nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
261 Commits 1 Branch 0 Tags 43 MiB
Commit Graph

121 Commits

Author SHA1 Message Date
Eric F Crist
bebd71e76f
Support for clientServer 
Merging PR #38

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2019-01-11 11:58:00 -06:00
Eric F Crist
888e214027 Merge branch 'feature/sed' of https://github.com/javier-godoy/easy-rsa into javier-godoy-feature/sed 2019-01-11 10:21:40 -06:00
Eric F Crist
ab1b54caf0 Merge branch 'feature/crl_reason' of https://github.com/javier-godoy/easy-rsa into javier-godoy-feature/crl_reason 2019-01-11 10:12:04 -06:00
Richard Bonhomme
85318d19de
Move verifying the SSL lib to verify_ssl_lib() and only call after verify_pki_init() 
Signed-off-by: Richard Bonhomme <25598447+TinCanTech@users.noreply.github.com>
 2019-01-04 00:43:08 +00:00
Richard Bonhomme
35b1f59e44
Use EASYRSA specific temp file for output to set_pass 
Signed-off-by: Richard Bonhomme <25598447+TinCanTech@users.noreply.github.com>
 2019-01-01 18:07:17 +00:00
Javier Godoy
1a62872e05 Double quote to prevent globbing and word splitting 2018-12-22 06:05:00 -03:00
Javier Godoy
23d7051e76 Add optional CRL reason parameter 2018-12-16 18:18:28 -03:00
Javier Godoy
6227d89ec6 Preserve other environment variables 2018-12-16 18:03:58 -03:00
Richard Bonhomme
482c4b517f
Fix password echo 2018-12-16 18:16:48 +00:00
Richard Bonhomme
3b0d1992a7
Use escape backtick for sed separator 
Signed-off-by: Richard Bonhomme <25598447+TinCanTech@users.noreply.github.com>
 2018-12-12 14:17:23 +00:00
Eric F Crist
272ee0ea89
SC1147, remove local call 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-12-11 20:21:03 -06:00
Eric F Crist
14a5dc8a7a
Mergeing from solidgoldbomg for #118 
Merge branch 'add-show-ca-command' of
   https://github.com/solidgoldbomb/easy-rsa
   into solidgoldbomb-add-show-ca-command
 2018-12-11 20:04:05 -06:00
Eric F Crist
f9fa4ca127
Shellcheck corrections 
Make some corrections to appease shellcheck now that travis is working

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-12-11 18:18:31 -06:00
Stacey Sheldon
087d36a0d8 easyrsa: add show-ca command to display the ca certificate 2018-12-07 20:08:52 -05:00
Luiz Angelo Daros de Luca
edf1e92a3f update EASYRSA_CERT_EXPIRE new default value 
Improves 376c62f2b81e36db6f449ac7673013075b0c3ef1

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2018-10-04 18:08:43 -03:00
Luiz Angelo Daros de Luca
fcffd650ee respect EASYRSA_SSL_CONF during init-pki 
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2018-10-03 18:09:43 -03:00
Eric F Crist
e11b8566fe
trap sig exit, too 
The clean_temp() function failed to be called on a clean exit due to the
previous change (446a58f).  Also adding in the bit from die() that I
failed to remember to push in.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-10-02 17:06:36 -05:00
Eric F Crist
e7bd1efa91
Merge branch 'v3.0.6' of https://github.com/TinCanTech/easy-rsa into TinCanTech-v3.0.6 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-10-02 13:39:09 -05:00
Richard Bonhomme
e1e3ce8860
Improve hide_read_pass function 
Follow example from prog_exit function
 2018-10-02 18:52:05 +01:00
Eric F Crist
f0204c160b
Fix minor build-dist.sh issues 
* Use ~KEY~ pattern for replacement instead of ~~~, which doesn't scale.
* Include an empty string following -i for sed.  This prevents the extra
files from showing up with -e.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-10-02 10:34:50 -05:00
Eric F Crist
446a58f9f3
Broaden trap() functionality 
Resolves #236 and #247

* Broaden trapped signals to SIGHUB, SIGINT, SIGQUIT, SIGABRT
* Turn echo back on upon exit.
* Provide a newline at exit just to make the terminal look pretty.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-10-02 10:02:40 -05:00
Richard Bonhomme
abbae14592
Improve hide_read_pass function 2018-09-29 13:57:05 +01:00
Richard Bonhomme
d065ee3432
Correct path to sh.exe 2018-09-25 01:10:15 +01:00
Richard Bonhomme
881404932b Function to hide password input 2018-09-24 23:42:26 +01:00
Eric F Crist
85c949ef21 Chicken/Egg config writing fixed 
Only write out the default config to EASYRSA_PKI during init-pki
function call.  Assume it's there or error out when appropriate.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-09-15 10:43:49 -05:00
Eric F Crist
1daff987b3 Merge branch 'v3.0.5' of https://github.com/OpenVPN/easy-rsa into v3.0.6 2018-09-14 23:42:28 -05:00
Eric F Crist
c5ff31e867 Merge btamayo change. 
Closes #214 in master

