switch easy-rsa to using openssl to unbreak; libressl doesn't allow $ENV::
in config files and easy-arrrrsa uses this heavily.
This commit is contained in:
parent
f09a508b2f
commit
c1a401f90e
@ -1,11 +1,9 @@
|
||||
# $OpenBSD: Makefile,v 1.3 2015/09/18 22:04:44 sthen Exp $
|
||||
|
||||
BROKEN = relies on $$ENV:: in openssl .cnf files
|
||||
# $OpenBSD: Makefile,v 1.4 2015/09/19 12:44:38 sthen Exp $
|
||||
|
||||
COMMENT = small RSA key management package
|
||||
|
||||
PKGNAME = easy-rsa-2.2.0
|
||||
REVISION = 0
|
||||
REVISION = 1
|
||||
DISTNAME = ${PKGNAME}_master
|
||||
CATEGORIES = security
|
||||
|
||||
@ -16,6 +14,9 @@ PERMIT_PACKAGE_CDROM = Yes
|
||||
|
||||
MASTER_SITES = https://github.com/downloads/OpenVPN/easy-rsa/
|
||||
|
||||
# relies on passing environment variables to $ENV:: in config files
|
||||
RUN_DEPENDS = security/openssl
|
||||
|
||||
CONFIGURE_STYLE = gnu
|
||||
|
||||
NO_TEST = Yes
|
||||
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-ca
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-ca
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-ca,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-ca.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-ca Sat Sep 19 13:40:54 2015
|
||||
@@ -6,7 +6,7 @@
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -nodes -new -x509 -keyout ca.key -out ca.crt -config $KEY_CONFIG && \
|
||||
+ eopenssl req -days 3650 -nodes -new -x509 -keyout ca.key -out ca.crt -config $KEY_CONFIG && \
|
||||
chmod 0600 ca.key
|
||||
else
|
||||
echo you must define KEY_DIR
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-dh
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-dh
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-dh,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-dh.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-dh Sat Sep 19 13:40:56 2015
|
||||
@@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
if test $KEY_DIR; then
|
||||
- openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
|
||||
+ eopenssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
14
security/easy-rsa/patches/patch-easy-rsa_1_0_build-inter
Normal file
14
security/easy-rsa/patches/patch-easy-rsa_1_0_build-inter
Normal file
@ -0,0 +1,14 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-inter,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-inter.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-inter Sat Sep 19 13:41:00 2015
|
||||
@@ -12,8 +12,8 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
- openssl ca -extensions v3_ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG
|
||||
+ eopenssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl ca -extensions v3_ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
14
security/easy-rsa/patches/patch-easy-rsa_1_0_build-key
Normal file
14
security/easy-rsa/patches/patch-easy-rsa_1_0_build-key
Normal file
@ -0,0 +1,14 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-key,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-key.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-key Sat Sep 19 13:41:02 2015
|
||||
@@ -12,8 +12,8 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
- openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
|
||||
chmod 0600 $1.key
|
||||
else
|
||||
echo you must define KEY_DIR
|
14
security/easy-rsa/patches/patch-easy-rsa_1_0_build-key-pass
Normal file
14
security/easy-rsa/patches/patch-easy-rsa_1_0_build-key-pass
Normal file
@ -0,0 +1,14 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-key-pass,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-key-pass.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-key-pass Sat Sep 19 13:41:04 2015
|
||||
@@ -12,8 +12,8 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
- openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
|
||||
chmod 0600 $1.key
|
||||
else
|
||||
echo you must define KEY_DIR
|
@ -0,0 +1,16 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-key-pkcs12,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-key-pkcs12.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-key-pkcs12 Sat Sep 19 13:41:08 2015
|
||||
@@ -12,9 +12,9 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
- openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
|
||||
- openssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \
|
||||
+ eopenssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
|
||||
+ eopenssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \
|
||||
chmod 0600 $1.key $1.p12
|
||||
else
|
||||
echo you must define KEY_DIR
|
@ -0,0 +1,14 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-key-server,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-key-server.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-key-server Sat Sep 19 13:41:13 2015
|
||||
@@ -14,8 +14,8 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \
|
||||
- openssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \
|
||||
+ eopenssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \
|
||||
+ eopenssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \
|
||||
chmod 0600 $1.key
|
||||
else
|
||||
echo you must define KEY_DIR
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-req
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-req
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-req,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-req.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-req Sat Sep 19 13:41:15 2015
|
||||
@@ -12,7 +12,7 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG
|
||||
+ eopenssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-req-pass
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_build-req-pass
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_build-req-pass,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/build-req-pass.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/build-req-pass Sat Sep 19 13:41:16 2015
|
||||
@@ -12,7 +12,7 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG
|
||||
+ eopenssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_list-crl
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_list-crl
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_list-crl,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/list-crl.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/list-crl Sat Sep 19 13:41:19 2015
|
||||
@@ -12,7 +12,7 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl crl -text -noout -in $1
|
||||
+ eopenssl crl -text -noout -in $1
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_make-crl
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_make-crl
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_make-crl,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/make-crl.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/make-crl Sat Sep 19 13:41:20 2015
|
||||
@@ -12,7 +12,7 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl ca -gencrl -out $1 -config $KEY_CONFIG
|
||||
+ eopenssl ca -gencrl -out $1 -config $KEY_CONFIG
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_revoke-crt
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_revoke-crt
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_revoke-crt,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/revoke-crt.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/revoke-crt Sat Sep 19 13:41:27 2015
|
||||
@@ -12,7 +12,7 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl ca -revoke $1 -config $KEY_CONFIG
|
||||
+ eopenssl ca -revoke $1 -config $KEY_CONFIG
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
21
security/easy-rsa/patches/patch-easy-rsa_1_0_revoke-full
Normal file
21
security/easy-rsa/patches/patch-easy-rsa_1_0_revoke-full
Normal file
@ -0,0 +1,21 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_revoke-full,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/revoke-full.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/revoke-full Sat Sep 19 13:41:36 2015
|
||||
@@ -16,14 +16,14 @@ if test $KEY_DIR; then
|
||||
rm -f $RT
|
||||
|
||||
# revoke key and generate a new CRL
|
||||
- openssl ca -revoke $1.crt -config $KEY_CONFIG
|
||||
+ eopenssl ca -revoke $1.crt -config $KEY_CONFIG
|
||||
|
||||
# generate a new CRL
|
||||
- openssl ca -gencrl -out $CRL -config $KEY_CONFIG
|
||||
+ eopenssl ca -gencrl -out $CRL -config $KEY_CONFIG
|
||||
cat ca.crt $CRL >$RT
|
||||
|
||||
# verify the revocation
|
||||
- openssl verify -CAfile $RT -crl_check $1.crt
|
||||
+ eopenssl verify -CAfile $RT -crl_check $1.crt
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
12
security/easy-rsa/patches/patch-easy-rsa_1_0_sign-req
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_1_0_sign-req
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_1_0_sign-req,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/1.0/sign-req.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/1.0/sign-req Sat Sep 19 13:41:38 2015
|
||||
@@ -12,7 +12,7 @@ fi
|
||||
|
||||
if test $KEY_DIR; then
|
||||
cd $KEY_DIR && \
|
||||
- openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG
|
||||
+ eopenssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG
|
||||
else
|
||||
echo you must define KEY_DIR
|
||||
fi
|
12
security/easy-rsa/patches/patch-easy-rsa_2_0_pkitool
Normal file
12
security/easy-rsa/patches/patch-easy-rsa_2_0_pkitool
Normal file
@ -0,0 +1,12 @@
|
||||
$OpenBSD: patch-easy-rsa_2_0_pkitool,v 1.1 2015/09/19 12:44:38 sthen Exp $
|
||||
--- easy-rsa/2.0/pkitool.orig Sat Sep 19 13:40:50 2015
|
||||
+++ easy-rsa/2.0/pkitool Sat Sep 19 13:41:52 2015
|
||||
@@ -122,7 +122,7 @@ usage()
|
||||
}
|
||||
|
||||
# Set tool defaults
|
||||
-[ -n "$OPENSSL" ] || export OPENSSL="openssl"
|
||||
+[ -n "$OPENSSL" ] || export OPENSSL="eopenssl"
|
||||
[ -n "$PKCS11TOOL" ] || export PKCS11TOOL="pkcs11-tool"
|
||||
[ -n "$GREP" ] || export GREP="grep"
|
||||
|
Loading…
Reference in New Issue
Block a user