Subject: CVS commit: pkgsrc/security/easy-rsa
From: Adam Ciarcinski
Date: 2024-09-23 10:17:24
Message id: 20240923081724.C9B8CFC74@cvs.NetBSD.org
Log Message:
easy-rsa: updated to 3.2.1

3.2.1

* inline: Add decimal value for cert. serial (Linux Only) (b33038e)
* Always exit with error for unknown command options (Except nopass)
  (build-ca: b2f7912); (gen-req: 07f21d3); (build_full(): 0ff7f4c);
  (export_pkcs(): 2c51288); (set-pass: 1266d4e)
* Integrate Easy-RSA TLS-Key for use with 'init-pki soft' (03d9dc2)
  Note: Inline files that contain private key data are now created in sub-dir
  'pki/inline/private'.
* easyrsa-tools.lib, show-expire: Add CA certificate to report (a36cd54)
* inline: OpenVPN TLS Keys inlining for TLS-AUTH, TLS-CRYPT-V1 (6e9e4a2)
  Note: Command inline only writes directly to inline file not stdout.
* easyrsa-tools.lib: OpenVPN TLS Key gen. TLS-AUTH, TLS-CRYPT-V1 (cf0da16)
* easyrsa-tools.lib: expire_status_v2() (show-expire version 2) (1e43bf5)
* sign-req: Require 128bit serial number (806ee19)
* Move command 'verify-cert' to Tools-lib; drop 'verify' shortcut (ddbf304)
* Windows secure_session(): Ensure $secured_session dir is created (d99b242)
* Switch to '-f' for file existence (6ab98c9..a02f545)
* inline: Move auto-inline from build_full() to sign_req() (823f70f)
* gen-crl: Create additional CRL in DER format (69df0d8)
* self-sign: Allow Edwards Curve based keys (81b749b)
* Re-enable command 'renew' (version 2): Requires EasyRSA Tools (30fe311)
* bug-fix: revoke: Pass the correct certificate location (24d5514)
* vars.example: Add flags for auto-SAN and X509 critical attribute (a41dfcc)
* Global option --eku-crit: Mark X509 extendedKeyUsage as critical (ca09211)
* sign-req: Add critical and pathlen details to confirmation (deae705)
* export-p12: Automatically generate inline file (9d90370)
* Introduce global option --auto-san, use commonName as SAN (5c36d44)
* Introduce global option --san-crit, mark SAN critical (dd69f50)
* Introduce new global options: --ku-crit and --bc-crit (b79abee)
* gen-req: Always check for existing request file (7eab98e)
* revoke/revoke-expired/-renewed: Keep duplicate certificate (3da7f66)
* revoke-expired/-renewed: Keep req/key files for resigning (4537ae7)
* revoke: Add abbreviations for optional 'reason' (a88ccc7)
* build-ca: Allow use of --req-cn without batch mode (b77a0fb)
* gen-req: Re-enable use of --req-cn (5cf8c46)
* write: Change syntax, target as file, not directory
Files:
RevisionActionfile
1.18modifypkgsrc/security/easy-rsa/Makefile
1.19modifypkgsrc/security/easy-rsa/distinfo