net/openvpn/patches/001-easy_rsa.patch

   1 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-ca openvpn-2.0.7/easy-rsa/2.0/build-ca
   2 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-ca    2005-11-02 19:42:38.000000000 +0100
   3 +++ openvpn-2.0.7/easy-rsa/2.0/build-ca 2006-05-09 17:47:40.000000000 +0200
   4 @@ -1,4 +1,4 @@
   5 -#!/bin/bash
   6 +#!/bin/sh
   7
   8  #
   9  # Build a root certificate
  10 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-dh openvpn-2.0.7/easy-rsa/2.0/build-dh
  11 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-dh    2005-11-02 19:42:39.000000000 +0100
  12 +++ openvpn-2.0.7/easy-rsa/2.0/build-dh 2006-05-09 17:47:40.000000000 +0200
  13 @@ -1,4 +1,6 @@
  14 -#!/bin/bash
  15 +#!/bin/sh
  16 +
  17 +. /etc/easy-rsa/vars
  18
  19  # Build Diffie-Hellman parameters for the server side
  20  # of an SSL/TLS connection.
  21 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-inter openvpn-2.0.7/easy-rsa/2.0/build-inter
  22 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-inter 2005-11-02 19:42:39.000000000 +0100
  23 +++ openvpn-2.0.7/easy-rsa/2.0/build-inter      2006-05-09 17:47:40.000000000 +0200
  24 @@ -1,4 +1,4 @@
  25 -#!/bin/bash
  26 +#!/bin/sh
  27
  28  # Make an intermediate CA certificate/private key pair using a locally generated
  29  # root certificate.
  30 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key openvpn-2.0.7/easy-rsa/2.0/build-key
  31 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key   2005-11-02 19:42:39.000000000 +0100
  32 +++ openvpn-2.0.7/easy-rsa/2.0/build-key        2006-05-09 17:47:40.000000000 +0200
  33 @@ -1,4 +1,4 @@
  34 -#!/bin/bash
  35 +#!/bin/sh
  36
  37  # Make a certificate/private key pair using a locally generated
  38  # root certificate.
  39 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pass openvpn-2.0.7/easy-rsa/2.0/build-key-pass
  40 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pass      2005-11-02 19:42:39.000000000 +0100
  41 +++ openvpn-2.0.7/easy-rsa/2.0/build-key-pass   2006-05-09 17:47:40.000000000 +0200
  42 @@ -1,4 +1,4 @@
  43 -#!/bin/bash
  44 +#!/bin/sh
  45
  46  # Similar to build-key, but protect the private key
  47  # with a password.
  48 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.7/easy-rsa/2.0/build-key-pkcs12
  49 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key-pkcs12    2005-11-02 19:42:39.000000000 +0100
  50 +++ openvpn-2.0.7/easy-rsa/2.0/build-key-pkcs12 2006-05-09 17:47:40.000000000 +0200
  51 @@ -1,4 +1,4 @@
  52 -#!/bin/bash
  53 +#!/bin/sh
  54
  55  # Make a certificate/private key pair using a locally generated
  56  # root certificate and convert it to a PKCS #12 file including the
  57 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-key-server openvpn-2.0.7/easy-rsa/2.0/build-key-server
  58 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-key-server    2005-11-02 19:42:39.000000000 +0100
  59 +++ openvpn-2.0.7/easy-rsa/2.0/build-key-server 2006-05-09 17:47:40.000000000 +0200
  60 @@ -1,4 +1,4 @@
  61 -#!/bin/bash
  62 +#!/bin/sh
  63
  64  # Make a certificate/private key pair using a locally generated
  65  # root certificate.
  66 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-req openvpn-2.0.7/easy-rsa/2.0/build-req
  67 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-req   2005-11-02 19:42:38.000000000 +0100
  68 +++ openvpn-2.0.7/easy-rsa/2.0/build-req        2006-05-09 17:47:40.000000000 +0200
  69 @@ -1,4 +1,4 @@
  70 -#!/bin/bash
  71 +#!/bin/sh
  72
  73  # Build a certificate signing request and private key.  Use this
  74  # when your root certificate and key is not available locally.
  75 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/build-req-pass openvpn-2.0.7/easy-rsa/2.0/build-req-pass
  76 --- openvpn-2.0.7.orig/easy-rsa/2.0/build-req-pass      2005-11-02 19:42:39.000000000 +0100
  77 +++ openvpn-2.0.7/easy-rsa/2.0/build-req-pass   2006-05-09 17:47:40.000000000 +0200
  78 @@ -1,4 +1,4 @@
  79 -#!/bin/bash
  80 +#!/bin/sh
  81
  82  # Like build-req, but protect your private key
  83  # with a password.
