Index: head/security/easy-rsa/Makefile =================================================================== --- head/security/easy-rsa/Makefile (revision 496637) +++ head/security/easy-rsa/Makefile (revision 496638) @@ -1,52 +1,53 @@ # $FreeBSD$ PORTNAME= easy-rsa -DISTVERSION= 3.0.5 -PORTREVISION= 1 +DISTVERSION= 3.0.6 CATEGORIES= security net-mgmt MASTER_SITES= https://github.com/OpenVPN/easy-rsa/releases/download/v${DISTVERSION}/ -DISTNAME= EasyRSA-nix-${DISTVERSION} +DISTNAME= EasyRSA-unix-v${DISTVERSION} # Eric F. Crist does not require my # approval for changes to this package. -- mandree@FreeBSD.org MAINTAINER= mandree@FreeBSD.org COMMENT= Small RSA key management package based on openssl LICENSE= GPLv2 CONFLICTS_INSTALL=easy-rsa2-* USES= tar:tgz NO_BUILD= yes -WRKSRC= ${WRKDIR}/EasyRSA-${DISTVERSION} +WRKSRC= ${WRKDIR}/EasyRSA-v${DISTVERSION} +PATCH_STRIP= -p2 + OPTIONS_DEFINE= DOCS EXAMPLES PORTDATA= x509-types/ -_pd_files= ChangeLog README.quickstart.md +_pd_files= ChangeLog COPYING.md README.md README.quickstart.md _pd_dirs= doc/ PORTDOCS= ${_pd_files} ${_pd_dirs} SUB_FILES= easyrsa do-install: ${MKDIR} ${STAGEDIR}${PREFIX}/bin ${MKDIR} ${STAGEDIR}${DATADIR}/x509-types/ ${INSTALL_SCRIPT} ${WRKDIR}/easyrsa ${STAGEDIR}${PREFIX}/bin/ ${INSTALL_SCRIPT} ${WRKSRC}/easyrsa ${STAGEDIR}${DATADIR}/easyrsa.real ${INSTALL_DATA} ${WRKSRC}/vars.example ${STAGEDIR}${DATADIR}/ ${INSTALL_DATA} ${WRKSRC}/openssl-easyrsa.cnf ${STAGEDIR}${DATADIR}/openssl-easyrsa.cnf.example (cd ${WRKSRC}/x509-types/ && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/x509-types/) do-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} .for i in ${_pd_files} ${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${DOCSDIR} .endfor .for i in ${_pd_dirs} ${MKDIR} ${STAGEDIR}${DOCSDIR}/${i} (cd ${WRKSRC}/${i} && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}/${i}) .endfor .include Index: head/security/easy-rsa/distinfo =================================================================== --- head/security/easy-rsa/distinfo (revision 496637) +++ head/security/easy-rsa/distinfo (revision 496638) @@ -1,3 +1,3 @@ -TIMESTAMP = 1537015455 -SHA256 (EasyRSA-nix-3.0.5.tgz) = 5ebfe7dfa20008aa15cecb136f2b308f6e23e29f17568969a3ba772aa50bbb37 -SIZE (EasyRSA-nix-3.0.5.tgz) = 50270 +TIMESTAMP = 1553337199 +SHA256 (EasyRSA-unix-v3.0.6.tgz) = cb29aed2d27824e59dbaad547f11dcab380a53c9fe05681249e804af436f1396 +SIZE (EasyRSA-unix-v3.0.6.tgz) = 40840 Index: head/security/easy-rsa/files/patch-easyrsa =================================================================== --- head/security/easy-rsa/files/patch-easyrsa (revision 496637) +++ head/security/easy-rsa/files/patch-easyrsa (nonexistent) @@ -1,46 +0,0 @@ ---- easyrsa~ 2018-09-14 23:21:19.000000000 -0500 -+++ easyrsa 2018-09-15 10:21:49.241886000 -0500 -@@ -415,7 +415,6 @@ - - # init-pki backend: - init_pki() { -- vars_source_check - - # If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH) - if [ -e "$EASYRSA_PKI" ]; then -@@ -432,6 +431,11 @@ - for i in private reqs; do - mkdir -p "$EASYRSA_PKI/$i" || die "Failed to create PKI file structure (permissions?)" - done -+ -+ if [ ! -f "$EASYRSA_PKI/openssl-easyrsa.cnf" -a -f "$EASYRSA/openssl-easyrsa.cnf" ]; -+ then -+ cp "$EASYRSA/openssl-easyrsa.cnf" "$EASYRSA_PKI/openssl-easyrsa.cnf" -+ fi - - notice "\ - init-pki complete; you may now create a CA or requests. -@@ -1180,18 +1184,15 @@ - set_var EASYRSA_REQ_CN ChangeMe - set_var EASYRSA_DIGEST sha256 - -- # Detect openssl config, preferring EASYRSA_PKI over EASYRSA -- if [ -f "$EASYRSA_PKI/openssl-easyrsa.cnf" ]; then -- set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf" -- set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf" -- else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf" -- set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf" -- fi -+ set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf" -+ set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf" - - # Same as above for the x509-types extensions dir - if [ -d "$EASYRSA_PKI/x509-types" ]; then - set_var EASYRSA_EXT_DIR "$EASYRSA_PKI/x509-types" -- else set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" -+ else -+ #TODO: This should be removed. Not really suitable for packaging. -+ set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" - fi - - # EASYRSA_ALGO_PARAMS must be set depending on selected algo Property changes on: head/security/easy-rsa/files/patch-easyrsa ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/easy-rsa/files/patch-zgit-c5ff31e8 =================================================================== --- head/security/easy-rsa/files/patch-zgit-c5ff31e8 (revision 496637) +++ head/security/easy-rsa/files/patch-zgit-c5ff31e8 (nonexistent) @@ -1,11 +0,0 @@ ---- easyrsa -+++ easyrsa -@@ -546,7 +546,7 @@ current CA keypair. If you intended to start a new CA, run init-pki first." - if [ $sub_ca ]; then - notice "\ - NOTE: Your sub-CA request is at $out_file --and now must be sent to you parent CA for signing. Place your resulting cert -+and now must be sent to your parent CA for signing. Place your resulting cert - at $EASYRSA_PKI/ca.crt prior to signing operations. - " - else notice "\ Property changes on: head/security/easy-rsa/files/patch-zgit-c5ff31e8 ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/easy-rsa/files/patch-37edb7d1d724571508b4c1c55c6d53f3f768adb3 =================================================================== --- head/security/easy-rsa/files/patch-37edb7d1d724571508b4c1c55c6d53f3f768adb3 (nonexistent) +++ head/security/easy-rsa/files/patch-37edb7d1d724571508b4c1c55c6d53f3f768adb3 (revision 496638) @@ -0,0 +1,24 @@ +From 37edb7d1d724571508b4c1c55c6d53f3f768adb3 Mon Sep 17 00:00:00 2001 +From: Eric F Crist +Date: Mon, 4 Feb 2019 13:01:09 -0600 +Subject: [PATCH] Remove RANDFILE var from openssl-easyrsa.cnf + +This fixes #261. + +Signed-off-by: Eric F Crist +--- + easyrsa3/openssl-easyrsa.cnf | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/easyrsa3/openssl-easyrsa.cnf b/easyrsa3/openssl-easyrsa.cnf +index 1139414..22a1eda 100644 +--- a/easyrsa3/openssl-easyrsa.cnf ++++ b/easyrsa3/openssl-easyrsa.cnf +@@ -1,6 +1,4 @@ +-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL +- +-RANDFILE = $ENV::EASYRSA_PKI/.rnd ++# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL + + #################################################################### + [ ca ] Property changes on: head/security/easy-rsa/files/patch-37edb7d1d724571508b4c1c55c6d53f3f768adb3 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/easy-rsa/files/patch-4ce6e9c8e4b681c739b179a506a8ad1ca6d6ebe4 =================================================================== --- head/security/easy-rsa/files/patch-4ce6e9c8e4b681c739b179a506a8ad1ca6d6ebe4 (nonexistent) +++ head/security/easy-rsa/files/patch-4ce6e9c8e4b681c739b179a506a8ad1ca6d6ebe4 (revision 496638) @@ -0,0 +1,31 @@ +From 4ce6e9c8e4b681c739b179a506a8ad1ca6d6ebe4 Mon Sep 17 00:00:00 2001 +From: Stefan Pietsch +Date: Fri, 8 Feb 2019 00:11:08 +0100 +Subject: [PATCH] Fix typo + +--- + easyrsa3/openssl-easyrsa.cnf | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/easyrsa3/openssl-easyrsa.cnf b/easyrsa3/openssl-easyrsa.cnf +index 22a1eda..2184d4c 100644 +--- a/easyrsa3/openssl-easyrsa.cnf ++++ b/easyrsa3/openssl-easyrsa.cnf +@@ -19,7 +19,7 @@ crl = $dir/crl.pem # The current CRL + private_key = $dir/private/ca.key # The private key + RANDFILE = $dir/.rand # private random number file + +-x509_extensions = basic_exts # The extentions to add to the cert ++x509_extensions = basic_exts # The extensions to add to the cert + + # This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA + # is designed for will. In return, we get the Issuer attached to CRLs. +@@ -57,7 +57,7 @@ default_bits = $ENV::EASYRSA_KEY_SIZE + default_keyfile = privkey.pem + default_md = $ENV::EASYRSA_DIGEST + distinguished_name = $ENV::EASYRSA_DN +-x509_extensions = easyrsa_ca # The extentions to add to the self signed cert ++x509_extensions = easyrsa_ca # The extensions to add to the self signed cert + + # A placeholder to handle the $EXTRA_EXTS feature: + #%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it Property changes on: head/security/easy-rsa/files/patch-4ce6e9c8e4b681c739b179a506a8ad1ca6d6ebe4 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property