easyrsa

Author	SHA1	Message	Date
Richard T Bonhomme	7c9f18bfb8	Merge branch 'TinCanTech-always-enable-inline' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 22:39:51 +00:00
Richard T Bonhomme	79cbd1d494	Merge branch 'always-enable-inline' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-always-enable-inline Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 22:39:11 +00:00
Richard T Bonhomme	51a82a7fb5	build-full: Always enable inline file creation Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 21:56:58 +00:00
Richard T Bonhomme	866557a589	install_data_to_pki(): Wrap long lines, no functional changes Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 20:23:50 +00:00
Richard T Bonhomme	5d59605365	init-pki: Add new inline directory (Wrap long lines) Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 19:19:30 +00:00
Richard T Bonhomme	ae0020acdc	Create new 'inline' directory as required Require creation during init-pki, renew and rebuild. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 16:08:16 +00:00
Richard T Bonhomme	a4f90d8c03	Unit-test: Update openssl to v3.0.7 (Linux only) Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-03 00:43:57 +00:00
Richard T Bonhomme	a7f5044c0d	Add new inline file to command 'rebuild' processes Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-02 22:01:27 +00:00
Richard T Bonhomme	0072f5171c	Add new inline file to command 'renew' processes Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-02 21:38:39 +00:00
Richard T Bonhomme	ef9b3b8192	Add new inline file to command 'revoke' processes Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-02 20:28:44 +00:00
Richard T Bonhomme	f5da984c49	build-full: Always enable inline file creation Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-02 20:07:36 +00:00
Richard T Bonhomme	4bcfe5b236	Merge branch 'TinCanTech-promote-init-pki-soft' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 23:30:04 +00:00
Richard T Bonhomme	0121cc05a4	Merge branch 'promote-init-pki-soft' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-promote-init-pki-soft Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 23:29:12 +00:00
Richard T Bonhomme	5f85068558	init-pki(): Introduce second warning before HARD removal Only if a PKI currently exists, add a second confirmation to promote the use of 'init-pki soft'. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 22:56:51 +00:00
Richard T Bonhomme	b56357e1bc	verify_cert(): Support global --batch mode Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 19:45:29 +00:00
Richard T Bonhomme	efff1ad843	Merge branch 'TinCanTech-cleanup-exit-number-only' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 18:25:03 +00:00
Richard T Bonhomme	4c0c02217f	Merge branch 'cleanup-exit-number-only' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-cleanup-exit-number-only Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 18:24:20 +00:00
Richard T Bonhomme	6522163dc9	Merge branch 'TinCanTech-default-ed-curve' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 18:20:40 +00:00
Richard T Bonhomme	96b96c18c7	Merge branch 'default-ed-curve' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-default-ed-curve Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-01-01 18:19:57 +00:00
Richard T Bonhomme	7afb20ad1a	cleanup(): Exit with numeric error-code only Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-28 23:15:39 +00:00
Richard T Bonhomme	3050d59f60	fixed_cert_dates(): Remove unused variable 'today_n' Originally used to calculate roll-back by one year, also removed. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-28 17:51:27 +00:00
Richard T Bonhomme	f315e6b5a2	Make default Edwards curve ED25519 Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-28 17:34:29 +00:00
Richard T Bonhomme	48a74fbca0	Default settings: Make default Edwards curve ED25519 Perform hierarchial decision for elliptic curve name. Default curves per algorithm: * 'ec' Elliptic curve name 'secp384r1' (Unchanged) * 'ed' Edwards curve name 'ed25519' (Changed) Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-28 17:15:40 +00:00
Richard T Bonhomme	6ac84dc2aa	Allow --fix-offset to create post-dated certificates Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-22 22:24:51 +00:00
Richard T Bonhomme	4082228f64	Merge branch 'TinCanTech-allow-post-date-fix-offset' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-22 22:19:42 +00:00
Richard T Bonhomme	97cea4157d	Merge branch 'allow-post-date-fix-offset' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-allow-post-date-fix-offset Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-22 22:18:52 +00:00
Richard T Bonhomme	4af00b38ce	Merge branch 'TinCanTech-bugfix-build-ca-openssl-easersa-cnf' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-21 21:16:32 +00:00
Richard T Bonhomme	2f1fa20632	Merge branch 'bugfix-build-ca-openssl-easersa-cnf' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-bugfix-build-ca-openssl-easersa-cnf Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-21 21:15:51 +00:00
