2006-06-28 08:29:27.000000000 +0200
++++ openvpn-2.0.8/easy-rsa/2.0/revoke-full	2006-10-13 18:13:40.000000000 +0200
+@@ -1,4 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
++
++. /etc/easy-rsa/vars
+ 
+ # revoke a certificate, regenerate CRL,
+ # and verify revocation
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/sign-req openvpn-2.0.8/easy-rsa/2.0/sign-req
+--- openvpn-2.0.8_orig/easy-rsa/2.0/sign-req	2005-11-02 19:42:39.000000000 +0100
++++ openvpn-2.0.8/easy-rsa/2.0/sign-req	2006-10-13 18:14:32.000000000 +0200
+@@ -1,7 +1,6 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ # Sign a certificate signing request (a .csr file)
+ # with a local root certificate and key.
+ 
+-export EASY_RSA="${EASY_RSA:-.}"
+-"$EASY_RSA/pkitool" --interact --sign $*
++/usr/sbin/pkitool --interact --sign $*
+diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/vars openvpn-2.0.8/easy-rsa/2.0/vars
+--- openvpn-2.0.8_orig/easy-rsa/2.0/vars	2006-06-28 08:29:27.000000000 +0200
++++ openvpn-2.0.8/easy-rsa/2.0/vars	2006-10-13 18:24:03.000000000 +0200
+@@ -12,7 +12,7 @@
+ # This variable should point to
+ # the top level of the easy-rsa
+ # tree.
+-export EASY_RSA="`pwd`"
++export EASY_RSA="/etc/easy-rsa"
+ 
+ #
+ # This variable should point to
+@@ -26,7 +26,7 @@
+ # This variable should point to
+ # the openssl.cnf file included
+ # with easy-rsa.
+-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
++export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
+ 
+ # Edit this variable to point to
+ # your soon-to-be-created key
+@@ -39,7 +39,7 @@
+ export KEY_DIR="$EASY_RSA/keys"
+ 
+ # Issue rm -rf warning
+-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
++echo NOTE: If you run /usr/sbin/clean-all, I will be doing a rm -rf on $KEY_DIR
+ 
+ # Increase this to 2048 if you
+ # are paranoid.  This will slow
-- 
cgit v1.2.3