Replace all 'set-X-pass' commands with single 'set-pass' command.
The new EasyRSA 'set-pass' command uses OpenSSL command 'pkey' to manipulate
private keys. OpenSSL 'pkey' command supports all EasyRSA cryptography.
Retain compatibility with old commands.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Squashed commit of the following:
commit 3bff869d3058b2d8d2e21b572dfed6bac773ffe8
Merge: dbb8517 1652f20
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Thu Nov 3 19:55:34 2022 +0000
Merge branch 'new-global-opt-nopass' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-new-global-opt-nopass
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
commit 1652f20e88ae72e731d8e6001d561d10aebdb780
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Wed Nov 2 17:46:54 2022 +0000
Introduce global option '--nopass|--no-pass' (#752)
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
commit 7817324cbb31baf922724e46d5a50947b0b649d6
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Wed Nov 2 17:29:41 2022 +0000
Introduce global option '--nopass|--no-pass'
This change forces all commands where passwords are not desired,
to internally rely on the specific EasyRSA variable 'EASYRSA_NO_PASS'.
Current use of 'nopass' as a command option, is unchanged.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Added ChangeLog notice.
Squashed commit of the following:
commit de8f9e689e6409b606f112067754c28e3eef1d1d
Merge: ab7c480 0753241
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Wed Oct 26 21:45:29 2022 +0100
Merge branch 'help-err-exit' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-help-err-exit
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
commit 0753241b0c45311475822d05ce492ef925423dad
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Tue Oct 25 21:52:49 2022 +0100
Command 'help': For unknown command, exit with error.
Closes: #736
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Squashed commit of the following:
commit cd3ef9f218ba9e2862914ad9846dc674d5b89ea6
Merge: 368de14 8a8136b
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Tue Oct 25 21:04:16 2022 +0100
Merge branch 'changlog-725' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-changlog-725
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
commit 8a8136b20a4465b53d4bd59eff4b638af57a5d5b
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date: Tue Oct 25 20:03:49 2022 +0100
ChangeLog: Find data-files in the correct order (#727)
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Backport the patch from a4e37cfe54167cca2610aa401b06caae6fa4f724 to 3.0
that fixes the data arguments on Darwin and BSD. Patch originally
authored by @tincantech.
Update .gitignore to ignore macOS .DS_Store files.
Update ChangeLog for v3.0.9 release
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
This has been an on/off release tag, but we're going to push it out
because there are some that will remain on the v3.0.x branch for a
long time, and OpenSSL 3.x isn't available in all distros/embedded
systems yet (or for a while).
- Updated OpenSSL for Windows to 1.1.1o
- Updated ChangeLog for v3.0.9, pulling in most comments for v3.1.0
- Updated header in easyrsa to point to Github contributors page
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Add:
* Prefer 'PKI/vars' over all other locations (#528)
* Introduce 'init-pki soft' option (#197)
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
Using another build of OpenSSL that appears to work fine in testing.
Long term, we should be building OpenSSL ourselves and shipping it on a
regular basis. That's another project on the list.
Resolves#405.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
This reverts commit 5f3e5ca450eaf464ed21a5d3ec62d39f7594fd99.
There is an incompatibility in 1.1.1g with the EasyRSA script. There
are no new features in 1.1.1g we are leveraging directly, so just going
to revert to support the OpenVPN 2.5 release process and get EasyRSA
v3.x into more hands.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
