diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-ca openvpn-2.0.8/easy-rsa/2.0/build-ca --- openvpn-2.0.8_orig/easy-rsa/2.0/build-ca 2005-11-02 19:42:38.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-ca 2006-10-13 18:14:32.000000000 +0200 @@ -1,8 +1,7 @@ -#!/bin/bash +#!/bin/sh # # Build a root certificate # -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --initca $* +/usr/sbin/pkitool --interact --initca $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-dh openvpn-2.0.8/easy-rsa/2.0/build-dh --- openvpn-2.0.8_orig/easy-rsa/2.0/build-dh 2006-06-28 08:29:27.000000000 +0200 +++ openvpn-2.0.8/easy-rsa/2.0/build-dh 2006-10-13 18:13:40.000000000 +0200 @@ -1,4 +1,6 @@ -#!/bin/bash +#!/bin/sh + +. /etc/easy-rsa/vars # Build Diffie-Hellman parameters for the server side # of an SSL/TLS connection. diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-inter openvpn-2.0.8/easy-rsa/2.0/build-inter --- openvpn-2.0.8_orig/easy-rsa/2.0/build-inter 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-inter 2006-10-13 18:14:32.000000000 +0200 @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh # Make an intermediate CA certificate/private key pair using a locally generated # root certificate. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --inter $* +/usr/sbin/pkitool --interact --inter $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key openvpn-2.0.8/easy-rsa/2.0/build-key --- openvpn-2.0.8_orig/easy-rsa/2.0/build-key 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-key 2006-10-13 18:14:32.000000000 +0200 @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh # Make a certificate/private key pair using a locally generated # root certificate. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact $* +/usr/sbin/pkitool --interact $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass openvpn-2.0.8/easy-rsa/2.0/build-key-pass --- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-key-pass 2006-10-13 18:14:32.000000000 +0200 @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh # Similar to build-key, but protect the private key # with a password. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --pass $* +/usr/sbin/pkitool --interact --pass $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12 --- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12 2006-10-13 18:14:32.000000000 +0200 @@ -1,8 +1,7 @@ -#!/bin/bash +#!/bin/sh # Make a certificate/private key pair using a locally generated # root certificate and convert it to a PKCS #12 file including the # the CA certificate as well. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --pkcs12 $* +/usr/sbin/pkitool --interact --pkcs12 $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server openvpn-2.0.8/easy-rsa/2.0/build-key-server --- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-key-server 2006-10-13 18:14:32.000000000 +0200 @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # Make a certificate/private key pair using a locally generated # root certificate. @@ -6,5 +6,4 @@ # Explicitly set nsCertType to server using the "server" # extension in the openssl.cnf file. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --server $* +/usr/sbin/pkitool --interact --server $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req openvpn-2.0.8/easy-rsa/2.0/build-req --- openvpn-2.0.8_orig/easy-rsa/2.0/build-req 2005-11-02 19:42:38.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-req 2006-10-13 18:14:32.000000000 +0200 @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh # Build a certificate signing request and private key. Use this # when your root certificate and key is not available locally. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --csr $* +/usr/sbin/pkitool --interact --csr $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass openvpn-2.0.8/easy-rsa/2.0/build-req-pass --- openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/build-req-pass 2006-10-13 18:14:32.000000000 +0200 @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh # Like build-req, but protect your private key # with a password. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --csr --pass $* +/usr/sbin/pkitool --interact --csr --pass $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/clean-all openvpn-2.0.8/easy-rsa/2.0/clean-all --- openvpn-2.0.8_orig/easy-rsa/2.0/clean-all 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/clean-all 2006-10-13 18:13:40.000000000 +0200 @@ -1,4 +1,6 @@ -#!/bin/bash +#!/bin/sh + +. /etc/easy-rsa/vars # Initialize the $KEY_DIR directory. # Note that this script does a diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter openvpn-2.0.8/easy-rsa/2.0/inherit-inter --- openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter 2005-11-02 19:42:38.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/inherit-inter 2006-10-13 18:13:40.000000000 +0200 @@ -1,4 +1,6 @@ -#!/bin/bash +#!/bin/sh + +. /etc/easy-rsa/vars # Build a new PKI which is rooted on an intermediate certificate generated # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/list-crl openvpn-2.0.8/easy-rsa/2.0/list-crl --- openvpn-2.0.8_orig/easy-rsa/2.0/list-crl 2006-06-28 08:29:27.000000000 +0200 +++ openvpn-2.0.8/easy-rsa/2.0/list-crl 2006-10-13 18:13:40.000000000 +0200 @@ -1,4 +1,6 @@ -#!/bin/bash +#!/bin/sh + +. /etc/easy-rsa/vars # list revoked certificates diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/pkitool openvpn-2.0.8/easy-rsa/2.0/pkitool --- openvpn-2.0.8_orig/easy-rsa/2.0/pkitool 2006-06-28 08:29:27.000000000 +0200 +++ openvpn-2.0.8/easy-rsa/2.0/pkitool 2006-10-13 18:13:40.000000000 +0200 @@ -1,5 +1,7 @@ #!/bin/sh +. /etc/easy-rsa/vars + # OpenVPN -- An application to securely tunnel IP networks # over a single TCP/UDP port, with support for SSL/TLS-based # session authentication and key exchange, diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full openvpn-2.0.8/easy-rsa/2.0/revoke-full --- openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full 2006-06-28 08:29:27.000000000 +0200 +++ openvpn-2.0.8/easy-rsa/2.0/revoke-full 2006-10-13 18:13:40.000000000 +0200 @@ -1,4 +1,6 @@ -#!/bin/bash +#!/bin/sh + +. /etc/easy-rsa/vars # revoke a certificate, regenerate CRL, # and verify revocation diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/sign-req openvpn-2.0.8/easy-rsa/2.0/sign-req --- openvpn-2.0.8_orig/easy-rsa/2.0/sign-req 2005-11-02 19:42:39.000000000 +0100 +++ openvpn-2.0.8/easy-rsa/2.0/sign-req 2006-10-13 18:14:32.000000000 +0200 @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh # Sign a certificate signing request (a .csr file) # with a local root certificate and key. -export EASY_RSA="${EASY_RSA:-.}" -"$EASY_RSA/pkitool" --interact --sign $* +/usr/sbin/pkitool --interact --sign $* diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/vars openvpn-2.0.8/easy-rsa/2.0/vars --- openvpn-2.0.8_orig/easy-rsa/2.0/vars 2006-06-28 08:29:27.000000000 +0200 +++ openvpn-2.0.8/easy-rsa/2.0/vars 2006-10-13 18:24:03.000000000 +0200 @@ -12,7 +12,7 @@ # This variable should point to # the top level of the easy-rsa # tree. -export EASY_RSA="`pwd`" +export EASY_RSA="/etc/easy-rsa" # # This variable should point to @@ -26,7 +26,7 @@ # This variable should point to # the openssl.cnf file included # with easy-rsa. -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA` # Edit this variable to point to # your soon-to-be-created key @@ -39,7 +39,7 @@ export KEY_DIR="$EASY_RSA/keys" # Issue rm -rf warning -echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR +echo NOTE: If you run /usr/sbin/clean-all, I will be doing a rm -rf on $KEY_DIR # Increase this to 2048 if you # are paranoid. This will slow