When easyrsa in in $PATH, $0 does not contain a directory, resulting
in an invalid prog_vars. prog_vars is used to get default vars
location, if $EASYRSA_VARS_FILE, $EASYRSA_PKI/vars and $PWD/pki/vars
does not exist.
$0 is also used to set $EASYRSA the same way prog_vars is defined.
$EASYRSA/openssl-easyrsa.cnf is used to set $EASYRSA_SSL_CONF initial
content if missing.
$EASYRSA/x509-types is used to for extensions dir if $EASYRSA_EXT_DIR
and $EASYRSA_PKI/x509-types are not found. However, if vars already
needs changes, it is better to set $EASYRSA_EXT_DIR and file locations
there.
Normally a symlink to /usr/bin will be used to put easyrsa in $PATH.
Following $PATH and symlink allows easyrsa to be located in a more
standard dir like /usr/lib/easy-rsa/easyrsa and vars at
/usr/{lib,libexec,share}/easyrsa/vars, which could be a symlink to
/etc/easy-rsa/vars. vars can be easily appended with the default
distribution values.
With this patch, a system-wide easyrsa package could use this file
structure without patching easyrsa:
/etc/easy-rsa/openssl-easyrsa.cnf
/etc/easy-rsa/pki/
/etc/easy-rsa/vars
/usr/bin/easyrsa -> /usr/lib/easy-rsa/easyrsa
/usr/lib/easy-rsa/easyrsa
/usr/lib/easy-rsa/openssl-easyrsa.cnf
/usr/lib/easy-rsa/vars -> /etc/easy-rsa/vars
/usr/lib/easy-rsa/x509-types
If following symlink fails (win32), the previous behavior is used.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
New build script changes to handle win32/win64 openssl binaries.
There's more to do here with copying out the README files and such, but
this should be a good working start.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Since there's no uname command on Windows, send STDERR to /dev/null.
This just prevents an error from showing on the console but doesn't
actually change any system behavior.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
There are runtime issues with 1.1.1a at this time I've yet to track
down. This is referenced in the docker-openvpn project issue 437
with a link in #261. I've been able to reproduce it on Windows 10.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Closes#255
* Added --no-windows, --no-unix and no --no-compress to skip some build steps.
* Use cp in a Linux and FreeBSD compatible way
* Set 'sed -i' backup extension (Linux and FreeBSD compatible)
(Linux regression from f0204c1)
* Fix zip location to match tar (fixing also --bin-dest for win32)
* Align (y/n) with question in confirm
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
* Added --no-windows, --no-unix and no --no-compress to skip some
build steps.
* Use cp in a Linux and FreeBSD compatible way
* Set 'sed -i' backup extension (Linux and FreeBSD compatible)
(Linux regression from f0204c160b3cbdc041a91f2861febab24b7f5f76)
* Fix zip location to match tar (fixing also --bin-dest for win32)
* Align (y/n) with question in confirm
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Should help to address #296 with renew feature. Briefly tested on
Windows 10 from an EasyRSA v3.0.5 release extract.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
