nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
824 Commits 1 Branch 0 Tags 43 MiB
Commit Graph

824 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Richard Bonhomme
e426db231d
Fail with error to create EASYRSA_TEMP_DIR 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-11 01:29:04 +01:00
Richard Bonhomme
ad3b35644d
Fix op_test.sh shellcheck SC2086 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 23:01:54 +01:00
Richard Bonhomme
939ddc49da
Add required shellcheck to cleanup() 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 22:25:19 +01:00
Richard Bonhomme
70ddded80b
Tidy up op_test.sh verbose 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 21:08:21 +01:00
Richard Bonhomme
0acb8bdd17
Silence shellcheck 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 20:34:28 +01:00
Richard Bonhomme
713f1d633e
Default SAN for serverClient, additional op_test 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 20:13:59 +01:00
Richard Bonhomme
1fa5003081
Work around Windows mktemp bug 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 18:32:47 +01:00
Richard Bonhomme
2dc63cd6fc
Re-instate OPENSSL_CONF and EASYRSA_SAFE_CONF 
EASYRSA_SAFE_CONF is libressl compatible config file.
Create EASYRSA_SAFE_CONF during init-pki, one time per PKI.
Set OPENSSL_CONF to be EASYRSA_SAFE_CONF, to prevent bogus warnings.

Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 18:21:44 +01:00
Richard Bonhomme
38ad124088
op_test.sh: remove old style custom ssl lib tests 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 17:46:23 +01:00
Richard Bonhomme
c763f3ad28
Improve wop_test.bat 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-10 14:18:29 +01:00
Eric F Crist
81b4ec923d
Clean up wait_sec() 
Make wait_sec() accept an argument for time so it behaves more like
sleep.

Merge branch 'TinCanTech-master'

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 08:56:00 -05:00
Eric F Crist
4af5aecb49
Merge branch 'master' of https://github.com/TinCanTech/easy-rsa into TinCanTech-master 2019-06-07 08:55:45 -05:00
Richard Bonhomme
fbb5e30858
op_test.sh: adhere to shellcheck 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-07 14:51:33 +01:00
Eric F Crist
bf7477f9d5
more typos, thanks xavierb! 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 08:48:06 -05:00
Eric F Crist
d7b0c781f4
typos in ChangeLog (thanks xavierb) 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 08:45:35 -05:00
Richard Bonhomme
f6e26cd42c
Improve op_test.sh: make wait_sec variable; Add server with SAN renew test. 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-07 14:38:38 +01:00
Eric F Crist
2412fa31b5
Updating changelog 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 07:56:24 -05:00
Eric F Crist
1ac0760867
Shore up Windows test framework 
Merge branch 'TinCanTech-master'

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 07:52:32 -05:00
Eric F Crist
1d695fc912
Merge branch 'master' of https://github.com/TinCanTech/easy-rsa into TinCanTech-master 2019-06-07 07:52:08 -05:00
Eric F Crist
03a464a1da
Merge branch 'xavierba-fix_305' 
fixes #305

Gracefully handle IP when both renewing cert and keeping SAN from the
old certificate

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 07:32:48 -05:00
Eric F Crist
aeaebfb599
Merge branch 'fix_305' of https://github.com/xavierba/easy-rsa into xavierba-fix_305 2019-06-07 07:32:33 -05:00
Eric F Crist
e8811e10e6
Merge branch 'luizluca-fix_dirtemp_windows' 
workaround for but in the win32 mktemp utility

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 07:31:17 -05:00
Eric F Crist
013f29556d
Merge branch 'fix_dirtemp_windows' of https://github.com/luizluca/easy-rsa into luizluca-fix_dirtemp_windows 2019-06-07 07:30:59 -05:00
Eric F Crist
5340fb2dfc
Merge branch 'luizluca-fix_read_s' 
Should "fix" errors related to ash and potentially other non-POSIX
shells that don't handle set -o or related options.

http://www.austingroupbugs.net/view.php?id=1207

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-06-07 07:25:04 -05:00
Xavier Bachelot
a41ce243c3
Gracefuly handle IP when both renewing cert and keeping SAN from the old cert 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-06-07 11:43:44 +02:00
Luiz Angelo Daros de Luca
44509c77ec
Try 'stty', 'set -o echo' and then read -s 
Although 'read -s' is not POSIX, it might be the only option
for some systems (OpenWrt). Try each alternative and, if all
those fails, warn the user and read with "echo on".

