Browse Source

openvpn-easy-rsa: bump to 3.0.8

New easyrsa will look for missing vars and x509-types where easyrsa
is located (following symlink). /usr/bin/easyrsa is now a link
to /usr/lib/easyrsa/easyrsa and /usr/lib/easyrsa/{vars,x509-types} a
link to /etc/easyrsa/{vars,x509-types}. This keeps the same previous
OpenWrt easyrsa behavior which tries to use $PWD/pki and
/etc/easyrsa/{vars,x509-types}, but without patching it.

Easyrsa can also use env vars to set pki root path (instead of
/usr/lib/easyrsa), pki path (instead of $PWD/pki) and vars path.
Those variables are commented in /etc/profile.d/50-openvpn-easy-rsa.sh
as an example of how to make easyrsa run independent of $PWD. That
scriptlet also sets $EASYRSA_TEMP_DIR from $EASYRSA_PKI/tmp to /tmp
in order to avoid writing to persistent media (normally flash). However,
as a profile scriptlet, it will only be used after session is restarted.

The "build" tgz was replaced by the "source" tar. "build" version has a
different file structure, making any patch backports too complex.

I'm also putting myself as maintainer.

Closes openwrt/openwrt#2926, since it moved to openwrt/packages.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
lilik-openwrt-22.03
Luiz Angelo Daros de Luca 4 years ago
parent
commit
de8b7ddc8c
3 changed files with 41 additions and 34 deletions
  1. +36
    -12
      net/openvpn-easy-rsa/Makefile
  2. +5
    -0
      net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile
  3. +0
    -22
      net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch

+ 36
- 12
net/openvpn-easy-rsa/Makefile View File

@ -9,14 +9,23 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openvpn-easy-rsa
PKG_VERSION:=3.0.4
PKG_VERSION:=3.0.8
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa/releases/download/v$(PKG_VERSION)/
PKG_SOURCE:=EasyRSA-$(PKG_VERSION).tgz
PKG_HASH:=472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a
PKG_SOURCE_URL:=https://codeload.github.com/OpenVPN/easy-rsa/tar.gz/v$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_HASH:=fd6b67d867c3b8afd53efa2ca015477f6658a02323e1799432083472ac0dd200
# For git snapshots
#PKG_SOURCE_PROTO:=git
#PKG_RELEASE=0git$(PKG_SOURCE_DATE)
#PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa.git
#PKG_SOURCE_DATE:=2020-03-30
#PKG_SOURCE_VERSION:=945c9359f6ae3796df21e2986e49489718e0d5f8
#PKG_MIRROR_HASH:=
PKG_LICENSE:=GPL-2.0
PKG_BUILD_DIR:=$(BUILD_DIR)/EasyRSA-$(PKG_VERSION)
PKGARCH:=all
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_BUILD_DIR:=$(BUILD_DIR)/easy-rsa-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
@ -27,6 +36,7 @@ define Package/openvpn-easy-rsa
URL:=http://openvpn.net
SUBMENU:=VPN
DEPENDS:=+openssl-util
PKGARCH:=all
endef
define Package/openvpn-easy-rsa/conffiles
@ -36,21 +46,31 @@ define Package/openvpn-easy-rsa/conffiles
endef
define Build/Configure
endef
define Build/Compile
cd $(PKG_BUILD_DIR); \
$(PKG_BUILD_DIR)/build/build-dist.sh \
--no-windows \
--no-compress \
--dist-clean \
--version=$(PKG_VERSION)
endef
define Package/openvpn-easy-rsa/install
$(INSTALL_DIR) $(1)/usr/lib/easy-rsa/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/easyrsa $(1)/usr/lib/easy-rsa/
$(INSTALL_DIR) $(1)/usr/bin
$(LN) /usr/lib/easy-rsa/easyrsa $(1)/usr/bin/easyrsa
$(INSTALL_BIN) $(PKG_BUILD_DIR)/easyrsa $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/easy-rsa
$(INSTALL_DATA) $(PKG_BUILD_DIR)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
$(LN) /etc/easy-rsa/openssl-1.0.cnf $(1)/etc/easy-rsa/openssl-easyrsa.cnf
$(INSTALL_DATA) $(PKG_BUILD_DIR)/vars.example $(1)/etc/easy-rsa/vars
$(LN) /etc/easy-rsa/openssl-easyrsa.cnf $(1)/usr/lib/easy-rsa/openssl-easyrsa.cnf
$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/vars.example $(1)/etc/easy-rsa/vars
$(LN) /etc/easy-rsa/vars $(1)/usr/lib/easy-rsa/vars
$(INSTALL_DIR) $(1)/etc/easy-rsa/pki
chmod 700 $(1)/etc/easy-rsa/pki
@ -60,10 +80,14 @@ define Package/openvpn-easy-rsa/install
chmod 700 $(1)/etc/easy-rsa/pki/reqs
$(INSTALL_DIR) $(1)/etc/easy-rsa/x509-types
$(INSTALL_DATA) $(PKG_BUILD_DIR)/x509-types/* $(1)/etc/easy-rsa/x509-types/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/x509-types/* $(1)/etc/easy-rsa/x509-types/
$(LN) /etc/easy-rsa/x509-types $(1)/usr/lib/easy-rsa/x509-types
$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
$(INSTALL_DATA) files/openvpn-easy-rsa.upgrade $(1)/lib/upgrade/keep.d/$(PKG_NAME)
$(INSTALL_DIR) $(1)/etc/profile.d
$(INSTALL_DATA) files/openvpn-easy-rsa.profile $(1)/etc/profile.d/50-$(PKG_NAME).sh
endef
$(eval $(call BuildPackage,openvpn-easy-rsa))

+ 5
- 0
net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile View File

@ -0,0 +1,5 @@
# default PKI dir
#export EASYRSA=${EASYRSA:-/etc/easy-rsa}
#export EASYRSA_PKI=${EASYRSA_PKI:-$EASYRSA/pki}
#export EASYRSA_VARS_FILE=${EASYRSA_VARS_FILE:-$EASYRSA/vars}
export EASYRSA_TEMP_DIR=${EASYRSA_TEMP_DIR:-${TMPDIR:-/tmp/}}

+ 0
- 22
net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch View File

@ -1,22 +0,0 @@
Index: EasyRSA-3.0.4/easyrsa
===================================================================
--- EasyRSA-3.0.4.orig/easyrsa
+++ EasyRSA-3.0.4/easyrsa
@@ -1033,7 +1033,7 @@ vars_setup() {
vars=
# set up program path
- prog_vars="${0%/*}/vars"
+ prog_vars="/etc/easy-rsa/vars"
# set up PKI path
pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
@@ -1060,7 +1060,7 @@ Note: using Easy-RSA configuration from:
fi
# Set defaults, preferring existing env-vars if present
- set_var EASYRSA "${0%/*}"
+ set_var EASYRSA "/etc/easy-rsa"
set_var EASYRSA_OPENSSL openssl
set_var EASYRSA_PKI "$PWD/pki"
set_var EASYRSA_DN cn_only

Loading…
Cancel
Save