1 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-ca openvpn-2.0.7/easy-rsa/2.0/build-ca
2 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-ca 2005-11-02 19:42:38.000000000 +0100
3 +++ openvpn-2.0.7/easy-rsa/2.0/build-ca 2006-05-09 17:47:40.000000000 +0200
9 # Build a root certificate
10 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-dh openvpn-2.0.7/easy-rsa/2.0/build-dh
11 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-dh 2005-11-02 19:42:39.000000000 +0100
12 +++ openvpn-2.0.7/easy-rsa/2.0/build-dh 2006-05-09 17:47:40.000000000 +0200
19 # Build Diffie-Hellman parameters for the server side
20 # of an SSL/TLS connection.
21 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-inter openvpn-2.0.7/easy-rsa/2.0/build-inter
22 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-inter 2005-11-02 19:42:39.000000000 +0100
23 +++ openvpn-2.0.7/easy-rsa/2.0/build-inter 2006-05-09 17:47:40.000000000 +0200
28 # Make an intermediate CA certificate/private key pair using a locally generated
30 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key openvpn-2.0.7/easy-rsa/2.0/build-key
31 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key 2005-11-02 19:42:39.000000000 +0100
32 +++ openvpn-2.0.7/easy-rsa/2.0/build-key 2006-05-09 17:47:40.000000000 +0200
37 # Make a certificate/private key pair using a locally generated
39 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pass openvpn-2.0.7/easy-rsa/2.0/build-key-pass
40 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pass 2005-11-02 19:42:39.000000000 +0100
41 +++ openvpn-2.0.7/easy-rsa/2.0/build-key-pass 2006-05-09 17:47:40.000000000 +0200
46 # Similar to build-key, but protect the private key
48 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.7/easy-rsa/2.0/build-key-pkcs12
49 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pkcs12 2005-11-02 19:42:39.000000000 +0100
50 +++ openvpn-2.0.7/easy-rsa/2.0/build-key-pkcs12 2006-05-09 17:47:40.000000000 +0200
55 # Make a certificate/private key pair using a locally generated
56 # root certificate and convert it to a PKCS #12 file including the
57 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key-server openvpn-2.0.7/easy-rsa/2.0/build-key-server
58 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key-server 2005-11-02 19:42:39.000000000 +0100
59 +++ openvpn-2.0.7/easy-rsa/2.0/build-key-server 2006-05-09 17:47:40.000000000 +0200
64 # Make a certificate/private key pair using a locally generated
66 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-req openvpn-2.0.7/easy-rsa/2.0/build-req
67 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-req 2005-11-02 19:42:38.000000000 +0100
68 +++ openvpn-2.0.7/easy-rsa/2.0/build-req 2006-05-09 17:47:40.000000000 +0200
73 # Build a certificate signing request and private key. Use this
74 # when your root certificate and key is not available locally.
75 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-req-pass openvpn-2.0.7/easy-rsa/2.0/build-req-pass
76 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-req-pass 2005-11-02 19:42:39.000000000 +0100
77 +++ openvpn-2.0.7/easy-rsa/2.0/build-req-pass 2006-05-09 17:47:40.000000000 +0200
82 # Like build-req, but protect your private key
84 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/clean-all openvpn-2.0.7/easy-rsa/2.0/clean-all
85 --- openvpn-2.0.7.orig/easy-rsa/2.0/clean-all 2005-11-02 19:42:39.000000000 +0100
86 +++ openvpn-2.0.7/easy-rsa/2.0/clean-all 2006-05-09 17:47:40.000000000 +0200
93 # Initialize the $KEY_DIR directory.
94 # Note that this script does a
95 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/inherit-inter openvpn-2.0.7/easy-rsa/2.0/inherit-inter
96 --- openvpn-2.0.7.orig/easy-rsa/2.0/inherit-inter 2005-11-02 19:42:38.000000000 +0100
97 +++ openvpn-2.0.7/easy-rsa/2.0/inherit-inter 2006-05-09 17:47:40.000000000 +0200
102 +. /etc/easy-rsa/vars
104 # Build a new PKI which is rooted on an intermediate certificate generated
105 # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should
106 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/list-crl openvpn-2.0.7/easy-rsa/2.0/list-crl
107 --- openvpn-2.0.7.orig/easy-rsa/2.0/list-crl 2005-11-02 19:42:39.000000000 +0100
108 +++ openvpn-2.0.7/easy-rsa/2.0/list-crl 2006-05-09 17:47:40.000000000 +0200
113 +. /etc/easy-rsa/vars
115 # list revoked certificates
117 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/pkitool openvpn-2.0.7/easy-rsa/2.0/pkitool
118 --- openvpn-2.0.7.orig/easy-rsa/2.0/pkitool 2005-11-02 19:42:38.000000000 +0100
119 +++ openvpn-2.0.7/easy-rsa/2.0/pkitool 2006-05-09 17:47:40.000000000 +0200
123 +. /etc/easy-rsa/vars
125 # OpenVPN -- An application to securely tunnel IP networks
126 # over a single TCP/UDP port, with support for SSL/TLS-based
127 # session authentication and key exchange,
128 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/revoke-full openvpn-2.0.7/easy-rsa/2.0/revoke-full
129 --- openvpn-2.0.7.orig/easy-rsa/2.0/revoke-full 2005-11-02 19:42:39.000000000 +0100
130 +++ openvpn-2.0.7/easy-rsa/2.0/revoke-full 2006-05-09 17:47:40.000000000 +0200
135 +. /etc/easy-rsa/vars
137 # revoke a certificate, regenerate CRL,
138 # and verify revocation
139 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/sign-req openvpn-2.0.7/easy-rsa/2.0/sign-req
140 --- openvpn-2.0.7.orig/easy-rsa/2.0/sign-req 2005-11-02 19:42:39.000000000 +0100
141 +++ openvpn-2.0.7/easy-rsa/2.0/sign-req 2006-05-09 17:47:40.000000000 +0200
146 # Sign a certificate signing request (a .csr file)
147 # with a local root certificate and key.
