This is the start of the BETA21 branch.

It includes the --topology feature, and TAP-Win32 driver changes to allow non-admin access. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@580 e7ae566f-a301-0410-adde-c780ea21d3b5
author: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2005-09-26 05:28:27 +0000
committer: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2005-09-26 05:28:27 +0000
commit: 6fbf66fad3367b24fd6743bcd50254902fd9c8d5 (patch)
tree: 9802876e3771744eead18917bb47ff6e90ac39f5 /easy-rsa/build-key
download: openvpn-6fbf66fad3367b24fd6743bcd50254902fd9c8d5.tar.xz
4 files changed, 83 insertions, 0 deletions
diff --git a/easy-rsa/build-key b/easy-rsa/build-key
new file mode 100755
index 0000000..3159d2b
--- /dev/null
+++ b/easy-rsa/build-key
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+#
+# Make a certificate/private key pair using a locally generated
+# root certificate.
+#
+
+if test $# -ne 1; then
+        echo "usage: build-key <name>";
+        exit 1
+fi                                                                             
+
+if test $KEY_DIR; then
+	cd $KEY_DIR && \
+	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
+	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
+	chmod 0600 $1.key
+else
+	echo you must define KEY_DIR
+fi
diff --git a/easy-rsa/build-key-pass b/easy-rsa/build-key-pass
new file mode 100755
index 0000000..03ab304
--- /dev/null
+++ b/easy-rsa/build-key-pass
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+#
+# Similar to build-key, but protect the private key
+# with a password.
+#
+
+if test $# -ne 1; then
+        echo "usage: build-key-pass <name>";
+        exit 1
+fi
+
+if test $KEY_DIR; then
+	cd $KEY_DIR && \
+	openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
+	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
+	chmod 0600 $1.key
+else
+	echo you must define KEY_DIR
+fi
diff --git a/easy-rsa/build-key-pkcs12 b/easy-rsa/build-key-pkcs12
new file mode 100755
index 0000000..f8a057b
--- /dev/null
+++ b/easy-rsa/build-key-pkcs12
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+#
+# Make a certificate/private key pair using a locally generated
+# root certificate and convert it to a PKCS #12 file including the
+# the CA certificate as well.
+
+if test $# -ne 1; then
+        echo "usage: build-key-pkcs12 <name>";
+        exit 1
+fi                                                                             
+
+if test $KEY_DIR; then
+	cd $KEY_DIR && \
+	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
+	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
+        openssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \
+	chmod 0600 $1.key $1.p12
+else
+	echo you must define KEY_DIR
+fi
diff --git a/easy-rsa/build-key-server b/easy-rsa/build-key-server
new file mode 100755
index 0000000..30dc41e
--- /dev/null
+++ b/easy-rsa/build-key-server
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+#
+# Make a certificate/private key pair using a locally generated
+# root certificate.
+#
+# Explicitly set nsCertType to server using the "server"
+# extension in the openssl.cnf file.
+
+if test $# -ne 1; then
+        echo "usage: build-key-server <name>";
+        exit 1
+fi                                                                             
+
+if test $KEY_DIR; then
+	cd $KEY_DIR && \
+	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \
+	openssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \
+        chmod 0600 $1.key
+else
+	echo you must define KEY_DIR
+fi
author	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2005-09-26 05:28:27 +0000
committer	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2005-09-26 05:28:27 +0000
commit	6fbf66fad3367b24fd6743bcd50254902fd9c8d5 (patch)
tree	9802876e3771744eead18917bb47ff6e90ac39f5 /easy-rsa/build-key
download	openvpn-6fbf66fad3367b24fd6743bcd50254902fd9c8d5.tar.xz