easyrsa

Author	SHA1	Message	Date
Richard T Bonhomme	940a94dee9	Merge branch 'TinCanTech-gen-crl-minor-improvement' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-25 17:58:40 +00:00
Richard T Bonhomme	ebd5f66db0	Merge branch 'gen-crl-minor-improvement' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-gen-crl-minor-improvement Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-25 17:58:04 +00:00
Richard T Bonhomme	95f4b67703	gen-crl: Minor improvements Add EASYRSA_CRL_DAYS to command to generate a new CRL. Although this is taken care of in the SSL config file, it is easier to understand by having the code incuded in the script. Honor batch mode and over write an existing CRL, with out confirmation. An out dated CRL is of little value and the user has specified batch mode, so honor it. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-25 14:56:09 +00:00
Richard T Bonhomme	1dd740f9a5	Merge branch 'TinCanTech-bugfix-req-serial-no-safe-ssl' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-23 13:23:46 +00:00
Richard T Bonhomme	c55b410f52	Merge branch 'bugfix-req-serial-no-safe-ssl' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-bugfix-req-serial-no-safe-ssl Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-23 13:23:01 +00:00
Richard T Bonhomme	8944eae7ac	Use set_var to correctly assign EASYRSA_REQ_SERIAL This configures EASYRSA_REQ_SERIAL for use in the SSL config file. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-23 13:09:07 +00:00
Richard T Bonhomme	5fa424b913	Merge branch 'TinCanTech-fix-offset-use-enddate' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-21 22:16:21 +00:00
Richard T Bonhomme	04ee3b0977	Merge branch 'fix-offset-use-enddate' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-fix-offset-use-enddate Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-21 22:15:40 +00:00
Richard T Bonhomme	d35e288700	Merge branch 'TinCanTech-move-rand-serial-file' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-21 22:04:02 +00:00
Richard T Bonhomme	32dc387723	Merge branch 'move-rand-serial-file' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-move-rand-serial-file Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-21 22:03:07 +00:00
Richard T Bonhomme	436f77e888	ChangeLog; Only create a random serial number file when expected (#896 ) Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-21 22:01:16 +00:00
Richard T Bonhomme	06fed95730	sign-req: Use either SSL option -days OR -startdate/-enddate Using --fix-offset will not use -days, only -statdate/-enddate. Options -startdate/-enddate are absolute dates, not counted from today by OpenSSL, for any reason. Fixes some unrelated warnings about incomplete SSL config file, when using --fix-offset. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-19 22:10:26 +00:00
Richard T Bonhomme	2eda52061b	sign-req: Only create a random serial number file when expected When EASYRSA_RAND_SN="no", the file pki/serial file is not meant to be updated by easyrsa. OpenSSL manages the file itself. Move the code to write the file pki/serial with a random number, inside the if condition for EASYRSA_RAND_SN, so the file is only written to by easyrsa, when a random serial number is expected. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-19 21:37:30 +00:00
Richard T Bonhomme	2abc237594	Merge branch 'TinCanTech-ca-password-temp-file-removal' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-14 21:04:37 +00:00
Richard T Bonhomme	58638bcfc2	Merge branch 'ca-password-temp-file-removal' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-ca-password-temp-file-removal Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-14 21:03:42 +00:00
Richard T Bonhomme	88557aae8c	build_ca: Initialise get_passphrase() correctly Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-12 02:37:34 +00:00
Richard T Bonhomme	2dd2767922	build-ca: Deliberately remove manual password in temp-file Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 23:11:43 +00:00
Richard T Bonhomme	41f23444c6	Merge branch 'TinCanTech-set_var-v2' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 21:54:57 +00:00
Richard T Bonhomme	9d21db8629	Merge branch 'set_var-v2' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-set_var-v2 Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 21:54:04 +00:00
Richard T Bonhomme	3d1f2135bb	Merge branch 'TinCanTech-cleanup-stty-echo' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 21:43:25 +00:00
Richard T Bonhomme	8510681747	Merge branch 'cleanup-stty-echo' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-cleanup-stty-echo Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 21:42:07 +00:00
Richard T Bonhomme	a23232144c	Merge branch 'TinCanTech-easyrsa_mktemp-v2' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 21:28:13 +00:00
Richard T Bonhomme	1dc5c265ac	Merge branch 'easyrsa_mktemp-v2' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-easyrsa_mktemp-v2 Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 21:27:32 +00:00
