1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
|
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-ca openvpn-2.0.8/easy-rsa/2.0/build-ca
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-ca 2005-11-02 19:42:38.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-ca 2006-10-13 18:14:32.000000000 +0200
@@ -1,8 +1,7 @@
-#!/bin/bash
+#!/bin/sh
#
# Build a root certificate
#
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --initca $*
+/usr/sbin/pkitool --interact --initca $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-dh openvpn-2.0.8/easy-rsa/2.0/build-dh
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-dh 2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/build-dh 2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
# Build Diffie-Hellman parameters for the server side
# of an SSL/TLS connection.
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-inter openvpn-2.0.8/easy-rsa/2.0/build-inter
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-inter 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-inter 2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
# Make an intermediate CA certificate/private key pair using a locally generated
# root certificate.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --inter $*
+/usr/sbin/pkitool --interact --inter $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key openvpn-2.0.8/easy-rsa/2.0/build-key
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key 2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
# Make a certificate/private key pair using a locally generated
# root certificate.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact $*
+/usr/sbin/pkitool --interact $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass openvpn-2.0.8/easy-rsa/2.0/build-key-pass
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key-pass 2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
# Similar to build-key, but protect the private key
# with a password.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pass $*
+/usr/sbin/pkitool --interact --pass $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12 2006-10-13 18:14:32.000000000 +0200
@@ -1,8 +1,7 @@
-#!/bin/bash
+#!/bin/sh
# Make a certificate/private key pair using a locally generated
# root certificate and convert it to a PKCS #12 file including the
# the CA certificate as well.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pkcs12 $*
+/usr/sbin/pkitool --interact --pkcs12 $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server openvpn-2.0.8/easy-rsa/2.0/build-key-server
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-key-server 2006-10-13 18:14:32.000000000 +0200
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
# Make a certificate/private key pair using a locally generated
# root certificate.
@@ -6,5 +6,4 @@
# Explicitly set nsCertType to server using the "server"
# extension in the openssl.cnf file.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --server $*
+/usr/sbin/pkitool --interact --server $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req openvpn-2.0.8/easy-rsa/2.0/build-req
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req 2005-11-02 19:42:38.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-req 2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
# Build a certificate signing request and private key. Use this
# when your root certificate and key is not available locally.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr $*
+/usr/sbin/pkitool --interact --csr $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass openvpn-2.0.8/easy-rsa/2.0/build-req-pass
--- openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/build-req-pass 2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
# Like build-req, but protect your private key
# with a password.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr --pass $*
+/usr/sbin/pkitool --interact --csr --pass $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/clean-all openvpn-2.0.8/easy-rsa/2.0/clean-all
--- openvpn-2.0.8_orig/easy-rsa/2.0/clean-all 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/clean-all 2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
# Initialize the $KEY_DIR directory.
# Note that this script does a
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter openvpn-2.0.8/easy-rsa/2.0/inherit-inter
--- openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter 2005-11-02 19:42:38.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/inherit-inter 2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
# Build a new PKI which is rooted on an intermediate certificate generated
# by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/list-crl openvpn-2.0.8/easy-rsa/2.0/list-crl
--- openvpn-2.0.8_orig/easy-rsa/2.0/list-crl 2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/list-crl 2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
# list revoked certificates
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/pkitool openvpn-2.0.8/easy-rsa/2.0/pkitool
--- openvpn-2.0.8_orig/easy-rsa/2.0/pkitool 2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/pkitool 2006-10-13 18:13:40.000000000 +0200
@@ -1,5 +1,7 @@
#!/bin/sh
+. /etc/easy-rsa/vars
+
# OpenVPN -- An application to securely tunnel IP networks
# over a single TCP/UDP port, with support for SSL/TLS-based
# session authentication and key exchange,
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full openvpn-2.0.8/easy-rsa/2.0/revoke-full
--- openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full 2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/revoke-full 2006-10-13 18:13:40.000000000 +0200
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+. /etc/easy-rsa/vars
# revoke a certificate, regenerate CRL,
# and verify revocation
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/sign-req openvpn-2.0.8/easy-rsa/2.0/sign-req
--- openvpn-2.0.8_orig/easy-rsa/2.0/sign-req 2005-11-02 19:42:39.000000000 +0100
+++ openvpn-2.0.8/easy-rsa/2.0/sign-req 2006-10-13 18:14:32.000000000 +0200
@@ -1,7 +1,6 @@
-#!/bin/bash
+#!/bin/sh
# Sign a certificate signing request (a .csr file)
# with a local root certificate and key.
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --sign $*
+/usr/sbin/pkitool --interact --sign $*
diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/vars openvpn-2.0.8/easy-rsa/2.0/vars
--- openvpn-2.0.8_orig/easy-rsa/2.0/vars 2006-06-28 08:29:27.000000000 +0200
+++ openvpn-2.0.8/easy-rsa/2.0/vars 2006-10-13 18:24:03.000000000 +0200
@@ -12,7 +12,7 @@
# This variable should point to
# the top level of the easy-rsa
# tree.
-export EASY_RSA="`pwd`"
+export EASY_RSA="/etc/easy-rsa"
#
# This variable should point to
@@ -26,7 +26,7 @@
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
+export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
# Edit this variable to point to
# your soon-to-be-created key
@@ -39,7 +39,7 @@
export KEY_DIR="$EASY_RSA/keys"
# Issue rm -rf warning
-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
+echo NOTE: If you run /usr/sbin/clean-all, I will be doing a rm -rf on $KEY_DIR
# Increase this to 2048 if you
# are paranoid. This will slow
|
