Effective fix for the bandaid needed in 16c584371641d1a15b73d1be179b0eee132dec3b
My commit (9d6077d91592f43294383de4698c878a039329e9) created an
inadvertent problem for @TinCanTech in his local testing due to some
other latent code. The bandaid above was to prevent my "fix" from
deleting his test code in future pulls.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
New op_test.sh was commited before it was ready:
* Improve TEMP_DIR management (./easyrsa3/temp must not exist)
* Use WORK_DIR (./easyrsa3)
* Clean up CUSTOM_OPTS
* Clean up Sample requests
* Clean up destroy_data (openssl_easyrsa.cnf must be restored)
* Added note to import_req
* Re-instate DEPS_DIR hooks
* Improve output (newline)
* Add required shellcheck exclusions (# shellcheck disable=SC2086 two instances)
Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
This provides support to renew certificates 30 days before expiration of
the original certificate.
Behavior Change: This adds the ability to create certificates with
duplicate CNs, which differs from previous releases.
Merge branch 'xavierba-renew' into v3.0.6
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Conversation from IRC, times are Central Standard:
09:34:13 <@tincantech> i only added the rm as a "precaution" .. it is not really necessary because all the temp pki's are deleted first anyway
09:34:38 < ecrist> When I look at the code, you have a function, destroy_data() which deletes everything. It's only called in setup() and in tear_down().
09:35:27 <@tincantech> https://github.com/OpenVPN/easy-rsa/blob/v3.0.6/op_test.sh#L564
09:35:28 < vpnHelper> Title: easy-rsa/op_test.sh at v3.0.6 · OpenVPN/easy-rsa · GitHub (at github.com)
09:37:08 < ecrist> what are you pointing out there?
09:37:44 <@tincantech> i am calling $TEMP_DIR/openssl.sh
09:38:51 < ecrist> and where does that file come from?
09:39:27 <@tincantech> i would prefer that https://github.com/OpenVPN/easy-rsa/blob/v3.0.6/op_test.sh#L215 is just removed completely
09:39:28 < vpnHelper> Title: easy-rsa/op_test.sh at v3.0.6 · OpenVPN/easy-rsa · GitHub (at github.com)
09:42:02 < ecrist> I'm still trying to address the $TEMP_DIR/openssl.sh
09:42:06 < ecrist> where is that file?
09:43:12 <@tincantech> it is only a local file
09:43:36 < ecrist> well, it doesn't make sense to build support in to the test script for things that aren't committed with the test script.
09:44:06 < ecrist> And temp is just that, temp. If there are other dependencies, those should go in a sane location, like test_libs or something.
09:47:06 <@tincantech> then i guess remove line 564-568
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Added the -S warning option to the shellcheck call to make informational
and style suggestions not throw errors in travis. These types of things
can be picked up in code review.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
In testing for #63 I discovered that there is at least one instance of a
quoted $opts for the revoke command that causes openssl to throw errors.
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
Minor merge conflict changes:
* remove local scoping
* PR was based on master, this is being merged in v3.0.6
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