Richard T Bonhomme	35dd0d919c	Remove unused variable EASYRSA_EC_DIR This was used to define a temp-dir for a temp-file for EC params. This was replaced by standard temp-file EASYRSA_ALGO_PARAMS. The replacement was due to EasyRSA support for OpenSSL version 3, where SSL command 'genpkey' replaced the previous commands. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-11 02:51:24 +00:00
Richard T Bonhomme	66d282e1c1	set-var(): Check input, die on errors Previously, set_var() had no input checking, combined with the point that, via vars, set_var() is user facing, this can lead to easy user errors. Now, input is checked: - Parameter 1 is required. - Parameter 1 cannot contain a space. - Less-than 3 input parameters are expected. - Quote the expansion of the first occurence of parameter 1 in the evaluated expression. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-09 20:47:15 +00:00
Richard T Bonhomme	d4a1caa394	Rename variable EASYRSA_TEMP_DIR_session to secured_session Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-09 01:21:55 +00:00
Richard T Bonhomme	9a4b98246b	secure_session(): Wrap long lines Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-09 00:41:45 +00:00
Richard T Bonhomme	f762627e2d	easyrsa_mktemp(): Drop redundant test of temp-session existence Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-09 00:21:35 +00:00
Richard T Bonhomme	043448503f	easyrsa_mktemp(): Correct logic for file creation Each try is now aimed at creating a unique target file. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-09 00:20:28 +00:00
Richard T Bonhomme	fd8dcfdafe	Merge branch 'TinCanTech-verify-ssl-before-temp-session' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-08 23:11:26 +00:00
Richard T Bonhomme	393a094aa4	Merge branch 'verify-ssl-before-temp-session' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-verify-ssl-before-temp-session Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-08 23:10:28 +00:00
Richard T Bonhomme	8de04a1439	Move verify_ssl_lib() - Always verify SSL lib, for all commands Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-08 23:05:33 +00:00
Richard T Bonhomme	e70c6363e6	cleanup(): Only enable terminal echo when it has been disabled Only build-ca with a manually entered password disables terminal echo. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-08 18:04:14 +00:00
Richard T Bonhomme	b52f6cbd8b	easyrsa_mktemp(): Pre-assign empty value to temp-file name Satisfy shellcheck SC2154, var is referenced but not assigned. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-07 23:32:48 +00:00
Richard T Bonhomme	fba0cf1986	easyrsa_mktemp(): Use sequentially numbered temp-files This drops use of SSL to generate randomly numbered files. The temp-session is still randomly named. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-07 19:49:24 +00:00
Richard T Bonhomme	ab264130c1	ChangeLog: Option --fix-offset: Adjust off-by-one day Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 21:14:01 +00:00
Richard T Bonhomme	11e66f3dfb	Merge branch 'TinCanTech-remove-debug' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 19:54:12 +00:00
Richard T Bonhomme	c2b20731d5	Merge branch 'remove-debug' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-remove-debug Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 19:53:14 +00:00
Richard T Bonhomme	b8d0c789e5	Merge branch 'TinCanTech-remove-extra-output-lines' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 19:49:39 +00:00
Richard T Bonhomme	4ad288ef5b	Merge branch 'remove-extra-output-lines' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-remove-extra-output-lines Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 19:49:05 +00:00
Richard T Bonhomme	043ee3e4c0	Merge branch 'TinCanTech-general-fixes' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 19:47:15 +00:00
Richard T Bonhomme	4e0135acd6	Merge branch 'general-fixes' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-general-fixes Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 19:45:31 +00:00
Richard T Bonhomme	84f6a3775c	init-pki soft: Add crl.pem to file delete list Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 14:47:31 +00:00
Richard T Bonhomme	0d404360c5	show-ca: Remove undefined '$type' variable from output Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 14:33:45 +00:00
Richard T Bonhomme	d1063e0ad0	Remove redundant separator lines Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 00:55:36 +00:00
Richard T Bonhomme	3b5ff50bf7	Remove ineffectual redirector Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-04 00:43:40 +00:00
Richard T Bonhomme	4ed1277ba1	Merge branch 'TinCanTech-move-show_host' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-03 23:55:35 +00:00
Richard T Bonhomme	b7f46a1482	Merge branch 'move-show_host' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-move-show_host Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-03 23:55:01 +00:00
Richard T Bonhomme	d5c28f6ec2	Move calling show_host() to function die(), where it belongs Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-03 23:51:06 +00:00
Richard T Bonhomme	3175b0118e	Merge branch 'TinCanTech-wrap-sed' Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>	2023-02-03 23:26:26 +00:00

1 2 3 4 5 ...

1534 Commits