From 97e1501424cc36f3b370b467e2fc1f711f8402d1 Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Thu, 23 Aug 2018 16:51:17 -0500 Subject: [PATCH 1/2] Update default certificate length, comments - Resolve #57, set default certificate length to 1080 days, leaves CA certifcates at 3650 - Add EasyRSA version to certificate comment for later troubleshooting and identification. Signed-off-by: Eric F Crist --- build/build-dist.sh | 4 ++++ easyrsa3/easyrsa | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/build/build-dist.sh b/build/build-dist.sh index 5bc91e5..1ce5c8a 100755 --- a/build/build-dist.sh +++ b/build/build-dist.sh @@ -73,9 +73,11 @@ stage_unix() { src_files="easyrsa3/ Licensing/ COPYING.md ChangeLog README.md README.quickstart.md" for f in $src_files do + sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" cp -a "$SRC_ROOT/$f" "$DIST_ROOT/unix/$PV" || die "failed to copy $f" done + sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" cp -R "$SRC_ROOT/doc" "$DIST_ROOT/unix/$PV/" || die "failed to copy unix doc" # files not included @@ -92,6 +94,7 @@ stage_win() { for f in $SRC_ROOT/doc/*.md; do fname=$(basename "$f" .md) + sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" python -m markdown "$f" > "$DIST_ROOT/windows/$PV/doc/$fname.html" done @@ -103,6 +106,7 @@ stage_win() { src_files="easyrsa3/ ChangeLog COPYING.md" for f in $src_files do + sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" cp -a "$SRC_ROOT/$f" "$DIST_ROOT/windows/$PV" || die "failed to copy $f" done diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index 44475d6..16b219e 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -2,7 +2,7 @@ # Easy-RSA 3 -- A Shell-based CA Utility # -# Copyright (C) 2013 by the Open-Source OpenVPN development community. +# Copyright (C) 2018 by the Open-Source OpenVPN development community. # A full list of contributors can be found in the ChangeLog. # # This code released under version 2 of the GNU GPL; see COPYING and the @@ -1169,10 +1169,10 @@ Note: using Easy-RSA configuration from: $vars" set_var EASYRSA_CURVE secp384r1 set_var EASYRSA_EC_DIR "$EASYRSA_PKI/ecparams" set_var EASYRSA_CA_EXPIRE 3650 - set_var EASYRSA_CERT_EXPIRE 3650 + set_var EASYRSA_CERT_EXPIRE 1080 # new default of 36 months set_var EASYRSA_CRL_DAYS 180 set_var EASYRSA_NS_SUPPORT no - set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate" + set_var EASYRSA_NS_COMMENT "Easy-RSA (~~~) Generated Certificate" set_var EASYRSA_TEMP_CONF "$EASYRSA_PKI/openssl-easyrsa.temp" set_var EASYRSA_TEMP_EXT "$EASYRSA_PKI/extensions.temp" set_var EASYRSA_TEMP_FILE_2 "" From ac2575f3e16993425b14163a992c02c4451a4fc6 Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Thu, 23 Aug 2018 17:01:55 -0500 Subject: [PATCH 2/2] Correct sed work on version replacement Signed-off-by: Eric F Crist --- build/build-dist.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/build/build-dist.sh b/build/build-dist.sh index 1ce5c8a..70c13f0 100755 --- a/build/build-dist.sh +++ b/build/build-dist.sh @@ -73,13 +73,13 @@ stage_unix() { src_files="easyrsa3/ Licensing/ COPYING.md ChangeLog README.md README.quickstart.md" for f in $src_files do - sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" cp -a "$SRC_ROOT/$f" "$DIST_ROOT/unix/$PV" || die "failed to copy $f" done - sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" cp -R "$SRC_ROOT/doc" "$DIST_ROOT/unix/$PV/" || die "failed to copy unix doc" + sed -i -e "s/~~~/$VERSION/" "$DIST_ROOT/unix/$PV/easyrsa" + # files not included rm -rf "$DIST_ROOT/unix/$PV/doc/TODO" || die "failed rm TODO" } @@ -106,7 +106,6 @@ stage_win() { src_files="easyrsa3/ ChangeLog COPYING.md" for f in $src_files do - sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" cp -a "$SRC_ROOT/$f" "$DIST_ROOT/windows/$PV" || die "failed to copy $f" done