| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
As support for OpenSSL 1.0.0 requires a modified openssl.cnf file, it was
decided to rename openssl.cnf to openssl-1.0.0.cnf for clarity and better
support of different OpenSSL versions. The old openssl.cnf was renamed as
openssl-0.9.8.cnf.
This patch makes sure that all openssl*.cnf files are copied when running 'make
install' in easy-rsa and makes the whichopensslcnf script aware of them as well.
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
|
This patch fixes remaining issues with Trac ticket #125. It does the following:
- Update easy-rsa/2.0/README
- Rename easy-rsa/2.0/openssl.cnf as openssl-0.9.8.cnf
- Add easy-rsa/2.0/openssl-1.0.0.cnf
- Updated vars.bat.sample to use openssl-1.0.0.cnf
- Updated win/openvpn.nsi to use openssl-1.0.0.cnf
- Add a few undefined variables to vars and vars.bat.sample:
required by OpenSSL 1.0.0 (at least on Windows)
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Tested-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
|
This reverts commit 6989cbde616a00380acf3a390959987765a5325b.
Accoding to Jan Just Keijser [1] there are issues with this new
openssl.cnf file, so reverting this commit and wait for a new patch.
[1] http://thread.gmane.org/gmane.network.openvpn.devel/4729/focus=4735
|
|
This is required for patch "Fix a build-ca issue on Windows" to work
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
(cherry picked from commit 663860ad04dd4190fddbee63e724d3fdceafd937)
|
|
Fixes Trac ticket #125
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
(cherry picked from commit 38108434db7b2d574133dd645d01df03848532d6)
|
|
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
(cherry picked from commit 6b2883a637fe73492f09816ee95b00c1b88d5fcb)
|
|
The pkitool script lacks the "--help" parameter to actually display the
usage statement; most people are conditioned to try that before running the
command without options. This patch adds that and "--version" to display
just the program name and version.
sf.net tracker:
<https://sourceforge.net/tracker/?func=detail&atid=454721&aid=1705407&group_id=48978>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: Jan Just Keijser <janjust@nikhef.nl>
|
|
Many of the scripts in the openvpn source have their shell set to
/bin/bash, but only two use bash features. The attached patch (against
openvpn-2.1_rc9) sets the shell on the rest of the scripts to /bin/sh for
better portability. The only scripts that actually require bash are
contrib/pull-resolv-conf/client.{up,down} ; they use the ${!var} variable
indirection feature.
sf.net tracker:
<https://sourceforge.net/tracker/?func=detail&aid=2040296&group_id=48978&atid=454721>
Discussed on the IRC meeting March 4, 2010 in #openvpn-discussions.
<http://thread.gmane.org/gmane.network.openvpn.devel/3242>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5599 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
of KEY_NAME environmental variable parameter to openssl.cnf
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3472 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
the Common Name convention from the cert/key filename
convention.
For example:
KEY_CN="James's Laptop" KEY_NAME="james" ./pkitool james
will crete a client certificate/key pair of james.crt/james.key
having a Common Name of "James's Laptop" and a Name of "james".
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3463 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
set the KEY_NAME environmental variable to set the "name"
X509 subject field in generated certificates.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3460 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
Telethra to OpenVPN Technologies.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3409 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
observed instabilities in the dynamic build since the migration to
OpenSSL 0.9.8h.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3149 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
Updated build-pkcs11-helper.sh to build
from OpenSSL 0.9.8h.
Added pkcs11-related fixes to easy-rsa/2.0/vars.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2994 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2835 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
that supports subjectAltName for multi-domain
web certificates.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2632 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
old easy-rsa 1.0 files. (even current openvpn-2.1_rc2-install.exe)
This bug is not that critical, but it is annoying that easy-rsa still
creates server certificates without extended key usage per default
(openssl.cnf), making the windows user wonder about error messages if
the recommended "remote-cert-tls" option is used. (In this case simply
copying the openssl.cnf from the 2.0 directory did the job, for regular
usage the path to opensc in the newly added pkcs11 section should be
changed).
And if possible please add the following three files to the "Windows"
directory if easy-rsa. They allow to build password protected versions
of the keys (I just copied the files and remove the "-nodes" parameter).
Except of build-key-server-pass.bat i think that they are vital for
security (e.g. the key files are in an unencrypted directory and
physical access is possible). -- Daniel Zauft
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1862 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
require that all .h files have to be compiled.
Also, FreeBSD install does not support GNU long options which the
Makefile in easy-rsa/2.0 uses (not checked the others as we don't
install those on Gentoo) -- Roy Marples
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1861 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
-r 1015:1025
https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21
Changes:
1. Fix handling (ignoring) zero sized attributes.
2. Fix gcc-2 issues.
3. Fix openssl 0.9.6 (first version) issues.
4. easy-rsa Makefile (install) is now available so that
distribs will be able to install it safely.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1033 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
svn merge -r 995:998 https://svn.openvpn.net/projects/openvpn/contrib/alon/easy-rsa
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1006 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
* Fixed variable declaration in crypto.c that is not at
the head of a block.
* Added library to Visual C makefile.
* In server.conf config sample, add additional comment
text on "dev tap" usage.
* Added some short documentation on revoke-full script.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@877 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
--remote-cert-tls from Alon's branch:
svn merge -r 793:796 $SO/contrib/alon/BETA21/openvpn .
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@797 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
be compatible with 2.0.x distribution.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@757 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@581 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
It includes the --topology feature, and
TAP-Win32 driver changes to allow
non-admin access.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@580 e7ae566f-a301-0410-adde-c780ea21d3b5
|
