net/openvpn/patches/001-easy_rsa.patch

   1 --- a/easy-rsa/2.0/build-ca
   2 +++ b/easy-rsa/2.0/build-ca
   3 @@ -1,8 +1,8 @@
   4 -#!/bin/bash
   5 +#!/bin/sh
   6
   7  #
   8  # Build a root certificate
   9  #
  10
  11  export EASY_RSA="${EASY_RSA:-.}"
  12 -"$EASY_RSA/pkitool" --interact --initca $*
  13 +"/usr/sbin/pkitool" --interact --initca $*
  14 --- a/easy-rsa/2.0/build-dh
  15 +++ b/easy-rsa/2.0/build-dh
  16 @@ -1,4 +1,6 @@
  17 -#!/bin/bash
  18 +#!/bin/sh
  19 +
  20 +. /etc/easy-rsa/vars
  21
  22  # Build Diffie-Hellman parameters for the server side
  23  # of an SSL/TLS connection.
  24 --- a/easy-rsa/2.0/build-inter
  25 +++ b/easy-rsa/2.0/build-inter
  26 @@ -1,7 +1,7 @@
  27 -#!/bin/bash
  28 +#!/bin/sh
  29
  30  # Make an intermediate CA certificate/private key pair using a locally generated
  31  # root certificate.
  32
  33  export EASY_RSA="${EASY_RSA:-.}"
  34 -"$EASY_RSA/pkitool" --interact --inter $*
  35 +"/usr/sbin/pkitool" --interact --inter $*
  36 --- a/easy-rsa/2.0/build-key
  37 +++ b/easy-rsa/2.0/build-key
  38 @@ -1,7 +1,7 @@
  39 -#!/bin/bash
  40 +#!/bin/sh
  41
  42  # Make a certificate/private key pair using a locally generated
  43  # root certificate.
  44
  45  export EASY_RSA="${EASY_RSA:-.}"
  46 -"$EASY_RSA/pkitool" --interact $*
  47 +"/usr/sbin/pkitool" --interact $*
  48 --- a/easy-rsa/2.0/build-key-pass
  49 +++ b/easy-rsa/2.0/build-key-pass
  50 @@ -1,7 +1,7 @@
  51 -#!/bin/bash
  52 +#!/bin/sh
  53
  54  # Similar to build-key, but protect the private key
  55  # with a password.
  56
  57  export EASY_RSA="${EASY_RSA:-.}"
  58 -"$EASY_RSA/pkitool" --interact --pass $*
  59 +"/usr/sbin/pkitool" --interact --pass $*
  60 --- a/easy-rsa/2.0/build-key-pkcs12
  61 +++ b/easy-rsa/2.0/build-key-pkcs12
  62 @@ -1,8 +1,8 @@
  63 -#!/bin/bash
  64 +#!/bin/sh
  65
  66  # Make a certificate/private key pair using a locally generated
  67  # root certificate and convert it to a PKCS #12 file including the
  68  # the CA certificate as well.
  69
  70  export EASY_RSA="${EASY_RSA:-.}"
  71 -"$EASY_RSA/pkitool" --interact --pkcs12 $*
  72 +"/usr/sbin/pkitool" --interact --pkcs12 $*
  73 --- a/easy-rsa/2.0/build-key-server
  74 +++ b/easy-rsa/2.0/build-key-server
  75 @@ -1,4 +1,4 @@
  76 -#!/bin/bash
  77 +#!/bin/sh
  78
  79  # Make a certificate/private key pair using a locally generated
  80  # root certificate.
  81 @@ -7,4 +7,4 @@
  82  # extension in the openssl.cnf file.
  83
  84  export EASY_RSA="${EASY_RSA:-.}"
  85 -"$EASY_RSA/pkitool" --interact --server $*
  86 +"/usr/sbin/pkitool" --interact --server $*
  87 --- a/easy-rsa/2.0/build-req
  88 +++ b/easy-rsa/2.0/build-req
  89 @@ -1,7 +1,7 @@
  90 -#!/bin/bash
  91 +#!/bin/sh
  92
  93  # Build a certificate signing request and private key.  Use this
  94  # when your root certificate and key is not available locally.
