Merge branch 'verify-ssl-before-temp-session' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-verify-ssl-before-temp-session

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
2023-02-08 23:10:28 +00:00 · 2023-02-08 23:10:28 +00:00 · 393a094aa4
commit 393a094aa4
parent ab264130c1 8de04a1439
1 changed files with 7 additions and 4 deletions
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@ -926,6 +926,9 @@ verify_ssl_lib() {
 		*)
 			error_msg="$("$EASYRSA_OPENSSL" version 2>&1)"
 			die "\
+* OpenSSL must either exist in your PATH
+  or be defined in your vars file.
+
 Invalid SSL output for 'version':

 $error_msg"
@ -4655,15 +4658,15 @@ Sourcing the vars file and building certificates will probably fail ..'

 	set_var EASYRSA_KDC_REALM		"CHANGEME.EXAMPLE.COM"

+	# Verify SSL Lib - One time ONLY
+	verify_ssl_lib
+
 	# Find x509-types but do not fail - Not fatal here, used by 'help'
 	install_data_to_pki x509-types-only

 	# For commands which 'require a PKI' and the PKI exists
 	if  [ "$pki_is_required" ] && [ -d "$EASYRSA_PKI" ]; then

-		# Verify SSL Lib - One time ONLY
-		verify_ssl_lib
-
 		# mkdir Temp dir session
 		secure_session || die "Temporary directory secure-session failed."

@ -5329,7 +5332,7 @@ print_version()
 EasyRSA Version Information
 Version:     $EASYRSA_version
 Generated:   ~DATE~
-SSL Lib:     $ssl_version
+SSL Lib:     ${ssl_version:-undefined}
 Git Commit:  ~GITHEAD~
 Source Repo: https://github.com/OpenVPN/easy-rsa
 VERSION_TEXT