Bug#872922: make-cadir does not create a fully functionaly CA dir

Tue, 22 Aug 2017 07:09:25 -0700 

Package: easy-rsa
Version: 2.2.2-2
Severity: normal
Tags: patch

Dear maintainer,

today I created a new PKI for OpenVPN based on the easy-rsa package.

I noticed several missing parts in the make-cadir script.

The missing steps are:

  create keys/ subdir
  touch keys/index.txt
  touch keys/index.txt.attr
  create keys/serial and write "01" into the file

Patch (.debdiff) attached.

The only missing part is creating a symlink from openssl.cnf ->
openssl-<version>.cnf. However, this task maybe is for the user
himself/herself. So leaving that untouched for now.


-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages easy-rsa depends on:
ii  openssl  1.1.0f-3

Versions of packages easy-rsa recommends:
ii  opensc  0.16.0-3

easy-rsa suggests no packages.

-- no debconf information

diff -Nru easy-rsa-2.2.2/debian/changelog easy-rsa-2.2.2/debian/changelog
--- easy-rsa-2.2.2/debian/changelog     2015-07-13 19:24:23.000000000 +0200
+++ easy-rsa-2.2.2/debian/changelog     2017-08-22 16:00:07.000000000 +0200
@@ -1,3 +1,12 @@
+easy-rsa (2.2.2-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * make-cadir: Create some PKI management related dirs
+    and files (keys/ dir, keys/index.txt, keys/index.txt.attr)
+    and prep keys/serial with "01".
+
+ -- Mike Gabriel <mike.gabr...@das-netzwerkteam.de>  Tue, 22 Aug 2017 16:00:07 
+0200
+
 easy-rsa (2.2.2-2) unstable; urgency=medium
 
   * Update subjectAltName to fix command arguments count.
diff -Nru easy-rsa-2.2.2/debian/make-cadir easy-rsa-2.2.2/debian/make-cadir
--- easy-rsa-2.2.2/debian/make-cadir    2012-11-12 18:16:57.000000000 +0100
+++ easy-rsa-2.2.2/debian/make-cadir    2017-08-22 16:00:00.000000000 +0200
@@ -27,4 +27,8 @@
 rm -f "$1"/vars "$1"/*.cnf
 cp /usr/share/easy-rsa/vars /usr/share/easy-rsa/*.cnf "$1"
 
-
+# create PKI files/dirs
+mkdir -p "$1"/keys
+touch "$1"/keys/index.txt
+touch "$1"/keys/index.txt.attr
+echo "01" > "$1"/keys/serial

Reply via email to