  95
  96  export EASY_RSA="${EASY_RSA:-.}"
  97 -"$EASY_RSA/pkitool" --interact --csr $*
  98 +"/usr/sbin/pkitool" --interact --csr $*
  99 --- a/easy-rsa/2.0/build-req-pass
 100 +++ b/easy-rsa/2.0/build-req-pass
 101 @@ -1,7 +1,7 @@
 102 -#!/bin/bash
 103 +#!/bin/sh
 104
 105  # Like build-req, but protect your private key
 106  # with a password.
 107
 108  export EASY_RSA="${EASY_RSA:-.}"
 109 -"$EASY_RSA/pkitool" --interact --csr --pass $*
 110 +"/usr/sbin/pkitool" --interact --csr --pass $*
 111 --- a/easy-rsa/2.0/clean-all
 112 +++ b/easy-rsa/2.0/clean-all
 113 @@ -1,4 +1,6 @@
 114 -#!/bin/bash
 115 +#!/bin/sh
 116 +
 117 +. /etc/easy-rsa/vars
 118
 119  # Initialize the $KEY_DIR directory.
 120  # Note that this script does a
 121 --- a/easy-rsa/2.0/inherit-inter
 122 +++ b/easy-rsa/2.0/inherit-inter
 123 @@ -1,4 +1,6 @@
 124 -#!/bin/bash
 125 +#!/bin/sh
 126 +
 127 +. /etc/easy-rsa/vars
 128
 129  # Build a new PKI which is rooted on an intermediate certificate generated
 130  # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
 131 --- a/easy-rsa/2.0/list-crl
 132 +++ b/easy-rsa/2.0/list-crl
 133 @@ -1,4 +1,6 @@
 134 -#!/bin/bash
 135 +#!/bin/sh
 136 +
 137 +. /etc/easy-rsa/vars
 138
 139  # list revoked certificates
 140
 141 --- a/easy-rsa/2.0/pkitool
 142 +++ b/easy-rsa/2.0/pkitool
 143 @@ -1,5 +1,7 @@
 144  #!/bin/sh
 145
 146 +. /etc/easy-rsa/vars
 147 +
 148  #  OpenVPN -- An application to securely tunnel IP networks
 149  #             over a single TCP/UDP port, with support for SSL/TLS-based
 150  #             session authentication and key exchange,
 151 --- a/easy-rsa/2.0/revoke-full
 152 +++ b/easy-rsa/2.0/revoke-full
 153 @@ -1,4 +1,6 @@
 154 -#!/bin/bash
 155 +#!/bin/sh
 156 +
 157 +. /etc/easy-rsa/vars
 158
 159  # revoke a certificate, regenerate CRL,
 160  # and verify revocation
 161 --- a/easy-rsa/2.0/sign-req
 162 +++ b/easy-rsa/2.0/sign-req
 163 @@ -1,7 +1,7 @@
 164 -#!/bin/bash
 165 +#!/bin/sh
 166
 167  # Sign a certificate signing request (a .csr file)
 168  # with a local root certificate and key.
 169
 170  export EASY_RSA="${EASY_RSA:-.}"
 171 -"$EASY_RSA/pkitool" --interact --sign $*
 172 +"/usr/sbin/pkitool" --interact --sign $*
 173 --- a/easy-rsa/2.0/vars
 174 +++ b/easy-rsa/2.0/vars
 175 @@ -12,7 +12,7 @@
 176  # This variable should point to
 177  # the top level of the easy-rsa
 178  # tree.
 179 -export EASY_RSA="`pwd`"
 180 +export EASY_RSA="/etc/easy-rsa"
 181
 182  #
 183  # This variable should point to
 184 @@ -26,7 +26,7 @@ export GREP="grep"
 185  # This variable should point to
 186  # the openssl.cnf file included
 187  # with easy-rsa.
 188 -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
 189 +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
 190
 191  # Edit this variable to point to
 192  # your soon-to-be-created key