From 0716b29ba6c2639b8e394e6943dfee891c3394ef Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Mon, 26 Feb 2018 09:29:45 -0600 Subject: [PATCH 1/4] Update ChangeLog Signed-off-by: Eric F Crist --- ChangeLog | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index faa26ba..cc85de2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,7 +2,10 @@ Easy-RSA 3 ChangeLog 3.0.5 * Fix #17 & #58: use AES256 for CA key - * Also, don't use read -s, use stty -echo + * Also, don't use read -s, use stty -echo + * Fix broken "nopass" option + * Add -r to read to stop errors reported by shellcheck (and to behave) + * remove overzealous quotes around $pkcs_opts (more SC errors) 3.0.4 * Remove use of egrep (#154) From a33928c76bfe7c8016c36ccffeb931122fc5f49e Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Fri, 7 Sep 2018 09:41:39 -0500 Subject: [PATCH 2/4] Merge in other commits suitable for v3.0.5 from masteer. Signed-off-by: Eric F Crist --- build/build-dist.sh | 3 +++ easyrsa3/easyrsa | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/build/build-dist.sh b/build/build-dist.sh index 5bc91e5..70c13f0 100755 --- a/build/build-dist.sh +++ b/build/build-dist.sh @@ -78,6 +78,8 @@ stage_unix() { cp -R "$SRC_ROOT/doc" "$DIST_ROOT/unix/$PV/" || die "failed to copy unix doc" + sed -i -e "s/~~~/$VERSION/" "$DIST_ROOT/unix/$PV/easyrsa" + # files not included rm -rf "$DIST_ROOT/unix/$PV/doc/TODO" || die "failed rm TODO" } @@ -92,6 +94,7 @@ stage_win() { for f in $SRC_ROOT/doc/*.md; do fname=$(basename "$f" .md) + sed -i -e "s/~~~/$VERSION/" "$SRC_ROOT/$f" python -m markdown "$f" > "$DIST_ROOT/windows/$PV/doc/$fname.html" done diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index cede5b1..c78323f 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -2,7 +2,7 @@ # Easy-RSA 3 -- A Shell-based CA Utility # -# Copyright (C) 2013 by the Open-Source OpenVPN development community. +# Copyright (C) 2018 by the Open-Source OpenVPN development community. # A full list of contributors can be found in the ChangeLog. # # This code released under version 2 of the GNU GPL; see COPYING and the @@ -969,7 +969,7 @@ $file" If the key is currently encrypted you must supply the decryption passphrase. ${crypto:+You will then enter a new PEM passphrase for this key.$NL}" - "$EASYRSA_OPENSSL" "$key_type" -in "$file" -out "$file" "$crypto" || die "\ + "$EASYRSA_OPENSSL" "$key_type" -in "$file" -out "$file" $crypto || die "\ Failed to change the private key passphrase. See above for possible openssl error messages." @@ -1126,10 +1126,10 @@ Note: using Easy-RSA configuration from: $vars" set_var EASYRSA_CURVE secp384r1 set_var EASYRSA_EC_DIR "$EASYRSA_PKI/ecparams" set_var EASYRSA_CA_EXPIRE 3650 - set_var EASYRSA_CERT_EXPIRE 3650 + set_var EASYRSA_CERT_EXPIRE 1080 # new default of 36 months set_var EASYRSA_CRL_DAYS 180 set_var EASYRSA_NS_SUPPORT no - set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate" + set_var EASYRSA_NS_COMMENT "Easy-RSA (~~~) Generated Certificate" set_var EASYRSA_TEMP_CONF "$EASYRSA_PKI/openssl-easyrsa.temp" set_var EASYRSA_TEMP_EXT "$EASYRSA_PKI/extensions.temp" set_var EASYRSA_TEMP_FILE_2 "" From a137125a5abb33ca38eb6b909fe2291774853e49 Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Fri, 14 Sep 2018 23:12:19 -0500 Subject: [PATCH 3/4] Update changelog for v3.0.5 release Signed-off-by: Eric F Crist --- ChangeLog | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index cc85de2..81f76b4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,13 +1,16 @@ Easy-RSA 3 ChangeLog -3.0.5 +3.0.5 (2018-09-15) * Fix #17 & #58: use AES256 for CA key * Also, don't use read -s, use stty -echo * Fix broken "nopass" option * Add -r to read to stop errors reported by shellcheck (and to behave) * remove overzealous quotes around $pkcs_opts (more SC errors) + * Support for LibreSSL + * EasyRSA version will be reported in certificate comments + * Client certificates now expire in 3 year (1080 days) by default -3.0.4 +3.0.4 (2018-01-21) * Remove use of egrep (#154) * Integrate with Travis-CI (#165) * Remove "local" from variable assignment (#165) From 21b0de8f5e7be508b692f832012976c942787063 Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Fri, 14 Sep 2018 23:16:55 -0500 Subject: [PATCH 4/4] Ignore dist-staging path Signed-off-by: Eric F Crist --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 9101272..bd493f3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ easyrsa3/pki/* easyrsa3/vars +dist-staging