packages: import openvpn-easy-rsa

The package is too old to work with OpenSSL 3: a fork is needed.

packages/openvpn-easy-rsa/Makefile

@@ -0,0 +1,94 @@
+#
+# Copyright (C) 2010-2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=openvpn-easy-rsa
+
+PKG_VERSION:=3.0.8
+PKG_RELEASE:=4
+PKG_SOURCE_URL:=https://codeload.github.com/OpenVPN/easy-rsa/tar.gz/v$(PKG_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=fd6b67d867c3b8afd53efa2ca015477f6658a02323e1799432083472ac0dd200
+
+# For git snapshots
+#PKG_SOURCE_PROTO:=git
+#PKG_RELEASE=0git$(PKG_SOURCE_DATE)
+#PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa.git
+#PKG_SOURCE_DATE:=2020-03-30
+#PKG_SOURCE_VERSION:=945c9359f6ae3796df21e2986e49489718e0d5f8
+#PKG_MIRROR_HASH:=
+
+PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Luiz Angelo Daros de Luca <[email protected]>
+PKG_BUILD_DIR:=$(BUILD_DIR)/easy-rsa-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/openvpn-easy-rsa
+  TITLE:=CLI utility to build and manage a PKI CA.
+  SECTION:=net
+  CATEGORY:=Network
+  URL:=http://openvpn.net
+  SUBMENU:=VPN
+  DEPENDS:=+openssl-util
+  PKGARCH:=all
+endef
+
+define Package/openvpn-easy-rsa/conffiles
+/etc/easy-rsa/vars
+/etc/easy-rsa/openssl-1.0.cnf
+/etc/easy-rsa/openssl-easyrsa.cnf
+/etc/profile.d/50-$(PKG_NAME).sh
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	cd $(PKG_BUILD_DIR); \
+	$(PKG_BUILD_DIR)/build/build-dist.sh \
+		--no-windows \
+		--no-compress \
+		--dist-clean \
+		--version=$(PKG_VERSION)
+endef
+
+define Package/openvpn-easy-rsa/install
+
+	$(INSTALL_DIR) $(1)/usr/lib/easy-rsa/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/easyrsa $(1)/usr/lib/easy-rsa/
+
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(LN) ../lib/easy-rsa/easyrsa $(1)/usr/bin/easyrsa
+
+	$(INSTALL_DIR) $(1)/etc/easy-rsa
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
+	$(LN) openssl-1.0.cnf $(1)/etc/easy-rsa/openssl-easyrsa.cnf
+	$(LN) ../../../etc/easy-rsa/openssl-easyrsa.cnf $(1)/usr/lib/easy-rsa/openssl-easyrsa.cnf
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/vars.example $(1)/etc/easy-rsa/vars
+	$(LN) ../../../etc/easy-rsa/vars $(1)/usr/lib/easy-rsa/vars
+
+	$(INSTALL_DIR) $(1)/etc/easy-rsa/pki
+	chmod 700 $(1)/etc/easy-rsa/pki
+	$(INSTALL_DIR) $(1)/etc/easy-rsa/pki/private
+	chmod 700 $(1)/etc/easy-rsa/pki/private
+	$(INSTALL_DIR) $(1)/etc/easy-rsa/pki/reqs
+	chmod 700 $(1)/etc/easy-rsa/pki/reqs
+
+	$(INSTALL_DIR) $(1)/etc/easy-rsa/x509-types
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/x509-types/* $(1)/etc/easy-rsa/x509-types/
+	$(LN) ../../../etc/easy-rsa/x509-types $(1)/usr/lib/easy-rsa/x509-types
+
+	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
+	$(INSTALL_DATA) files/openvpn-easy-rsa.upgrade $(1)/lib/upgrade/keep.d/$(PKG_NAME)
+
+	$(INSTALL_DIR) $(1)/etc/profile.d
+	$(INSTALL_DATA) files/openvpn-easy-rsa.profile $(1)/etc/profile.d/50-$(PKG_NAME).sh
+endef
+
+$(eval $(call BuildPackage,openvpn-easy-rsa))

packages/openvpn-easy-rsa/files/openvpn-easy-rsa.profile

@@ -0,0 +1,5 @@
+# default PKI dir
+#export EASYRSA=${EASYRSA:-/etc/easy-rsa}
+#export EASYRSA_PKI=${EASYRSA_PKI:-$EASYRSA/pki}
+#export EASYRSA_VARS_FILE=${EASYRSA_VARS_FILE:-$EASYRSA/vars}
+export EASYRSA_TEMP_DIR=${EASYRSA_TEMP_DIR:-${TMPDIR:-/tmp/}}

packages/openvpn-easy-rsa/files/openvpn-easy-rsa.upgrade

@@ -0,0 +1 @@
+/etc/easy-rsa/pki/

packages/openvpn-easy-rsa/patches/100-Make-package-reproducible.patch

@@ -0,0 +1,30 @@
+From fd2351615540dee6c86466d6e1138340baeebde4 Mon Sep 17 00:00:00 2001
+From: Luiz Angelo Daros de Luca <[email protected]>
+Date: Tue, 15 Feb 2022 01:37:06 -0300
+Subject: [PATCH] Make package reproducible
+
+Signed-off-by: Luiz Angelo Daros de Luca <[email protected]>
+---
+ build/build-dist.sh | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/build/build-dist.sh
++++ b/build/build-dist.sh
+@@ -80,7 +80,7 @@ stage_unix() {
+
+ 	# FreeBSD does not accept -i without argument in a way also acceptable by GNU sed
+ 	sed -i.tmp -e "s/~VER~/$VERSION/" \
+-		   -e "s/~DATE~/$(date)/" \
++		   -e "s/~DATE~/$(SOURCE_DATE_EPOCH)/" \
+ 		   -e "s/~HOST~/$(hostname -s)/" \
+ 		   -e "s/~GITHEAD~/$(git rev-parse HEAD)/" \
+ 		   "$DIST_ROOT/unix/$PV/easyrsa" || die "Cannot update easyrsa version data"
+@@ -122,7 +122,7 @@ stage_win() {
+ 		done
+
+ 		sed -i.tmp -e "s/~VER~/$VERSION/" \
+-			   -e "s/~DATE~/$(date)/" \
++			   -e "s/~DATE~/$(SOURCE_DATE_EPOCH)/" \
+ 			   -e "s/~HOST~/$(hostname -s)/" \
+ 			   -e "s/~GITHEAD~/$(git rev-parse HEAD)/" \
+ 			   "$DIST_ROOT/$win/$PV/easyrsa" || die "Cannot update easyrsa version data"