  84 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/clean-all openvpn-2.0.7/easy-rsa/2.0/clean-all
  85 --- openvpn-2.0.7.orig/easy-rsa/2.0/clean-all   2005-11-02 19:42:39.000000000 +0100
  86 +++ openvpn-2.0.7/easy-rsa/2.0/clean-all        2006-05-09 17:47:40.000000000 +0200
  87 @@ -1,4 +1,6 @@
  88 -#!/bin/bash
  89 +#!/bin/sh
  90 +
  91 +. /etc/easy-rsa/vars
  92
  93  # Initialize the $KEY_DIR directory.
  94  # Note that this script does a
  95 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/inherit-inter openvpn-2.0.7/easy-rsa/2.0/inherit-inter
  96 --- openvpn-2.0.7.orig/easy-rsa/2.0/inherit-inter       2005-11-02 19:42:38.000000000 +0100
  97 +++ openvpn-2.0.7/easy-rsa/2.0/inherit-inter    2006-05-09 17:47:40.000000000 +0200
  98 @@ -1,4 +1,6 @@
  99 -#!/bin/bash
 100 +#!/bin/sh
 101 +
 102 +. /etc/easy-rsa/vars
 103
 104  # Build a new PKI which is rooted on an intermediate certificate generated
 105  # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
 106 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/list-crl openvpn-2.0.7/easy-rsa/2.0/list-crl
 107 --- openvpn-2.0.7.orig/easy-rsa/2.0/list-crl    2005-11-02 19:42:39.000000000 +0100
 108 +++ openvpn-2.0.7/easy-rsa/2.0/list-crl 2006-05-09 17:47:40.000000000 +0200
 109 @@ -1,4 +1,6 @@
 110 -#!/bin/bash
 111 +#!/bin/sh
 112 +
 113 +. /etc/easy-rsa/vars
 114
 115  # list revoked certificates
 116
 117 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/pkitool openvpn-2.0.7/easy-rsa/2.0/pkitool
 118 --- openvpn-2.0.7.orig/easy-rsa/2.0/pkitool     2005-11-02 19:42:38.000000000 +0100
 119 +++ openvpn-2.0.7/easy-rsa/2.0/pkitool  2006-05-09 17:47:40.000000000 +0200
 120 @@ -1,5 +1,7 @@
 121  #!/bin/sh
 122
 123 +. /etc/easy-rsa/vars
 124 +
 125  #  OpenVPN -- An application to securely tunnel IP networks
 126  #             over a single TCP/UDP port, with support for SSL/TLS-based
 127  #             session authentication and key exchange,
 128 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/revoke-full openvpn-2.0.7/easy-rsa/2.0/revoke-full
 129 --- openvpn-2.0.7.orig/easy-rsa/2.0/revoke-full 2005-11-02 19:42:39.000000000 +0100
 130 +++ openvpn-2.0.7/easy-rsa/2.0/revoke-full      2006-05-09 17:47:40.000000000 +0200
 131 @@ -1,4 +1,6 @@
 132 -#!/bin/bash
 133 +#!/bin/sh
 134 +
 135 +. /etc/easy-rsa/vars
 136
 137  # revoke a certificate, regenerate CRL,
 138  # and verify revocation
 139 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/sign-req openvpn-2.0.7/easy-rsa/2.0/sign-req
 140 --- openvpn-2.0.7.orig/easy-rsa/2.0/sign-req    2005-11-02 19:42:39.000000000 +0100
 141 +++ openvpn-2.0.7/easy-rsa/2.0/sign-req 2006-05-09 17:47:40.000000000 +0200
 142 @@ -1,4 +1,4 @@
 143 -#!/bin/bash
 144 +#!/bin/sh
 145
 146  # Sign a certificate signing request (a .csr file)
 147  # with a local root certificate and key.
 148 diff -ur openvpn-2.0.7.orig/easy-rsa/2.0/vars openvpn-2.0.7/easy-rsa/2.0/vars
 149 --- openvpn-2.0.7.orig/easy-rsa/2.0/vars        2005-11-02 19:42:39.000000000 +0100
 150 +++ openvpn-2.0.7/easy-rsa/2.0/vars     2006-05-09 17:47:40.000000000 +0200
 151 @@ -12,7 +12,7 @@
 152  # This variable should point to
 153  # the top level of the easy-rsa
 154  # tree.
 155 -export EASY_RSA="`pwd`"
 156 +export EASY_RSA="/etc/easy-rsa"
 157
 158  #
 159  # This variable should point to
 160 @@ -26,7 +26,7 @@
 161  # This variable should point to
 162  # the openssl.cnf file included
 163  # with easy-rsa.
 164 -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
 165 +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
 166
 167  # Edit this variable to point to
 168  # your soon-to-be-created key
 169 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-ca openvpn-2.0.9/easy-rsa/2.0/build-ca
 170 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-ca    2007-06-18 01:20:36.000000000 +0200
 171 +++ openvpn-2.0.9/easy-rsa/2.0/build-ca 2007-06-18 01:21:07.000000000 +0200
 172 @@ -5,4 +5,4 @@
 173  #
 174
 175  export EASY_RSA="${EASY_RSA:-.}"
 176 -"$EASY_RSA/pkitool" --interact --initca $*
 177 +"/usr/sbin/pkitool" --interact --initca $*
 178 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-inter openvpn-2.0.9/easy-rsa/2.0/build-inter
 179 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-inter 2007-06-18 01:20:36.000000000 +0200
 180 +++ openvpn-2.0.9/easy-rsa/2.0/build-inter      2007-06-18 01:21:19.000000000 +0200
 181 @@ -4,4 +4,4 @@
 182  # root certificate.
