JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

easyrsa: 3.0.0 -> 3.0.8

Browse Source
This commit is contained in:
numinit 2020-08-22 19:19:39 -06:00
parent 4cfd81acfa
commit c355fbba9c
2 changed files with 37 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/tools/networking/easyrsa/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchFromGitHub, openssl, runtimeShell }: { stdenv, fetchFromGitHub, openssl, runtimeShell }:
let let
version = "3.0.0"; version = "3.0.8";
in stdenv.mkDerivation { in stdenv.mkDerivation {
pname = "easyrsa"; pname = "easyrsa";
inherit version; inherit version;
@ -10,14 +10,15 @@ in stdenv.mkDerivation {
owner = "OpenVPN"; owner = "OpenVPN";
repo = "easy-rsa"; repo = "easy-rsa";
rev = "v${version}"; rev = "v${version}";
sha256 = "0wbdv3wmqwm5680rpb971l56xiw49adpicqshk3vhfmpvqzl4dbs"; sha256 = "05q60s343ydh9j6hzj0840qdcq8fkyz06q68yw4pqgqg4w68rbgs";
}; };
patches = [ ./fix-paths.patch ]; patches = [ ./fix-paths.patch ];
installPhase = '' installPhase = ''
mkdir -p $out/share/easyrsa mkdir -p $out/share/easyrsa
cp -r easyrsa3/{openssl*.cnf,x509-types,vars.example} $out/share/easyrsa cp -r easyrsa3/{*.cnf,x509-types,vars.example} $out/share/easyrsa
cp easyrsa3/openssl-easyrsa.cnf $out/share/easyrsa/safessl-easyrsa.cnf
install -D -m755 easyrsa3/easyrsa $out/bin/easyrsa install -D -m755 easyrsa3/easyrsa $out/bin/easyrsa
substituteInPlace $out/bin/easyrsa \ substituteInPlace $out/bin/easyrsa \
--subst-var out \ --subst-var out \
@ -35,7 +36,7 @@ in stdenv.mkDerivation {
description = "Simple shell based CA utility"; description = "Simple shell based CA utility";
homepage = "https://openvpn.net/"; homepage = "https://openvpn.net/";
license = licenses.gpl2; license = licenses.gpl2;
maintainers = [ maintainers.offline ]; maintainers = [ maintainers.offline maintainers.numinit ];
platforms = platforms.unix; platforms = platforms.unix;
}; };
} }

48
pkgs/tools/networking/easyrsa/fix-paths.patch
View File

@ -1,33 +1,49 @@
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 6fec288..210648a 100755 index 261336f..7b9a79b 100755
--- a/easyrsa3/easyrsa --- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa
@@ -1003,7 +1003,7 @@ Note: using Easy-RSA configuration from: $vars" @@ -1661,7 +1661,7 @@ Note: using Easy-RSA configuration from: $vars"
# Set defaults, preferring existing env-vars if present # Set defaults, preferring existing env-vars if present
set_var EASYRSA "$PWD" set_var EASYRSA "$prog_dir"
- set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_OPENSSL openssl
+ set_var EASYRSA_OPENSSL "@openssl@" + set_var EASYRSA_OPENSSL "@openssl@"
set_var EASYRSA_PKI "$EASYRSA/pki" set_var EASYRSA_PKI "$PWD/pki"
set_var EASYRSA_DN cn_only set_var EASYRSA_DN cn_only
set_var EASYRSA_REQ_COUNTRY "US" set_var EASYRSA_REQ_COUNTRY "US"
@@ -1030,13 +1030,17 @@ Note: using Easy-RSA configuration from: $vars" @@ -1683,16 +1683,31 @@ Note: using Easy-RSA configuration from: $vars"
# Detect openssl config, preferring EASYRSA_PKI over EASYRSA set_var EASYRSA_TEMP_DIR "$EASYRSA_PKI"
if [ -f "$EASYRSA_PKI/openssl-1.0.cnf" ]; then set_var EASYRSA_REQ_CN ChangeMe
set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-1.0.cnf" set_var EASYRSA_DIGEST sha256
- else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-1.0.cnf" - set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf"
+ elif [ -f "$EASYRSA/openssl-1.0.cnf" ]; then - set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
+ set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-1.0.cnf" set_var EASYRSA_KDC_REALM "CHANGEME.EXAMPLE.COM"
+ else set_var EASYRSA_SSL_CONF "@out@/share/easyrsa/openssl-1.0.cnf"
fi
+ if [ -f "$EASYRSA_PKI/safessl-easyrsa.conf" ]; then
+ set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
+ elif [ -f "$EASYRSA/safessl-easyrsa.conf" ]; then
+ set_var EASYRSA_SAFE_CONF "$EASYRSA/safessl-easyrsa.cnf"
+ elif [ -f "@out@/share/easyrsa/safessl-easyrsa.cnf" ]; then
+ set_var EASYRSA_SAFE_CONF "@out@/share/easyrsa/safessl-easyrsa.cnf"
+ fi
+
+ if [ -f "$EASYRSA_PKI/openssl-easyrsa.conf" ]; then
+ set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf"
+ elif [ -f "$EASYRSA/openssl-easyrsa.conf" ]; then
+ set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf"
+ elif [ -f "@out@/share/easyrsa/openssl-easyrsa.cnf" ]; then
+ set_var EASYRSA_SSL_CONF "@out@/share/easyrsa/openssl-easyrsa.cnf"
+ fi
+
# Same as above for the x509-types extensions dir # Same as above for the x509-types extensions dir
if [ -d "$EASYRSA_PKI/x509-types" ]; then if [ -d "$EASYRSA_PKI/x509-types" ]; then
set_var EASYRSA_EXT_DIR "$EASYRSA_PKI/x509-types" set_var EASYRSA_EXT_DIR "$EASYRSA_PKI/x509-types"
- else set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" - else
- #TODO: This should be removed. Not really suitable for packaging.
+ elif [ -d "$EASYRSA/x509-types" ]; then + elif [ -d "$EASYRSA/x509-types" ]; then
+ set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types"
+ else set_var EASYRSA_EXT_DIR "@out@/share/easyrsa/x509-types" + else
+ set_var EASYRSA_EXT_DIR "@out@/share/easyrsa/x509-types"
fi fi
# EASYRSA_ALGO_PARAMS must be set depending on selected algo # EASYRSA_ALGO_PARAMS must be set depending on selected algo