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-09-14 22:42:57 -05:00
Eric F Crist
8f9f8e0b74 Merge branch 'btamayo-patch-1' into v3.0.5 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-09-14 22:41:33 -05:00
Eric F Crist
d0326c0d49 Merge in other commits suitable for v3.0.5 from masteer. 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-09-07 09:41:39 -05:00
Richard Bonhomme
4d084268b8
Fix set_pass() 'nopass' option 2018-09-07 13:23:35 +01:00
Eric F Crist
376c62f2b8 Update default certificate length, comments 
- Resolve #57, set default certificate length to 1080 days, leaves CA
  certifcates at 3650
- Add EasyRSA version to certificate comment for later troubleshooting
  and identification.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-08-23 16:51:17 -05:00
Richard Bonhomme
815d45a008
libressl: minor style corrections 2018-08-23 21:26:30 +01:00
Richard Bonhomme
e9d6393da3
libressl: use make_ssl_config and safessl-easyrsa.cnf for revoke 2018-08-23 21:20:53 +01:00
Richard Bonhomme
d1e72d4ea7
libressl: use make_ssl_config and safessl-easyrsa.cnf for gen_crl 2018-08-23 21:16:32 +01:00
Richard Bonhomme
93785e1e25
libressl: use make_ssl_config and safessl-easyrsa.cnf for sign_req 2018-08-23 21:12:39 +01:00
Richard Bonhomme
95d26a3840
libressl: use make_ssl_config and safessl-easyrsa.cnf for gen_req 2018-08-23 21:10:57 +01:00
Richard Bonhomme
97681d486d
libressl: use make_ssl_config and safessl-easyrsa.cnf for build_ca 2018-08-23 21:05:26 +01:00
Richard Bonhomme
f13b8c7a03
libressl: use make_ssl_config() for easyrsa openssl version check 2018-08-23 20:36:48 +01:00
Richard Bonhomme
2688e2493d
libressl: add notify SSL library in use 2018-08-23 20:29:35 +01:00
Richard Bonhomme
673f158230
libressl: switch to using safessl-easyrsa.cnf 
Keep openssl-easyrsa.cnf but switch to using safessl-easyrsa.cnf
Has the benefit of fixing easyrsa3 openssl version check for libressl
 2018-08-23 20:22:43 +01:00
Richard Bonhomme
8feb0f24fe
libressl: introduce function make_ssl_config 
This function reads openssl-easyrsa.cnf and then
removes "ENV::" and replaces "$vars" with value
then writes the results to safessl-easyrsa.cnf
 2018-08-23 20:12:55 +01:00
Richard Bonhomme
cfab21f79f
libressl: prepare openssl-easyrsa.cnf for use with libressl 2018-08-23 20:03:36 +01:00
Hugues Fafard
a6be9e9df7 Fixed broken nopass option in build-ca subcommand 2018-02-26 15:53:08 +01:00
Eric F Crist
02532b2311 merge branch 'honor-vars' of https://github.com/Antagonym/easy-rsa into v3.0.5 
Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-02-26 07:34:23 -06:00
Eric F Crist
2ef2660470 Remove quotes around $pkcs_opts 
Credit to @OtherSystems and @Antagonym and some others who pointed this out.  This
resolves #189 and #193 and #186 and #179.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-02-26 07:26:49 -06:00
Hugues Fafard
6e35636879 Merge remote-tracking branch 'upstream/v3.0.5' into honor-vars 2018-02-26 14:22:19 +01:00
Kodie Glosser
8836d509ae formatting and travis fix 2018-02-21 10:55:15 -06:00
Hugues Fafard
ef31c6c2e1 Honor priv-key related settings during build-ca 
The EASYRSA_ALGO, EASYRSA_KEY_SIZE, and EASYRSA_CURVE settings in
`vars`, as well as their runtime overrides are ignored during `build-ca`
since 6268cd9. This restores previous behavior of honring the settings.

Should also fix #179.
 2018-02-10 17:53:51 +01:00
Eric F Crist
bdfbd51d7b Fix format string in printf 
I knew this was hanging out there, but Antagoynm found it before I was
able to resolve it.  There was a message from shellcheck regarding this
one:
	SC2059: Don't use variables in the printf format string. Use
printf "..%s.." "$foo".

Should resolve #181

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-02-01 17:59:17 -06:00
Eric F Crist
7f2dda12c2 Use stty -echo instead of read -s 
Some Linux distros and BSD sh don't support the -s option to the read
builin.  This is the POSIX way to handle secure input to a tty.

Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
 2018-01-21 23:41:07 -06:00