nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'TinCanTech-easyrsa_openssl-vs-debug'

Browse Source 
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme 2022-12-08 01:26:33 +00:00
commit 808b025f8a
No known key found for this signature in database
GPG Key ID: 2D767DB92FB6C246
1 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
easyrsa3/easyrsa
View File

@ -591,8 +591,9 @@ Type the word '$value' to continue, or any other input to abort."
} # => confirm() } # => confirm()
# Generate random hex # Generate random hex
# Can ony be used after a SAFE SSL config exists. # Cannot use easyrsa-openssl() due to chicken vs egg,
# Otherwise, LibreSSL complains about the config file. # easyrsa_openssl() creates temp-files, which needs `openssl rand`.
# Redirect error-out, because LibreSSL complains of missing conf.
easyrsa_random() { easyrsa_random() {
case "$1" in case "$1" in
(*[!1234567890]*|0*|"") : ;; # invalid input (*[!1234567890]*|0*|"") : ;; # invalid input
@ -636,7 +637,7 @@ easyrsa_mktemp() {
: # ok : # ok
else else
die "\ die "\
Non-existant temporary session: easyrsa_mktemp - Non-existant temporary session:
* $EASYRSA_TEMP_DIR_session" * $EASYRSA_TEMP_DIR_session"
fi fi
@ -3714,6 +3715,7 @@ ssl_cert_serial() {
verify_file x509 "$1" || die "ssl_cert_serial - invalid cert" verify_file x509 "$1" || die "ssl_cert_serial - invalid cert"
fn_ssl_out="$( fn_ssl_out="$(
unset -v EASYRSA_DEBUG
easyrsa_openssl x509 -in "$1" -noout -serial easyrsa_openssl x509 -in "$1" -noout -serial
)" || die "ssl_cert_serial - failed to get serial" )" || die "ssl_cert_serial - failed to get serial"
shift shift
@ -3730,25 +3732,25 @@ ssl_cert_serial() {
# Get certificate start date # Get certificate start date
ssl_cert_not_before_date() { ssl_cert_not_before_date() {
[ "$1" ] || die "ssl_cert_not_before_date - Invalid input" [ "$1" ] || die "ssl_cert_not_before_date - Invalid input"
unset -v ssl_out cert_not_before_date fn_ssl_out="$(
ssl_out="$( unset -v EASYRSA_DEBUG
easyrsa_openssl x509 -in "$1" -noout -startdate easyrsa_openssl x509 -in "$1" -noout -startdate
)" || die "ssl_cert_not_before_date - ssl_out error" )" || die "ssl_cert_not_before_date - failed to get startdate"
# 'cert_not_before_date' is *not* used, at this time.. # 'cert_not_before_date' is *not* used, at this time..
# disable #shellcheck disable=SC2034 # Prefer to keep the warning # disable #shellcheck disable=SC2034 # Prefer to keep the warning
cert_not_before_date="${ssl_out#*=}" cert_not_before_date="${fn_ssl_out#*=}"
unset -v ssl_out unset -v fn_ssl_out
} # => ssl_cert_not_before_date() } # => ssl_cert_not_before_date()
# Get certificate end date # Get certificate end date
ssl_cert_not_after_date() { ssl_cert_not_after_date() {
[ "$1" ] || die "ssl_cert_not_after_date - Invalid input" [ "$1" ] || die "ssl_cert_not_after_date - Invalid input"
unset -v ssl_out cert_not_after_date fn_ssl_out="$(
ssl_out="$( unset -v EASYRSA_DEBUG
easyrsa_openssl x509 -in "$1" -noout -enddate easyrsa_openssl x509 -in "$1" -noout -enddate
)" || die "ssl_cert_not_after_date - ssl_out error" )" || die "ssl_cert_not_after_date - failed to get enddate"
cert_not_after_date="${ssl_out#*=}" cert_not_after_date="${fn_ssl_out#*=}"
unset -v ssl_out unset -v fn_ssl_out
} # => ssl_cert_not_after_date() } # => ssl_cert_not_after_date()
# SC2295: (info): Expansions inside ${..} need to be quoted separately, # SC2295: (info): Expansions inside ${..} need to be quoted separately,