nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
337 Commits 1 Branch 0 Tags 43 MiB
Commit Graph

337 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric F Crist
80e09e6bdc
Merge branch 'master' of https://github.com/TinCanTech/easy-rsa into TinCanTech-master 2019-04-18 06:46:19 -05:00
Eric F Crist
57a7db99ed
Merge branch 'xavierba-fix_upgrade' 
Fixes for upgrade from v3.0.5 to v3.0.6

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-04-18 06:43:26 -05:00
Xavier Bachelot
30d1c95e68
Simplify 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-03-22 18:15:08 +01:00
Xavier Bachelot
8075dbbded
Don't die on missing req on revoke/renew 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-03-22 18:14:52 +01:00
Xavier Bachelot
9715751815
Automatically create missing renewed dirs 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-03-22 18:14:34 +01:00
Xavier Bachelot
b3b3623de9
Automatically create missing revoked dirs 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-03-22 18:14:18 +01:00
Xavier Bachelot
0198f07eda
verify_ca_init has no business checking the revoked and renewed dirs 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-03-22 18:13:52 +01:00
Eric F Crist
ca33f84aa2
Add win32 OpenSSL binaries, update build 
New build script changes to handle win32/win64 openssl binaries.
There's more to do here with copying out the README files and such, but
this should be a good working start.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-07 18:08:39 -06:00
Eric F Crist
4501c904b9
Fix typos in openssl-easyrsa.cnf 
Merge branch 'IPv4v6-fix-typo'

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-07 17:21:26 -06:00
Stefan Pietsch
4ce6e9c8e4 Fix typo 2019-02-08 00:11:08 +01:00
Richard Bonhomme
cedd50e01e
Prune make_ssl_config 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-06 20:05:42 +00:00
Richard Bonhomme
205510bfab
Improve verify_ssl_lib 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-06 19:57:01 +00:00
Eric F Crist
9621e2626c
make op_test.sh executable 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-04 13:35:48 -06:00
Eric F Crist
3d808dff94
Update changelog 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-04 13:26:29 -06:00
Eric F Crist
be93f45f1e
No uname on Windows 
Since there's no uname command on Windows, send STDERR to /dev/null.
This just prevents an error from showing on the console but doesn't
actually change any system behavior.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-04 13:24:35 -06:00
Eric F Crist
e5d46199c9
Distribute OpenSSL 1.1.0j instead of 1.1.1a 
There are runtime issues with 1.1.1a at this time I've yet to track
down.  This is referenced in the docker-openvpn project issue 437
with a link in #261.  I've been able to reproduce it on Windows 10.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-04 13:21:58 -06:00
Eric F Crist
37edb7d1d7
Remove RANDFILE var from openssl-easyrsa.cnf 
This fixes #261.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-04 13:01:09 -06:00
Eric F Crist
66e2db1ef4
Add OpenSSL libs/binary for Windows 
Include OpenSSL libraries and binary for windows.  A precompiled package
was downloaded from http://wiki.overbyte.eu/arch/openssl-1.1.1a-win64.zip

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-04 09:58:49 -06:00
Eric F Crist
1b45a467a4
Update changelog 
straightening things out, back to master!

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-01 22:17:52 -06:00
Eric F Crist
4d94166608
OSX SSL version, lang bash for travis 
Merge branch 'TinCanTech-v3.0.6' into v3.0.6

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-02-01 08:56:19 -06:00
Eric F Crist
129bbcb235
Merge branch 'v3.0.6' of https://github.com/TinCanTech/easy-rsa into TinCanTech-v3.0.6 2019-02-01 08:55:59 -06:00
Richard Bonhomme
4641a3ef7f
Travis language: bash 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-01 14:41:36 +00:00
Richard Bonhomme
40351a5224
Travis: OSX SSL ver 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-01 14:32:38 +00:00
Eric F Crist
5ab4998cc2
Better date support for BSD/GNU 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-31 23:17:26 -06:00
Eric F Crist
1ec27cd9c5
Adding OS X testing 
Merge branch 'TinCanTech-v3.0.6' into v3.0.6