 183
 184  export EASY_RSA="${EASY_RSA:-.}"
 185 -"$EASY_RSA/pkitool" --interact --inter $*
 186 +"/usr/sbin/pkitool" --interact --inter $*
 187 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key openvpn-2.0.9/easy-rsa/2.0/build-key
 188 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key   2007-06-18 01:20:36.000000000 +0200
 189 +++ openvpn-2.0.9/easy-rsa/2.0/build-key        2007-06-18 01:21:32.000000000 +0200
 190 @@ -4,4 +4,4 @@
 191  # root certificate.
 192
 193  export EASY_RSA="${EASY_RSA:-.}"
 194 -"$EASY_RSA/pkitool" --interact $*
 195 +"/usr/sbin/pkitool" --interact $*
 196 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pass openvpn-2.0.9/easy-rsa/2.0/build-key-pass
 197 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pass      2007-06-18 01:20:36.000000000 +0200
 198 +++ openvpn-2.0.9/easy-rsa/2.0/build-key-pass   2007-06-18 01:21:45.000000000 +0200
 199 @@ -4,4 +4,4 @@
 200  # with a password.
 201
 202  export EASY_RSA="${EASY_RSA:-.}"
 203 -"$EASY_RSA/pkitool" --interact --pass $*
 204 +"/usr/sbin/pkitool" --interact --pass $*
 205 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.9/easy-rsa/2.0/build-key-pkcs12
 206 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key-pkcs12    2007-06-18 01:20:36.000000000 +0200
 207 +++ openvpn-2.0.9/easy-rsa/2.0/build-key-pkcs12 2007-06-18 01:21:57.000000000 +0200
 208 @@ -5,4 +5,4 @@
 209  # the CA certificate as well.
 210
 211  export EASY_RSA="${EASY_RSA:-.}"
 212 -"$EASY_RSA/pkitool" --interact --pkcs12 $*
 213 +"/usr/sbin/pkitool" --interact --pkcs12 $*
 214 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-key-server openvpn-2.0.9/easy-rsa/2.0/build-key-server
 215 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-key-server    2007-06-18 01:20:36.000000000 +0200
 216 +++ openvpn-2.0.9/easy-rsa/2.0/build-key-server 2007-06-18 01:22:09.000000000 +0200
 217 @@ -7,4 +7,4 @@
 218  # extension in the openssl.cnf file.
 219
 220  export EASY_RSA="${EASY_RSA:-.}"
 221 -"$EASY_RSA/pkitool" --interact --server $*
 222 +"/usr/sbin/pkitool" --interact --server $*
 223 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-req openvpn-2.0.9/easy-rsa/2.0/build-req
 224 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-req   2007-06-18 01:20:36.000000000 +0200
 225 +++ openvpn-2.0.9/easy-rsa/2.0/build-req        2007-06-18 01:22:27.000000000 +0200
 226 @@ -4,4 +4,4 @@
 227  # when your root certificate and key is not available locally.
 228
 229  export EASY_RSA="${EASY_RSA:-.}"
 230 -"$EASY_RSA/pkitool" --interact --csr $*
 231 +"/usr/sbin/pkitool" --interact --csr $*
 232 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/build-req-pass openvpn-2.0.9/easy-rsa/2.0/build-req-pass
 233 --- openvpn-2.0.9.orig/easy-rsa/2.0/build-req-pass      2007-06-18 01:20:36.000000000 +0200
 234 +++ openvpn-2.0.9/easy-rsa/2.0/build-req-pass   2007-06-18 01:22:38.000000000 +0200
 235 @@ -4,4 +4,4 @@
 236  # with a password.
 237
 238  export EASY_RSA="${EASY_RSA:-.}"
 239 -"$EASY_RSA/pkitool" --interact --csr --pass $*
 240 +"/usr/sbin/pkitool" --interact --csr --pass $*
 241 diff -urN openvpn-2.0.9.orig/easy-rsa/2.0/sign-req openvpn-2.0.9/easy-rsa/2.0/sign-req
 242 --- openvpn-2.0.9.orig/easy-rsa/2.0/sign-req    2007-06-18 01:20:36.000000000 +0200
 243 +++ openvpn-2.0.9/easy-rsa/2.0/sign-req 2007-06-18 01:22:53.000000000 +0200
 244 @@ -4,4 +4,4 @@
 245  # with a local root certificate and key.
 246
 247  export EASY_RSA="${EASY_RSA:-.}"
 248 -"$EASY_RSA/pkitool" --interact --sign $*
 249 +"/usr/sbin/pkitool" --interact --sign $*