Richard T Bonhomme	4b3458b979	build-ca: Change FATAL error to warning for old openssl-easyrsa.cnf This will only effect a CA built with custom EASYRSA_EXTRA_EXTS; The solution being, to use the correct 'openssl-easyrsa.cnf'. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-21 13:49:54 +00:00
Richard T Bonhomme	fc8c1c4b2a	Merge branch 'TinCanTech-formalise-cleanup-exit' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-20 20:29:30 +00:00
Richard T Bonhomme	a320b291d6	Merge branch 'formalise-cleanup-exit' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-formalise-cleanup-exit Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-20 20:28:53 +00:00
Richard T Bonhomme	5ea6177338	Wrap more long lines Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-20 20:25:14 +00:00
Richard T Bonhomme	fc4bcb6184	cleanup(): General improvements - Create KNOWN error exit Where errors are known, exit via 'Known' branch. Allow preset error number to propagate. Long line wrapping. Shorten associated variable names. Move clearing traps to within cleanup(). Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-20 20:06:26 +00:00
Richard T Bonhomme	0fd88d65a3	Merge branch 'TinCanTech-renew-over-shift' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-18 21:53:51 +00:00
Richard T Bonhomme	902d8e18e5	Merge branch 'renew-over-shift' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-renew-over-shift Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-18 21:53:10 +00:00
Richard T Bonhomme	e4b02a1dcb	Function safe_set_var(): Hard exit for unexpected errors Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-17 22:40:56 +00:00
Richard T Bonhomme	6e0a9c78c4	Wrap long lines hide_read_pass() get_passphrase() Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-17 22:38:12 +00:00
Richard T Bonhomme	1cf4cce432	Renew: wrap long lines in related functions Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-17 22:35:13 +00:00
Richard T Bonhomme	a815f39847	Function renew_move(): Ignore non-essential file removal errors Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-17 22:27:39 +00:00
Richard T Bonhomme	4c8a4e8765	Command renew: Require CSR as input file and refactor verification Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-17 21:51:39 +00:00
Richard T Bonhomme	b4dc2ad0ea	Command renew: Process options correctly and minor improvements Process options correctly: * This removes an errant 'shift' when processing options. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-17 21:45:23 +00:00
Richard T Bonhomme	97fec2de61	Merge branch 'TinCanTech-win-build-ca' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-15 19:57:34 +00:00
Richard T Bonhomme	74e512252c	Merge branch 'win-build-ca' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-win-build-ca Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-15 19:56:55 +00:00
Richard T Bonhomme	0ce126a289	build-ca: Error-exit on failure to write temp-CA-passphrase files Also, prototype easyrsa_mktemp() errors. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-13 00:02:28 +00:00
Richard T Bonhomme	9a495f7bd3	build-ca: Use OpenSSL '-passout' with EasyRSA '--passout' correctly Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-12 21:22:44 +00:00
Richard T Bonhomme	0063de0d88	Allow default CA generation method to be unit-tested If 'easyrsa' is being run by the unit-test then allow the default method for 'build-ca' to be exercised. The default 'easyrsa' method is to use temp-files, generated by EasyRSA, to pass the CA passphrase, provided by the user, to the SSL command. The normal 'unit-test' method to use a passphrase is to configure EasyRSA ommand line options '--passin' and '--passout'. The change made here is to simulate user-interaction and to supply a default passphrase, as a user, to the SSL command. To NOT use EasyRSA command line options to set any passphrase. ONLY when being run by the unit-test. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-11 22:37:40 +00:00
Richard T Bonhomme	8ae6bca3dc	Windows, build-ca: Add input password to re-open private key Using OpenSSL 3.0.7, packaged by OpenVPN Windows installer, causes EasyRSA command 'build-ca' to fail, because it does not have an input password to re-open the private key, which is required to generate the CA certificate. Provide the user specified CA passphrase as input password for build-ca. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-11 22:29:35 +00:00
Richard T Bonhomme	bec781d3fe	Merge branch 'TinCanTech-sanatize_and_set_var' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-11 12:56:23 +00:00
Richard T Bonhomme	b5228f76d0	Merge branch 'sanatize_and_set_var' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-sanatize_and_set_var Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-11 12:55:38 +00:00
Richard T Bonhomme	d3f4cb4d02	ssl_cert_not_after_date(): Use safe_set_var() Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2022-12-10 14:26:46 +00:00

1 2 3 4 5 ...

1436 Commits