summaryrefslogtreecommitdiff
path: root/package/openvpn/patches/easy-rsa.patch
blob: 957fe336eb275c716c2fbe53e0cf59234fdd947e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-ca openvpn-2.0.8/easy-rsa/2.0/build-ca
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-ca	2005-11-02 19:42:38.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-ca	2006-10-13 18:14:32.000000000 +0200
@@ -1,8 +1,7 @@
-#!/bin/bash
+#!/bin/sh
 
 #
 # Build a root certificate
 #
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --initca $*
+/usr/sbin/pkitool --interact --initca $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-dh openvpn-2.0.8/easy-rsa/2.0/build-dh
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-dh	2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/build-dh	2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
 
 # Build Diffie-Hellman parameters for the server side
 # of an SSL/TLS connection.
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-inter openvpn-2.0.8/easy-rsa/2.0/build-inter
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-inter	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-inter	2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
 
 # Make an intermediate CA certificate/private key pair using a locally generated
 # root certificate.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --inter $*
+/usr/sbin/pkitool --interact --inter $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key openvpn-2.0.8/easy-rsa/2.0/build-key
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key	2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
 
 # Make a certificate/private key pair using a locally generated
 # root certificate.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact $*
+/usr/sbin/pkitool --interact $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass openvpn-2.0.8/easy-rsa/2.0/build-key-pass
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key-pass	2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
 
 # Similar to build-key, but protect the private key
 # with a password.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pass $*
+/usr/sbin/pkitool --interact --pass $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12	2006-10-13 18:14:32.000000000 +0200
@@ -1,8 +1,7 @@
-#!/bin/bash
+#!/bin/sh
 
 # Make a certificate/private key pair using a locally generated
 # root certificate and convert it to a PKCS #12 file including the
 # the CA certificate as well.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pkcs12 $*
+/usr/sbin/pkitool --interact --pkcs12 $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server openvpn-2.0.8/easy-rsa/2.0/build-key-server
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key-server	2006-10-13 18:14:32.000000000 +0200
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 # Make a certificate/private key pair using a locally generated
 # root certificate.
@@ -6,5 +6,4 @@
 # Explicitly set nsCertType to server using the "server"
 # extension in the openssl.cnf file.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --server $*
+/usr/sbin/pkitool --interact --server $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req openvpn-2.0.8/easy-rsa/2.0/build-req
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req	2005-11-02 19:42:38.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-req	2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
 
 # Build a certificate signing request and private key.  Use this
 # when your root certificate and key is not available locally.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr $*
+/usr/sbin/pkitool --interact --csr $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass openvpn-2.0.8/easy-rsa/2.0/build-req-pass
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-req-pass	2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
 
 # Like build-req, but protect your private key
 # with a password.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr --pass $*
+/usr/sbin/pkitool --interact --csr --pass $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/clean-all openvpn-2.0.8/easy-rsa/2.0/clean-all
--- openvpn-2.0.8_orig/easy-rsa/2.0/clean-all	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/clean-all	2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
 
 # Initialize the $KEY_DIR directory.
 # Note that this script does a
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter openvpn-2.0.8/easy-rsa/2.0/inherit-inter
--- openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter	2005-11-02 19:42:38.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/inherit-inter	2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
 
 # Build a new PKI which is rooted on an intermediate certificate generated
 # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/list-crl openvpn-2.0.8/easy-rsa/2.0/list-crl
--- openvpn-2.0.8_orig/easy-rsa/2.0/list-crl	2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/list-crl	2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
 
 # list revoked certificates
 
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/pkitool openvpn-2.0.8/easy-rsa/2.0/pkitool
--- openvpn-2.0.8_orig/easy-rsa/2.0/pkitool	2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/pkitool	2006-10-13 18:13:40.000000000 +0200
@@ -1,5 +1,7 @@
 #!/bin/sh
 
+. /etc/easy-rsa/vars
+
 #  OpenVPN -- An application to securely tunnel IP networks
 #             over a single TCP/UDP port, with support for SSL/TLS-based
 #             session authentication and key exchange,
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full openvpn-2.0.8/easy-rsa/2.0/revoke-full
--- openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full	2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/revoke-full	2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
 
 # revoke a certificate, regenerate CRL,
 # and verify revocation
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/sign-req openvpn-2.0.8/easy-rsa/2.0/sign-req
--- openvpn-2.0.8_orig/easy-rsa/2.0/sign-req	2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/sign-req	2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
 
 # Sign a certificate signing request (a .csr file)
 # with a local root certificate and key.
 
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --sign $*
+/usr/sbin/pkitool --interact --sign $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/vars openvpn-2.0.8/easy-rsa/2.0/vars
--- openvpn-2.0.8_orig/easy-rsa/2.0/vars	2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/vars	2006-10-13 18:24:03.000000000 +0200
@@ -12,7 +12,7 @@
 # This variable should point to
 # the top level of the easy-rsa
 # tree.
-export EASY_RSA="`pwd`"
+export EASY_RSA="/etc/easy-rsa"
 
 #
 # This variable should point to
@@ -26,7 +26,7 @@
 # This variable should point to
 # the openssl.cnf file included
 # with easy-rsa.
-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
+export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
 
 # Edit this variable to point to
 # your soon-to-be-created key
@@ -39,7 +39,7 @@
 export KEY_DIR="$EASY_RSA/keys"
 
 # Issue rm -rf warning
-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
+echo NOTE: If you run /usr/sbin/clean-all, I will be doing a rm -rf on $KEY_DIR
 
 # Increase this to 2048 if you
 # are paranoid.  This will slow