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2019-06-04 17:56:53 -03:00
Richard Bonhomme
1c0a9dfddd
Add Windows operational test 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-06-04 17:27:02 +01:00
Luiz Angelo Daros de Luca
e2a8b78d9a
workaround win32 mktemp bug 
win32 mktemp shipped by easyrsa does not work. It returns
unmodified template as the "temporary file". This results
in file conflicts when two temporary files are in use.
However win32 mktemp -d does work as expected. So, we can use
mktemp -du to generate a correct temporary file name.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2019-05-30 18:53:22 -03:00
Luiz Angelo Daros de Luca
12ee30a802
check for failed easyrsa_mktemp 
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2019-05-30 18:52:27 -03:00
Rolf
951ce27ccf Merge branch 'master' of https://github.com/rolfchess/easy-rsa 2019-05-17 13:56:58 +02:00
Rolf
abaa2f57b4 Show helpful error when vars file is missing 2019-05-17 13:52:33 +02:00
Eric F Crist
8374fcb4da
Adding support back in for incremental serials 
Not enabled by default.  Should fix #177.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-17 06:50:08 -05:00
Olliver Schinagl
e21ed159a1
Use intermediate CA rather then sub CA 
The term 'sub-ca' seems to be coined and used mostly/only by easyrsa.
More commonly, this type of certificate is called an intermediate CA
[0]. The term sub-ca, while logical is actually a Microsoft CA term [1].

The command itself remains the same for now, as it is shorter/easier to
type.

[0] https://en.wikipedia.org/w/index.php?title=Intermediate_certificate_authorities
[1] https://en.wikipedia.org/wiki/Public_key_infrastructure

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
 2019-05-17 10:31:26 +02:00
Olliver Schinagl
7f2936caf9
doc: Add signing example to the readme. 
While it is documented in the quickstart, it was missing from the
readme, which is confusing as all other commands are shown with an
example in the document.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
 2019-05-17 10:15:46 +02:00
Eric F Crist
6b7b6bf1f0
Merge branch 'IPv4v6-x509-type-email' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:41:27 -05:00
Eric F Crist
541c6d94ca Merge branch 'IPv4v6-x509-type-email' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:41:27 -05:00
Eric F Crist
9c0c15d062
Merge branch 'x509-type-email' of https://github.com/IPv4v6/easy-rsa into IPv4v6-x509-type-email 2019-05-06 22:41:05 -05:00
Eric F Crist
d28ab306e8 Merge branch 'x509-type-email' of https://github.com/IPv4v6/easy-rsa into IPv4v6-x509-type-email 2019-05-06 22:41:05 -05:00
Eric F Crist
51ac28e19e
Merge branch 'luizluca-batch_ops' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:38:01 -05:00
Eric F Crist
a020d4b3be Merge branch 'luizluca-batch_ops' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:38:01 -05:00
Eric F Crist
bcec3b9ce6
Merge branch 'batch_ops' of https://github.com/luizluca/easy-rsa into luizluca-batch_ops 2019-05-06 22:37:01 -05:00
Eric F Crist
782fb42986 Merge branch 'batch_ops' of https://github.com/luizluca/easy-rsa into luizluca-batch_ops 2019-05-06 22:37:01 -05:00
Eric F Crist
c3853eefa4
Merge branch 'luizluca-fix_firstcert_warn' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:32:53 -05:00
Eric F Crist
81aa0298a1 Merge branch 'luizluca-fix_firstcert_warn' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:32:53 -05:00
Eric F Crist
5d87cdcfae
Merge branch 'fix_firstcert_warn' of https://github.com/luizluca/easy-rsa into luizluca-fix_firstcert_warn 2019-05-06 22:32:34 -05:00
Eric F Crist
e6c64675d5 Merge branch 'fix_firstcert_warn' of https://github.com/luizluca/easy-rsa into luizluca-fix_firstcert_warn 2019-05-06 22:32:34 -05:00
Eric F Crist
f56c81b584
Merge branch 'luizluca-temp_dir' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:26:22 -05:00
Eric F Crist
048fd29a64 Merge branch 'luizluca-temp_dir' 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-05-06 22:26:22 -05:00
Eric F Crist
59f4923078
Merge branch 'temp_dir' of https://github.com/luizluca/easy-rsa into luizluca-temp_dir 2019-05-06 22:26:03 -05:00
Eric F Crist
09d9197579 Merge branch 'temp_dir' of https://github.com/luizluca/easy-rsa into luizluca-temp_dir 2019-05-06 22:26:03 -05:00