148 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/vars openvpn-2.0.7/easy-rsa/2.0/vars
149 --- openvpn-2.0.7.orig/easy-rsa/2.0/vars 2005-11-02 19:42:39.000000000 +0100
150 +++ openvpn-2.0.7/easy-rsa/2.0/vars 2006-05-09 17:47:40.000000000 +0200
152 # This variable should point to
153 # the top level of the easy-rsa
155 -export EASY_RSA="`pwd`"
156 +export EASY_RSA="/etc/easy-rsa"
159 # This variable should point to
161 # This variable should point to
162 # the openssl.cnf file included
164 -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
165 +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
167 # Edit this variable to point to
168 # your soon-to-be-created key
169 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-ca openvpn-2.0.9/easy-rsa/2.0/build-ca
170 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-ca 2007-06-18 01:20:36.000000000 +0200
171 +++ openvpn-2.0.9/easy-rsa/2.0/build-ca 2007-06-18 01:21:07.000000000 +0200
175 export EASY_RSA="${EASY_RSA:-.}"
176 -"$EASY_RSA/pkitool" --interact --initca $*
177 +"/usr/sbin/pkitool" --interact --initca $*
178 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-inter openvpn-2.0.9/easy-rsa/2.0/build-inter
179 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-inter 2007-06-18 01:20:36.000000000 +0200
180 +++ openvpn-2.0.9/easy-rsa/2.0/build-inter 2007-06-18 01:21:19.000000000 +0200
184 export EASY_RSA="${EASY_RSA:-.}"
185 -"$EASY_RSA/pkitool" --interact --inter $*
186 +"/usr/sbin/pkitool" --interact --inter $*
187 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key openvpn-2.0.9/easy-rsa/2.0/build-key
188 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key 2007-06-18 01:20:36.000000000 +0200
189 +++ openvpn-2.0.9/easy-rsa/2.0/build-key 2007-06-18 01:21:32.000000000 +0200
193 export EASY_RSA="${EASY_RSA:-.}"
194 -"$EASY_RSA/pkitool" --interact $*
195 +"/usr/sbin/pkitool" --interact $*
196 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pass openvpn-2.0.9/easy-rsa/2.0/build-key-pass
197 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pass 2007-06-18 01:20:36.000000000 +0200
198 +++ openvpn-2.0.9/easy-rsa/2.0/build-key-pass 2007-06-18 01:21:45.000000000 +0200
202 export EASY_RSA="${EASY_RSA:-.}"
203 -"$EASY_RSA/pkitool" --interact --pass $*
204 +"/usr/sbin/pkitool" --interact --pass $*
205 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.9/easy-rsa/2.0/build-key-pkcs12
206 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pkcs12 2007-06-18 01:20:36.000000000 +0200
207 +++ openvpn-2.0.9/easy-rsa/2.0/build-key-pkcs12 2007-06-18 01:21:57.000000000 +0200
209 # the CA certificate as well.
211 export EASY_RSA="${EASY_RSA:-.}"
212 -"$EASY_RSA/pkitool" --interact --pkcs12 $*
213 +"/usr/sbin/pkitool" --interact --pkcs12 $*
214 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key-server openvpn-2.0.9/easy-rsa/2.0/build-key-server
215 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key-server 2007-06-18 01:20:36.000000000 +0200
216 +++ openvpn-2.0.9/easy-rsa/2.0/build-key-server 2007-06-18 01:22:09.000000000 +0200
218 # extension in the openssl.cnf file.
220 export EASY_RSA="${EASY_RSA:-.}"
221 -"$EASY_RSA/pkitool" --interact --server $*
222 +"/usr/sbin/pkitool" --interact --server $*
223 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-req openvpn-2.0.9/easy-rsa/2.0/build-req
224 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-req 2007-06-18 01:20:36.000000000 +0200
225 +++ openvpn-2.0.9/easy-rsa/2.0/build-req 2007-06-18 01:22:27.000000000 +0200
227 # when your root certificate and key is not available locally.
229 export EASY_RSA="${EASY_RSA:-.}"
230 -"$EASY_RSA/pkitool" --interact --csr $*
231 +"/usr/sbin/pkitool" --interact --csr $*
232 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-req-pass openvpn-2.0.9/easy-rsa/2.0/build-req-pass
233 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-req-pass 2007-06-18 01:20:36.000000000 +0200
234 +++ openvpn-2.0.9/easy-rsa/2.0/build-req-pass 2007-06-18 01:22:38.000000000 +0200
238 export EASY_RSA="${EASY_RSA:-.}"
239 -"$EASY_RSA/pkitool" --interact --csr --pass $*
240 +"/usr/sbin/pkitool" --interact --csr --pass $*
241 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/sign-req openvpn-2.0.9/easy-rsa/2.0/sign-req
242 --- openvpn-2.0.9.orig/easy-rsa/2.0/sign-req 2007-06-18 01:20:36.000000000 +0200
243 +++ openvpn-2.0.9/easy-rsa/2.0/sign-req 2007-06-18 01:22:53.000000000 +0200
245 # with a local root certificate and key.
247 export EASY_RSA="${EASY_RSA:-.}"
248 -"$EASY_RSA/pkitool" --interact --sign $*
249 +"/usr/sbin/pkitool" --interact --sign $*