diff options
Diffstat (limited to 'package/network/services/openvpn-easy-rsa')
4 files changed, 212 insertions, 0 deletions
diff --git a/package/network/services/openvpn-easy-rsa/Makefile b/package/network/services/openvpn-easy-rsa/Makefile new file mode 100644 index 0000000..fe03cbd --- /dev/null +++ b/package/network/services/openvpn-easy-rsa/Makefile @@ -0,0 +1,59 @@ +# +# Copyright (C) 2010-2013 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=openvpn-easy-rsa + +PKG_REV:=ff5bfd1dd8e548cb24d302742af3894f893ef92f +PKG_VERSION:=2013-01-30 +PKG_RELEASE=2 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa.git +PKG_SOURCE_VERSION:=$(PKG_REV) +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_REV).tar.gz +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_LICENSE:=GPL-2.0 + +include $(INCLUDE_DIR)/package.mk + +define Package/openvpn-easy-rsa + TITLE:=Simple shell scripts to manage a Certificate Authority + SECTION:=net + CATEGORY:=Network + URL:=http://openvpn.net + SUBMENU:=VPN + DEPENDS:=+openssl-util +endef + +define Package/openvpn-easy-rsa/conffiles +/etc/easy-rsa/keys/serial +/etc/easy-rsa/keys/index.txt +/etc/easy-rsa/vars +endef + +define Build/Configure + +endef + +define Build/Compile + +endef + +define Package/openvpn-easy-rsa/install + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_BUILD_DIR)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/easy-rsa + $(INSTALL_DATA) $(PKG_BUILD_DIR)/easy-rsa/2.0/openssl-1.0.0.cnf $(1)/etc/easy-rsa/openssl-1.0.0.cnf + $(INSTALL_DATA) $(PKG_BUILD_DIR)/easy-rsa/2.0/vars $(1)/etc/easy-rsa/vars + $(INSTALL_DIR) $(1)/etc/easy-rsa/keys + $(INSTALL_DATA) files/easy-rsa.index $(1)/etc/easy-rsa/keys/index.txt + $(INSTALL_DATA) files/easy-rsa.serial $(1)/etc/easy-rsa/keys/serial +endef + +$(eval $(call BuildPackage,openvpn-easy-rsa)) diff --git a/package/network/services/openvpn-easy-rsa/files/easy-rsa.index b/package/network/services/openvpn-easy-rsa/files/easy-rsa.index new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/package/network/services/openvpn-easy-rsa/files/easy-rsa.index diff --git a/package/network/services/openvpn-easy-rsa/files/easy-rsa.serial b/package/network/services/openvpn-easy-rsa/files/easy-rsa.serial new file mode 100644 index 0000000..8a0f05e --- /dev/null +++ b/package/network/services/openvpn-easy-rsa/files/easy-rsa.serial @@ -0,0 +1 @@ +01 diff --git a/package/network/services/openvpn-easy-rsa/patches/100-run-ootb.patch b/package/network/services/openvpn-easy-rsa/patches/100-run-ootb.patch new file mode 100644 index 0000000..4c1b889 --- /dev/null +++ b/package/network/services/openvpn-easy-rsa/patches/100-run-ootb.patch @@ -0,0 +1,152 @@ +--- a/easy-rsa/2.0/build-ca ++++ b/easy-rsa/2.0/build-ca +@@ -5,4 +5,4 @@ + # + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --initca $* ++"/usr/sbin/pkitool" --interact --initca $* +--- a/easy-rsa/2.0/build-dh ++++ b/easy-rsa/2.0/build-dh +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # Build Diffie-Hellman parameters for the server side + # of an SSL/TLS connection. + +--- a/easy-rsa/2.0/build-inter ++++ b/easy-rsa/2.0/build-inter +@@ -4,4 +4,4 @@ + # root certificate. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --inter $* ++"/usr/sbin/pkitool" --interact --inter $* +--- a/easy-rsa/2.0/build-key ++++ b/easy-rsa/2.0/build-key +@@ -4,4 +4,4 @@ + # root certificate. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact $* ++"/usr/sbin/pkitool" --interact $* +--- a/easy-rsa/2.0/build-key-pass ++++ b/easy-rsa/2.0/build-key-pass +@@ -4,4 +4,4 @@ + # with a password. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --pass $* ++"/usr/sbin/pkitool" --interact --pass $* +--- a/easy-rsa/2.0/build-key-pkcs12 ++++ b/easy-rsa/2.0/build-key-pkcs12 +@@ -5,4 +5,4 @@ + # the CA certificate as well. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --pkcs12 $* ++"/usr/sbin/pkitool" --interact --pkcs12 $* +--- a/easy-rsa/2.0/build-key-server ++++ b/easy-rsa/2.0/build-key-server +@@ -7,4 +7,4 @@ + # extension in the openssl.cnf file. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --server $* ++"/usr/sbin/pkitool" --interact --server $* +--- a/easy-rsa/2.0/build-req ++++ b/easy-rsa/2.0/build-req +@@ -4,4 +4,4 @@ + # when your root certificate and key is not available locally. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --csr $* ++"/usr/sbin/pkitool" --interact --csr $* +--- a/easy-rsa/2.0/build-req-pass ++++ b/easy-rsa/2.0/build-req-pass +@@ -4,4 +4,4 @@ + # with a password. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --csr --pass $* ++"/usr/sbin/pkitool" --interact --csr --pass $* +--- a/easy-rsa/2.0/clean-all ++++ b/easy-rsa/2.0/clean-all +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # Initialize the $KEY_DIR directory. + # Note that this script does a + # rm -rf on $KEY_DIR so be careful! +--- a/easy-rsa/2.0/inherit-inter ++++ b/easy-rsa/2.0/inherit-inter +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # Build a new PKI which is rooted on an intermediate certificate generated + # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should + # have independent vars settings, and must use a different KEY_DIR directory +--- a/easy-rsa/2.0/list-crl ++++ b/easy-rsa/2.0/list-crl +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # list revoked certificates + + CRL="${1:-crl.pem}" +--- a/easy-rsa/2.0/pkitool ++++ b/easy-rsa/2.0/pkitool +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # OpenVPN -- An application to securely tunnel IP networks + # over a single TCP/UDP port, with support for SSL/TLS-based + # session authentication and key exchange, +--- a/easy-rsa/2.0/revoke-full ++++ b/easy-rsa/2.0/revoke-full +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # revoke a certificate, regenerate CRL, + # and verify revocation + +--- a/easy-rsa/2.0/sign-req ++++ b/easy-rsa/2.0/sign-req +@@ -4,4 +4,4 @@ + # with a local root certificate and key. + + export EASY_RSA="${EASY_RSA:-.}" +-"$EASY_RSA/pkitool" --interact --sign $* ++"/usr/sbin/pkitool" --interact --sign $* +--- a/easy-rsa/2.0/vars ++++ b/easy-rsa/2.0/vars +@@ -12,7 +12,7 @@ + # This variable should point to + # the top level of the easy-rsa + # tree. +-export EASY_RSA="`pwd`" ++export EASY_RSA="/etc/easy-rsa" + + # + # This variable should point to +@@ -26,7 +26,7 @@ + # This variable should point to + # the openssl.cnf file included + # with easy-rsa. +-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` ++export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA` + + # Edit this variable to point to + # your soon-to-be-created key |