From 2cc570cd27219fa793f5c3158da0c4c048db8038 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Tue, 20 Aug 2013 19:01:19 +0200 Subject: update to latest upstream version, separate easy-rsa package, add polarssl support --- package/easy-rsa/Makefile | 36 ++++++++++++++++++++++ package/easy-rsa/files/serial | 1 + .../easy-rsa/patches/patch-easy-rsa_2_0_build-dh | 10 ++++++ .../easy-rsa/patches/patch-easy-rsa_2_0_clean-all | 9 ++++++ .../easy-rsa/patches/patch-easy-rsa_2_0_list-crl | 9 ++++++ .../patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf | 11 +++++++ .../easy-rsa/patches/patch-easy-rsa_2_0_pkitool | 8 +++++ .../patches/patch-easy-rsa_2_0_revoke-full | 10 ++++++ package/easy-rsa/patches/patch-easy-rsa_2_0_vars | 20 ++++++++++++ 9 files changed, 114 insertions(+) create mode 100644 package/easy-rsa/Makefile create mode 100644 package/easy-rsa/files/serial create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_build-dh create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_clean-all create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_list-crl create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_pkitool create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_revoke-full create mode 100644 package/easy-rsa/patches/patch-easy-rsa_2_0_vars (limited to 'package/easy-rsa') diff --git a/package/easy-rsa/Makefile b/package/easy-rsa/Makefile new file mode 100644 index 000000000..9b350cd92 --- /dev/null +++ b/package/easy-rsa/Makefile @@ -0,0 +1,36 @@ +# This file is part of the OpenADK project. OpenADK is copyrighted +# material, please see the LICENCE file in the top-level directory. + +include $(TOPDIR)/rules.mk + +PKG_NAME:= easy-rsa +PKG_VERSION:= 2.0 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 0937fb2f91d534d4fb961e047f714946 +PKG_DESCR:= openssl ca scripts +PKG_SECTION:= crypto +PKG_DEPENDS:= openssl-util +PKG_URL:= https://github.com/OpenVPN/easy-rsa +PKG_SITES:= http://openadk.org/distfiles/ + +include $(TOPDIR)/mk/package.mk + +$(eval $(call PKG_template,EASY_RSA,easy-rsa,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) + +CONFIG_STYLE:= manual +BUILD_STYLE:= manual +INSTALL_STYLE:= manual + +easy-rsa-install: + ${INSTALL_DIR} $(IDIR_EASY_RSA)/usr/sbin \ + $(IDIR_EASY_RSA)/etc/easy-rsa/keys + touch $(IDIR_EASY_RSA)/etc/easy-rsa/keys/index.txt + $(CP) ./files/serial $(IDIR_EASY_RSA)/etc/easy-rsa/keys + $(CP) $(WRKBUILD)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} \ + $(IDIR_EASY_RSA)/usr/sbin + ${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/openssl-1.0.0.cnf \ + $(IDIR_EASY_RSA)/etc/easy-rsa/openssl.cnf + ${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/vars \ + $(IDIR_EASY_RSA)/etc/easy-rsa/vars + +include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/easy-rsa/files/serial b/package/easy-rsa/files/serial new file mode 100644 index 000000000..8a0f05e16 --- /dev/null +++ b/package/easy-rsa/files/serial @@ -0,0 +1 @@ +01 diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_build-dh b/package/easy-rsa/patches/patch-easy-rsa_2_0_build-dh new file mode 100644 index 000000000..771800a17 --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_build-dh @@ -0,0 +1,10 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/build-dh 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/build-dh 2011-12-02 18:10:44.000000000 +0100 +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # Build Diffie-Hellman parameters for the server side + # of an SSL/TLS connection. + diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_clean-all b/package/easy-rsa/patches/patch-easy-rsa_2_0_clean-all new file mode 100644 index 000000000..03df1d1c9 --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_clean-all @@ -0,0 +1,9 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/clean-all 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/clean-all 2011-12-01 19:43:07.000000000 +0100 +@@ -1,5 +1,6 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars + # Initialize the $KEY_DIR directory. + # Note that this script does a + # rm -rf on $KEY_DIR so be careful! diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_list-crl b/package/easy-rsa/patches/patch-easy-rsa_2_0_list-crl new file mode 100644 index 000000000..66f5d764d --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_list-crl @@ -0,0 +1,9 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/list-crl 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/list-crl 2011-12-01 19:43:24.000000000 +0100 +@@ -1,5 +1,6 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars + # list revoked certificates + + CRL="${1:-crl.pem}" diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf b/package/easy-rsa/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf new file mode 100644 index 000000000..9dd542d8a --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf @@ -0,0 +1,11 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/openssl-1.0.0.cnf 2011-07-01 10:31:26.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/openssl-1.0.0.cnf 2011-12-03 11:36:46.000000000 +0100 +@@ -3,7 +3,7 @@ + # This definition stops the following lines choking if HOME isn't + # defined. + HOME = . +-RANDFILE = $ENV::HOME/.rnd ++RANDFILE = /etc/easy-rsa/.rnd + openssl_conf = openssl_init + + [ openssl_init ] diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_pkitool b/package/easy-rsa/patches/patch-easy-rsa_2_0_pkitool new file mode 100644 index 000000000..87b0c33db --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_pkitool @@ -0,0 +1,8 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/pkitool 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/pkitool 2011-12-01 19:43:15.000000000 +0100 +@@ -1,4 +1,5 @@ + #!/bin/sh ++. /etc/easy-rsa/vars + + # OpenVPN -- An application to securely tunnel IP networks + # over a single TCP/UDP port, with support for SSL/TLS-based diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_revoke-full b/package/easy-rsa/patches/patch-easy-rsa_2_0_revoke-full new file mode 100644 index 000000000..ac66c4bb9 --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_revoke-full @@ -0,0 +1,10 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/revoke-full 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/revoke-full 2011-12-01 19:43:00.000000000 +0100 +@@ -2,6 +2,7 @@ + + # revoke a certificate, regenerate CRL, + # and verify revocation ++. /etc/easy-rsa/vars + + CRL="crl.pem" + RT="revoke-test.pem" diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_vars b/package/easy-rsa/patches/patch-easy-rsa_2_0_vars new file mode 100644 index 000000000..964c6bc6a --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_vars @@ -0,0 +1,20 @@ +--- easy-rsa-2.0.orig/easy-rsa/2.0/vars 2013-08-18 10:11:06.000000000 +0200 ++++ easy-rsa-2.0/easy-rsa/2.0/vars 2013-08-18 10:38:50.635782024 +0200 +@@ -12,7 +12,7 @@ + # This variable should point to + # the top level of the easy-rsa + # tree. +-export EASY_RSA="`pwd`" ++export EASY_RSA="/etc/easy-rsa" + + # + # This variable should point to +@@ -26,7 +26,7 @@ export GREP="grep" + # This variable should point to + # the openssl.cnf file included + # with easy-rsa. +-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` ++export KEY_CONFIG=/etc/easy-rsa/openssl.cnf + + # Edit this variable to point to + # your soon-to-be-created key -- cgit v1.2.3