nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build-ca: Check x509-types 'ca' and 'COMMON' files exist

Browse Source 
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme 2022-09-20 22:05:53 +01:00
parent 5736250a91
commit 748c19be21
No known key found for this signature in database
GPG Key ID: 2D767DB92FB6C246
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
easyrsa3/easyrsa
View File

@ -1288,6 +1288,12 @@ $EASYRSA_PKI
Refusing to create a new CA keypair as this operation would overwrite your Refusing to create a new CA keypair as this operation would overwrite your
current CA keypair. If you intended to start a new CA, run init-pki first." current CA keypair. If you intended to start a new CA, run init-pki first."
# Cert type must exist under the EASYRSA_EXT_DIR
[ -e "$EASYRSA_EXT_DIR/ca" ] || die "\
Missing X509-type 'ca'"
[ -e "$EASYRSA_EXT_DIR/COMMON" ] || die "\
Missing X509-type 'COMMON'"
# Check for insert-marker in ssl config file # Check for insert-marker in ssl config file
if ! grep -q '^#%CA_X509_TYPES_EXTRA_EXTS%' "$EASYRSA_SSL_CONF"; then if ! grep -q '^#%CA_X509_TYPES_EXTRA_EXTS%' "$EASYRSA_SSL_CONF"; then
die "\ die "\
@ -1635,9 +1641,9 @@ expected 2, got $# (see command help for usage)"
# Cert type must exist under the EASYRSA_EXT_DIR # Cert type must exist under the EASYRSA_EXT_DIR
[ -e "$EASYRSA_EXT_DIR/$crt_type" ] || die "\ [ -e "$EASYRSA_EXT_DIR/$crt_type" ] || die "\
Unknown cert type '$crt_type'" Missing X509-type '$crt_type'"
[ -e "$EASYRSA_EXT_DIR/COMMON" ] || die "\ [ -e "$EASYRSA_EXT_DIR/COMMON" ] || die "\
Missing cert type 'COMMON'" Missing X509-type 'COMMON'"
# Cert type must NOT be COMMON # Cert type must NOT be COMMON
[ "$crt_type" != COMMON ] || die "\ [ "$crt_type" != COMMON ] || die "\