nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'enfore-x509-COMMON' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-enfore-x509-COMMON

Browse Source 
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme 2022-08-21 23:00:46 +01:00
commit ca761167d1
No known key found for this signature in database
GPG Key ID: 2D767DB92FB6C246
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
easyrsa3/easyrsa
View File

@ -1560,6 +1560,8 @@ expected 2, got $# (see command help for usage)"
# Cert type must exist under the EASYRSA_EXT_DIR
[ -e "$EASYRSA_EXT_DIR/$crt_type" ] || die "\
Unknown cert type '$crt_type'"
[ -e "$EASYRSA_EXT_DIR/COMMON" ] || die "\
Missing cert type 'COMMON'"
# Cert type must NOT be COMMON
[ "$crt_type" != COMMON ] || die "\
@ -1629,8 +1631,10 @@ $(display_dn req "$req_in")
ext_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
{
# Append first any COMMON file (if present) then the cert-type extensions
cat "$EASYRSA_EXT_DIR/COMMON"
cat "$EASYRSA_EXT_DIR/$crt_type"
cat "$EASYRSA_EXT_DIR/COMMON" || \
die "Failed to read X509-type COMMON"
cat "$EASYRSA_EXT_DIR/$crt_type" || \
die "Failed to read X509-type $crt_type"
# Support a dynamic CA path length when present:
[ "$crt_type" = "ca" ] && [ "$EASYRSA_SUBCA_LEN" ] && \