openvpn-easy-rsa: bump to 3.0.8

New easyrsa will look for missing vars and x509-types where easyrsa
is located (following symlink). /usr/bin/easyrsa is now a link
to /usr/lib/easyrsa/easyrsa and /usr/lib/easyrsa/{vars,x509-types} a
link to /etc/easyrsa/{vars,x509-types}. This keeps the same previous
OpenWrt easyrsa behavior which tries to use $PWD/pki and
/etc/easyrsa/{vars,x509-types}, but without patching it.

Easyrsa can also use env vars to set pki root path (instead of
/usr/lib/easyrsa), pki path (instead of $PWD/pki) and vars path.
Those variables are commented in /etc/profile.d/50-openvpn-easy-rsa.sh
as an example of how to make easyrsa run independent of $PWD. That
scriptlet also sets $EASYRSA_TEMP_DIR from $EASYRSA_PKI/tmp to /tmp
in order to avoid writing to persistent media (normally flash). However,
as a profile scriptlet, it will only be used after session is restarted.

The "build" tgz was replaced by the "source" tar. "build" version has a
different file structure, making any patch backports too complex.

I'm also putting myself as maintainer.

Closes openwrt/openwrt#2926, since it moved to openwrt/packages.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

net/openvpn-easy-rsa/Makefile

@@ -9,14 +9,23 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn-easy-rsa
 
-PKG_VERSION:=3.0.4
+PKG_VERSION:=3.0.8
 PKG_RELEASE:=1
-PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa/releases/download/v$(PKG_VERSION)/
-PKG_SOURCE:=EasyRSA-$(PKG_VERSION).tgz
-PKG_HASH:=472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a
+PKG_SOURCE_URL:=https://codeload.github.com/OpenVPN/easy-rsa/tar.gz/v$(PKG_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=fd6b67d867c3b8afd53efa2ca015477f6658a02323e1799432083472ac0dd200
+
+# For git snapshots
+#PKG_SOURCE_PROTO:=git
+#PKG_RELEASE=0git$(PKG_SOURCE_DATE)
+#PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa.git
+#PKG_SOURCE_DATE:=2020-03-30
+#PKG_SOURCE_VERSION:=945c9359f6ae3796df21e2986e49489718e0d5f8
+#PKG_MIRROR_HASH:=
+
 PKG_LICENSE:=GPL-2.0
-PKG_BUILD_DIR:=$(BUILD_DIR)/EasyRSA-$(PKG_VERSION)
-PKGARCH:=all
+PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
+PKG_BUILD_DIR:=$(BUILD_DIR)/easy-rsa-$(PKG_VERSION)
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -27,6 +36,7 @@ define Package/openvpn-easy-rsa
   URL:=http://openvpn.net
   SUBMENU:=VPN
   DEPENDS:=+openssl-util
+  PKGARCH:=all
 endef
 
 define Package/openvpn-easy-rsa/conffiles
@@ -36,21 +46,31 @@ define Package/openvpn-easy-rsa/conffiles
 endef
 
 define Build/Configure
-
 endef
 
 define Build/Compile
-
+	cd $(PKG_BUILD_DIR); \
+	$(PKG_BUILD_DIR)/build/build-dist.sh \
+		--no-windows \
+		--no-compress \
+		--dist-clean \
+		--version=$(PKG_VERSION)
 endef
 
 define Package/openvpn-easy-rsa/install
+
+	$(INSTALL_DIR) $(1)/usr/lib/easy-rsa/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/easyrsa $(1)/usr/lib/easy-rsa/
+
 	$(INSTALL_DIR) $(1)/usr/bin
+	$(LN) /usr/lib/easy-rsa/easyrsa $(1)/usr/bin/easyrsa
 
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/easyrsa $(1)/usr/bin/
 	$(INSTALL_DIR) $(1)/etc/easy-rsa
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
 	$(LN) /etc/easy-rsa/openssl-1.0.cnf $(1)/etc/easy-rsa/openssl-easyrsa.cnf
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/vars.example $(1)/etc/easy-rsa/vars
+	$(LN) /etc/easy-rsa/openssl-easyrsa.cnf $(1)/usr/lib/easy-rsa/openssl-easyrsa.cnf
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/vars.example $(1)/etc/easy-rsa/vars
+	$(LN) /etc/easy-rsa/vars $(1)/usr/lib/easy-rsa/vars
 
 	$(INSTALL_DIR) $(1)/etc/easy-rsa/pki
 	chmod 700 $(1)/etc/easy-rsa/pki
@@ -60,10 +80,14 @@ define Package/openvpn-easy-rsa/install
 	chmod 700 $(1)/etc/easy-rsa/pki/reqs
 
 	$(INSTALL_DIR) $(1)/etc/easy-rsa/x509-types
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/x509-types/* $(1)/etc/easy-rsa/x509-types/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/x509-types/* $(1)/etc/easy-rsa/x509-types/
+	$(LN) /etc/easy-rsa/x509-types $(1)/usr/lib/easy-rsa/x509-types
 
 	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
 	$(INSTALL_DATA) files/openvpn-easy-rsa.upgrade $(1)/lib/upgrade/keep.d/$(PKG_NAME)
+
+	$(INSTALL_DIR) $(1)/etc/profile.d
+	$(INSTALL_DATA) files/openvpn-easy-rsa.profile $(1)/etc/profile.d/50-$(PKG_NAME).sh
 endef
 
 $(eval $(call BuildPackage,openvpn-easy-rsa))

net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile

@@ -0,0 +1,5 @@
+# default PKI dir
+#export EASYRSA=${EASYRSA:-/etc/easy-rsa}
+#export EASYRSA_PKI=${EASYRSA_PKI:-$EASYRSA/pki}
+#export EASYRSA_VARS_FILE=${EASYRSA_VARS_FILE:-$EASYRSA/vars}
+export EASYRSA_TEMP_DIR=${EASYRSA_TEMP_DIR:-${TMPDIR:-/tmp/}}

net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch

@@ -1,22 +0,0 @@
-Index: EasyRSA-3.0.4/easyrsa
-===================================================================
---- EasyRSA-3.0.4.orig/easyrsa
-+++ EasyRSA-3.0.4/easyrsa
-@@ -1033,7 +1033,7 @@ vars_setup() {
- 	vars=
- 
- 	# set up program path
--	prog_vars="${0%/*}/vars"
-+	prog_vars="/etc/easy-rsa/vars"
- 	# set up PKI path
- 	pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
- 
-@@ -1060,7 +1060,7 @@ Note: using Easy-RSA configuration from:
- 	fi
- 	
- 	# Set defaults, preferring existing env-vars if present
--	set_var EASYRSA		"${0%/*}"
-+	set_var EASYRSA		"/etc/easy-rsa"
- 	set_var EASYRSA_OPENSSL	openssl
- 	set_var EASYRSA_PKI	"$PWD/pki"
- 	set_var EASYRSA_DN	cn_only