From 9e109cdd7d147f7b68ac8c0b66e1ed3792da0297 Mon Sep 17 00:00:00 2001 From: Richard T Bonhomme Date: Tue, 29 Mar 2022 00:38:20 +0100 Subject: [PATCH] Hard wrap excessively long lines Signed-off-by: Richard T Bonhomme --- easyrsa3/easyrsa | 50 +++++++++++++++++++++++++++++++----------------- 1 file changed, 32 insertions(+), 18 deletions(-) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index 16a0466..57917ac 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -901,8 +901,8 @@ current CA keypair. If you intended to start a new CA, run init-pki first." #shellcheck disable=SC2086 easyrsa_openssl req -utf8 -new -key "$out_key_tmp" \ -keyout "$out_key_tmp" -out "$out_file_tmp" $crypto_opts $opts \ - ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || \ - die "Failed to build the CA" + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ + || die "Failed to build the CA" ;; # END SSL V1 @@ -1025,8 +1025,9 @@ $EASYRSA_EXTRA_EXTS" algo_opts="$EASYRSA_ALGO:$EASYRSA_ALGO_PARAMS" fi easyrsa_openssl req -utf8 -new -newkey "$algo_opts" \ - -keyout "$key_out_tmp" -out "$req_out_tmp" $opts ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} \ - || die "Failed to generate request" + -keyout "$key_out_tmp" -out "$req_out_tmp" $opts \ + ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} \ + || die "Failed to generate request" mv "$key_out_tmp" "$key_out" mv "$req_out_tmp" "$req_out" notice "\ @@ -1153,8 +1154,9 @@ $ext_tmp" # sign request crt_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file" easyrsa_openssl ca -utf8 -in "$req_in" -out "$crt_out_tmp" \ - -extfile "$ext_tmp" -days "$EASYRSA_CERT_EXPIRE" -batch $opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ - || die "signing failed (openssl output above may have more detail)" + -extfile "$ext_tmp" -days "$EASYRSA_CERT_EXPIRE" -batch $opts \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ + || die "signing failed (openssl output above may have more detail)" mv "$crt_out_tmp" "$crt_out" rm -f "$ext_tmp" notice "\ @@ -1270,7 +1272,8 @@ Unable to revoke as no certificate was found. Certificate was expected at: $crt_in" # shellcheck disable=SC2086 - easyrsa_openssl ca -utf8 -revoke "$crt_in" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} $opts || die "\ + easyrsa_openssl ca -utf8 -revoke "$crt_in" $opts \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\ Failed to revoke certificate: revocation command failed." # move revoked files so we can reissue certificates with the same name @@ -1522,7 +1525,8 @@ gen_crl() { out_file="$EASYRSA_PKI/crl.pem" out_file_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file" - easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\ + easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\ CRL Generation failed. " mv "$out_file_tmp" "$out_file" @@ -1627,8 +1631,10 @@ Missing key expected at: $key_in" # export the p12: # shellcheck disable=SC2086 easyrsa_openssl pkcs12 -in "$crt_in" -inkey "$key_in" -export \ - -out "$pkcs_out" $pkcs_opts ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \ - ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ + -out "$pkcs_out" $pkcs_opts \ + ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ + ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ Export of p12 failed: see above for related openssl errors." ;; p7) @@ -1637,8 +1643,10 @@ Export of p12 failed: see above for related openssl errors." # export the p7: # shellcheck disable=SC2086 easyrsa_openssl crl2pkcs7 -nocrl -certfile "$crt_in" \ - -out "$pkcs_out" ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \ - ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ + -out "$pkcs_out" \ + ${pkcs_certfile_path:+-certfile "$pkcs_certfile_path"} \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ + ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ Export of p7 failed: see above for related openssl errors." ;; p8) @@ -1650,7 +1658,9 @@ Export of p7 failed: see above for related openssl errors." # export the p8: # shellcheck disable=SC2086 easyrsa_openssl pkcs8 -in "$key_in" -topk8 \ - -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ + -out "$pkcs_out" $pkcs_opts \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ + ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ Export of p8 failed: see above for related openssl errors." ;; esac @@ -1697,7 +1707,9 @@ If the key is currently encrypted you must supply the decryption passphrase. ${crypto:+You will then enter a new PEM passphrase for this key.$NL}" out_key_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file" - easyrsa_openssl "$key_type" -in "$file" -out "$out_key_tmp" $crypto ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ + easyrsa_openssl "$key_type" -in "$file" -out "$out_key_tmp" $crypto \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \ + ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ Failed to change the private key passphrase. See above for possible openssl error messages." @@ -1713,7 +1725,8 @@ Failed to change the private key passphrase. See above for error messages." update_db() { verify_ca_init - easyrsa_openssl ca -utf8 -updatedb ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\ + easyrsa_openssl ca -utf8 -updatedb \ + ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\ Failed to perform update-db: see above for related openssl errors." return 0 } # => update_db() @@ -1723,11 +1736,12 @@ display_san() { if echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName; then #if [ $? -eq 0 ]; then - print "$(echo "$EASYRSA_EXTRA_EXTS" | grep subjectAltName | sed 's/^\s*subjectAltName\s*=\s*//')" + print "$(echo "$EASYRSA_EXTRA_EXTS" | grep subjectAltName | sed + 's/^\s*subjectAltName\s*=\s*//')" else san=$( - "$EASYRSA_OPENSSL" "$format" -in "$path" -noout -text | - sed -n "/X509v3 Subject Alternative Name:/{n;s/ //g;s/IPAddress:/IP:/g;s/RegisteredID/RID/;p;}" + "$EASYRSA_OPENSSL" "$format" -in "$path" -noout -text | sed -n \ + "/X509v3 Subject Alternative Name:/{n;s/ //g;s/IPAddress:/IP:/g;s/RegisteredID/RID/;p;}" ) [ -n "$san" ] && print "$san"