openvpn: update to 2.1_rc19 (patch from #5900)
[openwrt/svn-archive/archive.git] / net / openvpn / patches / 001-easy_rsa.patch
1 --- a/easy-rsa/2.0/build-ca
2 +++ b/easy-rsa/2.0/build-ca
3 @@ -1,8 +1,8 @@
4 -#!/bin/bash
5 +#!/bin/sh
6
7 #
8 # Build a root certificate
9 #
10
11 export EASY_RSA="${EASY_RSA:-.}"
12 -"$EASY_RSA/pkitool" --interact --initca $*
13 +"/usr/sbin/pkitool" --interact --initca $*
14 --- a/easy-rsa/2.0/build-dh
15 +++ b/easy-rsa/2.0/build-dh
16 @@ -1,4 +1,6 @@
17 -#!/bin/bash
18 +#!/bin/sh
19 +
20 +. /etc/easy-rsa/vars
21
22 # Build Diffie-Hellman parameters for the server side
23 # of an SSL/TLS connection.
24 --- a/easy-rsa/2.0/build-inter
25 +++ b/easy-rsa/2.0/build-inter
26 @@ -1,7 +1,7 @@
27 -#!/bin/bash
28 +#!/bin/sh
29
30 # Make an intermediate CA certificate/private key pair using a locally generated
31 # root certificate.
32
33 export EASY_RSA="${EASY_RSA:-.}"
34 -"$EASY_RSA/pkitool" --interact --inter $*
35 +"/usr/sbin/pkitool" --interact --inter $*
36 --- a/easy-rsa/2.0/build-key
37 +++ b/easy-rsa/2.0/build-key
38 @@ -1,7 +1,7 @@
39 -#!/bin/bash
40 +#!/bin/sh
41
42 # Make a certificate/private key pair using a locally generated
43 # root certificate.
44
45 export EASY_RSA="${EASY_RSA:-.}"
46 -"$EASY_RSA/pkitool" --interact $*
47 +"/usr/sbin/pkitool" --interact $*
48 --- a/easy-rsa/2.0/build-key-pass
49 +++ b/easy-rsa/2.0/build-key-pass
50 @@ -1,7 +1,7 @@
51 -#!/bin/bash
52 +#!/bin/sh
53
54 # Similar to build-key, but protect the private key
55 # with a password.
56
57 export EASY_RSA="${EASY_RSA:-.}"
58 -"$EASY_RSA/pkitool" --interact --pass $*
59 +"/usr/sbin/pkitool" --interact --pass $*
60 --- a/easy-rsa/2.0/build-key-pkcs12
61 +++ b/easy-rsa/2.0/build-key-pkcs12
62 @@ -1,8 +1,8 @@
63 -#!/bin/bash
64 +#!/bin/sh
65
66 # Make a certificate/private key pair using a locally generated
67 # root certificate and convert it to a PKCS #12 file including the
68 # the CA certificate as well.
69
70 export EASY_RSA="${EASY_RSA:-.}"
71 -"$EASY_RSA/pkitool" --interact --pkcs12 $*
72 +"/usr/sbin/pkitool" --interact --pkcs12 $*
73 --- a/easy-rsa/2.0/build-key-server
74 +++ b/easy-rsa/2.0/build-key-server
75 @@ -1,4 +1,4 @@
76 -#!/bin/bash
77 +#!/bin/sh
78
79 # Make a certificate/private key pair using a locally generated
80 # root certificate.
81 @@ -7,4 +7,4 @@
82 # extension in the openssl.cnf file.
83
84 export EASY_RSA="${EASY_RSA:-.}"
85 -"$EASY_RSA/pkitool" --interact --server $*
86 +"/usr/sbin/pkitool" --interact --server $*
87 --- a/easy-rsa/2.0/build-req
88 +++ b/easy-rsa/2.0/build-req
89 @@ -1,7 +1,7 @@
90 -#!/bin/bash
91 +#!/bin/sh
92
93 # Build a certificate signing request and private key. Use this
94 # when your root certificate and key is not available locally.
95
96 export EASY_RSA="${EASY_RSA:-.}"
97 -"$EASY_RSA/pkitool" --interact --csr $*
98 +"/usr/sbin/pkitool" --interact --csr $*
99 --- a/easy-rsa/2.0/build-req-pass
100 +++ b/easy-rsa/2.0/build-req-pass
101 @@ -1,7 +1,7 @@
102 -#!/bin/bash
103 +#!/bin/sh
104
105 # Like build-req, but protect your private key
106 # with a password.
107
108 export EASY_RSA="${EASY_RSA:-.}"
109 -"$EASY_RSA/pkitool" --interact --csr --pass $*
110 +"/usr/sbin/pkitool" --interact --csr --pass $*
111 --- a/easy-rsa/2.0/clean-all
112 +++ b/easy-rsa/2.0/clean-all
113 @@ -1,4 +1,6 @@
114 -#!/bin/bash
115 +#!/bin/sh
116 +
117 +. /etc/easy-rsa/vars
118
119 # Initialize the $KEY_DIR directory.
120 # Note that this script does a
121 --- a/easy-rsa/2.0/inherit-inter
122 +++ b/easy-rsa/2.0/inherit-inter
123 @@ -1,4 +1,6 @@
124 -#!/bin/bash
125 +#!/bin/sh
126 +
127 +. /etc/easy-rsa/vars
128
129 # Build a new PKI which is rooted on an intermediate certificate generated
130 # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should
131 --- a/easy-rsa/2.0/list-crl
132 +++ b/easy-rsa/2.0/list-crl
133 @@ -1,4 +1,6 @@
134 -#!/bin/bash
135 +#!/bin/sh
136 +
137 +. /etc/easy-rsa/vars
138
139 # list revoked certificates
140
141 --- a/easy-rsa/2.0/pkitool
142 +++ b/easy-rsa/2.0/pkitool
143 @@ -1,5 +1,7 @@
144 #!/bin/sh
145
146 +. /etc/easy-rsa/vars
147 +
148 # OpenVPN -- An application to securely tunnel IP networks
149 # over a single TCP/UDP port, with support for SSL/TLS-based
150 # session authentication and key exchange,
151 --- a/easy-rsa/2.0/revoke-full
152 +++ b/easy-rsa/2.0/revoke-full
153 @@ -1,4 +1,6 @@
154 -#!/bin/bash
155 +#!/bin/sh
156 +
157 +. /etc/easy-rsa/vars
158
159 # revoke a certificate, regenerate CRL,
160 # and verify revocation
161 --- a/easy-rsa/2.0/sign-req
162 +++ b/easy-rsa/2.0/sign-req
163 @@ -1,7 +1,7 @@
164 -#!/bin/bash
165 +#!/bin/sh
166
167 # Sign a certificate signing request (a .csr file)
168 # with a local root certificate and key.
169
170 export EASY_RSA="${EASY_RSA:-.}"
171 -"$EASY_RSA/pkitool" --interact --sign $*
172 +"/usr/sbin/pkitool" --interact --sign $*
173 --- a/easy-rsa/2.0/vars
174 +++ b/easy-rsa/2.0/vars
175 @@ -12,7 +12,7 @@
176 # This variable should point to
177 # the top level of the easy-rsa
178 # tree.
179 -export EASY_RSA="`pwd`"
180 +export EASY_RSA="/etc/easy-rsa"
181
182 #
183 # This variable should point to
184 @@ -26,7 +26,7 @@ export GREP="grep"
185 # This variable should point to
186 # the openssl.cnf file included
187 # with easy-rsa.
188 -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
189 +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
190
191 # Edit this variable to point to
192 # your soon-to-be-created key