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-31 22:24:28 -06:00
Richard Bonhomme
71816ce3af
Howler! 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-01 02:14:23 +00:00
Richard Bonhomme
145ba1a77e
Travis env: PATH 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-01 01:52:14 +00:00
Richard Bonhomme
76d92c2af4
Add OSX to travis 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-02-01 01:23:33 +00:00
Eric F Crist
e6978bef1e
Merge branch 'luizluca-fix_build.sh' into v3.0.6 
Closes #255

* Added --no-windows, --no-unix and no --no-compress to skip some build steps.
* Use cp in a Linux and FreeBSD compatible way
* Set 'sed -i' backup extension (Linux and FreeBSD compatible)
  (Linux regression from f0204c1)
* Fix zip location to match tar (fixing also --bin-dest for win32)
* Align (y/n) with question in confirm

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-30 12:31:14 -06:00
Eric F Crist
d8a6020c54
Merge branch 'fix_build.sh' of https://github.com/luizluca/easy-rsa into luizluca-fix_build.sh 2019-01-30 12:30:46 -06:00
Luiz Angelo Daros de Luca
6827b51b5c
Multiple fix for build-dist.sh 
* Added --no-windows, --no-unix and no --no-compress to skip some
build steps.
* Use cp in a Linux and FreeBSD compatible way
* Set 'sed -i' backup extension (Linux and FreeBSD compatible)
  (Linux regression from f0204c160b3cbdc041a91f2861febab24b7f5f76)
* Fix zip location to match tar (fixing also --bin-dest for win32)
* Align (y/n) with question in confirm

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2019-01-30 13:59:48 -02:00
Eric F Crist
f77df62851
Adding date.exe for Windows dist from UnixUtils 
Should help to address #296 with renew feature.  Briefly tested on
Windows 10 from an EasyRSA v3.0.5 release extract.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-30 09:13:09 -06:00
Richard Bonhomme
2c2902613b
Add required temp file 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-29 17:08:13 -06:00
Eric F Crist
5c468a697c
Merge branch 'TinCanTech-v3.0.6' into v3.0.6 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-29 16:27:33 -06:00
Richard Bonhomme
1a8962639b
Remove unused var 2019-01-29 22:06:16 +00:00
Richard Bonhomme
9bdb97d5e3
Update op_test.sh usage; Add error count and custom library hook 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-01-29 21:54:19 +00:00
Eric F Crist
83ae8ad3e5
Merge branch 'v3.0.6' of https://github.com/TinCanTech/easy-rsa into v3.0.6 
Add additional tests to op_test.sh

Clsoing #292

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-29 14:31:06 -06:00
Eric F Crist
e6d858f2ae
Removing trap left in by mistake 
In my test for fixing I left the ERR trap in place.  non-posix, removing

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-29 13:56:13 -06:00
Eric F Crist
ea464c1b08
Fixes #293 
die() wasn't calling clean_temp;  Now it is.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-29 13:32:36 -06:00
Eric F Crist
818f76937e
Merge branch 'xavierba-renew_fixes' into v3.0.6 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-28 19:55:12 -06:00
Eric F Crist
9f2a5bec5a
Merge branch 'renew_fixes' of https://github.com/xavierba/easy-rsa into xavierba-renew_fixes 2019-01-28 19:54:46 -06:00
Xavier Bachelot
332ec2d38b
Prevent using an empty SAN 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-01-28 23:43:06 +01:00
Xavier Bachelot
c961210bda
Don't try to move inexistant files 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-01-28 23:42:50 +01:00
Xavier Bachelot
9de1173584
Workaround older openssl which don't have -ext 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-01-28 23:42:28 +01:00
Xavier Bachelot
ff87fb1812
Make cert renew grace period configurable (default: 30 days) 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-01-28 23:42:01 +01:00
Xavier Bachelot
6eff1118f8
Fix broken check for cert expiration time in renew command 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
 2019-01-28 23:40:40 +01:00
Richard Bonhomme
88aa03ae50
Add server renew and tiny lag to verify date field 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-01-28 22:18:39 +00:00
Eric F Crist
2c88190e5b
Merge branch 'TinCanTech-v3.0.6' into v3.0.6 
Add tests for certificate renewal

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-28 16:00:51 -06:00
Richard Bonhomme
64417dac68
Add renew_cert() to op_test.sh 
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
 2019-01-27 18:40:49 +00:00
Eric F Crist
c7b8ffb701
Fix trap() and prog_exit() so it exits correctly 
Fixes #282

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-26 16:57:54 -06:00