2
0

100-run-ootb.patch 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152
  1. --- a/easy-rsa/2.0/build-ca
  2. +++ b/easy-rsa/2.0/build-ca
  3. @@ -5,4 +5,4 @@
  4. #
  5. export EASY_RSA="${EASY_RSA:-.}"
  6. -"$EASY_RSA/pkitool" --interact --initca $*
  7. +"/usr/sbin/pkitool" --interact --initca $*
  8. --- a/easy-rsa/2.0/build-dh
  9. +++ b/easy-rsa/2.0/build-dh
  10. @@ -1,5 +1,7 @@
  11. #!/bin/sh
  12. +. /etc/easy-rsa/vars
  13. +
  14. # Build Diffie-Hellman parameters for the server side
  15. # of an SSL/TLS connection.
  16. --- a/easy-rsa/2.0/build-inter
  17. +++ b/easy-rsa/2.0/build-inter
  18. @@ -4,4 +4,4 @@
  19. # root certificate.
  20. export EASY_RSA="${EASY_RSA:-.}"
  21. -"$EASY_RSA/pkitool" --interact --inter $*
  22. +"/usr/sbin/pkitool" --interact --inter $*
  23. --- a/easy-rsa/2.0/build-key
  24. +++ b/easy-rsa/2.0/build-key
  25. @@ -4,4 +4,4 @@
  26. # root certificate.
  27. export EASY_RSA="${EASY_RSA:-.}"
  28. -"$EASY_RSA/pkitool" --interact $*
  29. +"/usr/sbin/pkitool" --interact $*
  30. --- a/easy-rsa/2.0/build-key-pass
  31. +++ b/easy-rsa/2.0/build-key-pass
  32. @@ -4,4 +4,4 @@
  33. # with a password.
  34. export EASY_RSA="${EASY_RSA:-.}"
  35. -"$EASY_RSA/pkitool" --interact --pass $*
  36. +"/usr/sbin/pkitool" --interact --pass $*
  37. --- a/easy-rsa/2.0/build-key-pkcs12
  38. +++ b/easy-rsa/2.0/build-key-pkcs12
  39. @@ -5,4 +5,4 @@
  40. # the CA certificate as well.
  41. export EASY_RSA="${EASY_RSA:-.}"
  42. -"$EASY_RSA/pkitool" --interact --pkcs12 $*
  43. +"/usr/sbin/pkitool" --interact --pkcs12 $*
  44. --- a/easy-rsa/2.0/build-key-server
  45. +++ b/easy-rsa/2.0/build-key-server
  46. @@ -7,4 +7,4 @@
  47. # extension in the openssl.cnf file.
  48. export EASY_RSA="${EASY_RSA:-.}"
  49. -"$EASY_RSA/pkitool" --interact --server $*
  50. +"/usr/sbin/pkitool" --interact --server $*
  51. --- a/easy-rsa/2.0/build-req
  52. +++ b/easy-rsa/2.0/build-req
  53. @@ -4,4 +4,4 @@
  54. # when your root certificate and key is not available locally.
  55. export EASY_RSA="${EASY_RSA:-.}"
  56. -"$EASY_RSA/pkitool" --interact --csr $*
  57. +"/usr/sbin/pkitool" --interact --csr $*
  58. --- a/easy-rsa/2.0/build-req-pass
  59. +++ b/easy-rsa/2.0/build-req-pass
  60. @@ -4,4 +4,4 @@
  61. # with a password.
  62. export EASY_RSA="${EASY_RSA:-.}"
  63. -"$EASY_RSA/pkitool" --interact --csr --pass $*
  64. +"/usr/sbin/pkitool" --interact --csr --pass $*
  65. --- a/easy-rsa/2.0/clean-all
  66. +++ b/easy-rsa/2.0/clean-all
  67. @@ -1,5 +1,7 @@
  68. #!/bin/sh
  69. +. /etc/easy-rsa/vars
  70. +
  71. # Initialize the $KEY_DIR directory.
  72. # Note that this script does a
  73. # rm -rf on $KEY_DIR so be careful!
  74. --- a/easy-rsa/2.0/inherit-inter
  75. +++ b/easy-rsa/2.0/inherit-inter
  76. @@ -1,5 +1,7 @@
  77. #!/bin/sh
  78. +. /etc/easy-rsa/vars
  79. +
  80. # Build a new PKI which is rooted on an intermediate certificate generated
  81. # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should
  82. # have independent vars settings, and must use a different KEY_DIR directory
  83. --- a/easy-rsa/2.0/list-crl
  84. +++ b/easy-rsa/2.0/list-crl
  85. @@ -1,5 +1,7 @@
  86. #!/bin/sh
  87. +. /etc/easy-rsa/vars
  88. +
  89. # list revoked certificates
  90. CRL="${1:-crl.pem}"
  91. --- a/easy-rsa/2.0/pkitool
  92. +++ b/easy-rsa/2.0/pkitool
  93. @@ -1,5 +1,7 @@
  94. #!/bin/sh
  95. +. /etc/easy-rsa/vars
  96. +
  97. # OpenVPN -- An application to securely tunnel IP networks
  98. # over a single TCP/UDP port, with support for SSL/TLS-based
  99. # session authentication and key exchange,
  100. --- a/easy-rsa/2.0/revoke-full
  101. +++ b/easy-rsa/2.0/revoke-full
  102. @@ -1,5 +1,7 @@
  103. #!/bin/sh
  104. +. /etc/easy-rsa/vars
  105. +
  106. # revoke a certificate, regenerate CRL,
  107. # and verify revocation
  108. --- a/easy-rsa/2.0/sign-req
  109. +++ b/easy-rsa/2.0/sign-req
  110. @@ -4,4 +4,4 @@
  111. # with a local root certificate and key.
  112. export EASY_RSA="${EASY_RSA:-.}"
  113. -"$EASY_RSA/pkitool" --interact --sign $*
  114. +"/usr/sbin/pkitool" --interact --sign $*
  115. --- a/easy-rsa/2.0/vars
  116. +++ b/easy-rsa/2.0/vars
  117. @@ -12,7 +12,7 @@
  118. # This variable should point to
  119. # the top level of the easy-rsa
  120. # tree.
  121. -export EASY_RSA="`pwd`"
  122. +export EASY_RSA="/etc/easy-rsa"
  123. #
  124. # This variable should point to
  125. @@ -26,7 +26,7 @@
  126. # This variable should point to
  127. # the openssl.cnf file included
  128. # with easy-rsa.
  129. -export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
  130. +export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA`
  131. # Edit this variable to point to
  132. # your soon-to-be-created key