Hard wrap excessively long lines
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme
parent
0cb51cf1a1
commit
9e109cdd7d
@ -901,8 +901,8 @@ current CA keypair. If you intended to start a new CA, run init-pki first."
|
||||
#shellcheck disable=SC2086
|
||||
easyrsa_openssl req -utf8 -new -key "$out_key_tmp" \
|
||||
-keyout "$out_key_tmp" -out "$out_file_tmp" $crypto_opts $opts \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || \
|
||||
die "Failed to build the CA"
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
|| die "Failed to build the CA"
|
||||
;;
|
||||
# END SSL V1
|
||||
|
||||
@ -1025,8 +1025,9 @@ $EASYRSA_EXTRA_EXTS"
|
||||
algo_opts="$EASYRSA_ALGO:$EASYRSA_ALGO_PARAMS"
|
||||
fi
|
||||
easyrsa_openssl req -utf8 -new -newkey "$algo_opts" \
|
||||
-keyout "$key_out_tmp" -out "$req_out_tmp" $opts ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} \
|
||||
|| die "Failed to generate request"
|
||||
-keyout "$key_out_tmp" -out "$req_out_tmp" $opts \
|
||||
${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} \
|
||||
|| die "Failed to generate request"
|
||||
mv "$key_out_tmp" "$key_out"
|
||||
mv "$req_out_tmp" "$req_out"
|
||||
notice "\
|
||||
@ -1153,8 +1154,9 @@ $ext_tmp"
|
||||
# sign request
|
||||
crt_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
|
||||
easyrsa_openssl ca -utf8 -in "$req_in" -out "$crt_out_tmp" \
|
||||
-extfile "$ext_tmp" -days "$EASYRSA_CERT_EXPIRE" -batch $opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
|| die "signing failed (openssl output above may have more detail)"
|
||||
-extfile "$ext_tmp" -days "$EASYRSA_CERT_EXPIRE" -batch $opts \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
|| die "signing failed (openssl output above may have more detail)"
|
||||
mv "$crt_out_tmp" "$crt_out"
|
||||
rm -f "$ext_tmp"
|
||||
notice "\
|
||||
@ -1270,7 +1272,8 @@ Unable to revoke as no certificate was found. Certificate was expected
|
||||
at: $crt_in"
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
easyrsa_openssl ca -utf8 -revoke "$crt_in" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} $opts || die "\
|
||||
easyrsa_openssl ca -utf8 -revoke "$crt_in" $opts \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
|
||||
Failed to revoke certificate: revocation command failed."
|
||||
|
||||
# move revoked files so we can reissue certificates with the same name
|
||||
@ -1522,7 +1525,8 @@ gen_crl() {
|
||||
|
||||
out_file="$EASYRSA_PKI/crl.pem"
|
||||
out_file_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
|
||||
easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
|
||||
easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
|
||||
CRL Generation failed.
|
||||
"
|
||||
mv "$out_file_tmp" "$out_file"
|
||||
@ -1627,8 +1631,10 @@ Missing key expected at: $key_in"
|
||||
# export the p12:
|
||||
# shellcheck disable=SC2086
|
||||
easyrsa_openssl pkcs12 -in "$crt_in" -inkey "$key_in" -export \
|
||||
-out "$pkcs_out" $pkcs_opts ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
-out "$pkcs_out" $pkcs_opts \
|
||||
${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
Export of p12 failed: see above for related openssl errors."
|
||||
;;
|
||||
p7)
|
||||
@ -1637,8 +1643,10 @@ Export of p12 failed: see above for related openssl errors."
|
||||
# export the p7:
|
||||
# shellcheck disable=SC2086
|
||||
easyrsa_openssl crl2pkcs7 -nocrl -certfile "$crt_in" \
|
||||
-out "$pkcs_out" ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
-out "$pkcs_out" \
|
||||
${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
Export of p7 failed: see above for related openssl errors."
|
||||
;;
|
||||
p8)
|
||||
@ -1650,7 +1658,9 @@ Export of p7 failed: see above for related openssl errors."
|
||||
# export the p8:
|
||||
# shellcheck disable=SC2086
|
||||
easyrsa_openssl pkcs8 -in "$key_in" -topk8 \
|
||||
-out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
-out "$pkcs_out" $pkcs_opts \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
Export of p8 failed: see above for related openssl errors."
|
||||
;;
|
||||
esac
|
||||
@ -1697,7 +1707,9 @@ If the key is currently encrypted you must supply the decryption passphrase.
|
||||
${crypto:+You will then enter a new PEM passphrase for this key.$NL}"
|
||||
|
||||
out_key_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
|
||||
easyrsa_openssl "$key_type" -in "$file" -out "$out_key_tmp" $crypto ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
easyrsa_openssl "$key_type" -in "$file" -out "$out_key_tmp" $crypto \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|
||||
${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
|
||||
Failed to change the private key passphrase. See above for possible openssl
|
||||
error messages."
|
||||
|
||||
@ -1713,7 +1725,8 @@ Failed to change the private key passphrase. See above for error messages."
|
||||
update_db() {
|
||||
verify_ca_init
|
||||
|
||||
easyrsa_openssl ca -utf8 -updatedb ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
|
||||
easyrsa_openssl ca -utf8 -updatedb \
|
||||
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
|
||||
Failed to perform update-db: see above for related openssl errors."
|
||||
return 0
|
||||
} # => update_db()
|
||||
@ -1723,11 +1736,12 @@ display_san() {
|
||||
|
||||
if echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName; then
|
||||
#if [ $? -eq 0 ]; then
|
||||
print "$(echo "$EASYRSA_EXTRA_EXTS" | grep subjectAltName | sed 's/^\s*subjectAltName\s*=\s*//')"
|
||||
print "$(echo "$EASYRSA_EXTRA_EXTS" | grep subjectAltName | sed
|
||||
's/^\s*subjectAltName\s*=\s*//')"
|
||||
else
|
||||
san=$(
|
||||
"$EASYRSA_OPENSSL" "$format" -in "$path" -noout -text |
|
||||
sed -n "/X509v3 Subject Alternative Name:/{n;s/ //g;s/IPAddress:/IP:/g;s/RegisteredID/RID/;p;}"
|
||||
"$EASYRSA_OPENSSL" "$format" -in "$path" -noout -text | sed -n \
|
||||
"/X509v3 Subject Alternative Name:/{n;s/ //g;s/IPAddress:/IP:/g;s/RegisteredID/RID/;p;}"
|
||||
)
|
||||
|
||||
[ -n "$san" ] && print "$san"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user