Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vars: Conditionally disable "Prefer vars in PKI" message #1008

Closed
wants to merge 2 commits into from
Closed

vars: Conditionally disable "Prefer vars in PKI" message #1008

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f77f697
vars: Conditionally disable "Prefer vars in PKI" message
TinCanTech Aug 29, 2023
e446913
vars: Remove EASYRSA and EASYRSA_PKI from built-in vars file
TinCanTech Aug 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 35 additions & 24 deletions easyrsa3/easyrsa
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1395,8 +1395,10 @@ init_pki: x509-types dir ${EASYRSA_EXT_DIR:-Not found}"

# Must be used in two places, so made it a function
prefer_vars_in_pki_msg() {
if [ "$vars_in_pki" ] || [ "$user_vars_true" ] ||
if [ "$vars_in_pki" ] ||
[ "$user_vars_true" ] ||
[ "$EASYRSA_NO_VARS" ]
[ "$user_pki_true" ]
then
return
fi
Expand Down Expand Up @@ -5809,10 +5811,42 @@ Remove 'unset' ('force_set_var' may also work)."
( . "$vars" ) || \
die "Failed to source the vars file."

# Take note of important variables
# set before sourcing vars
unset -v before_EASYRSA
[ -z "$EASYRSA" ] || before_EASYRSA=1
unset -v before_EASYRSA_PKI
[ -z "$EASYRSA_PKI" ] || before_EASYRSA_PKI=1

# Source 'vars' now
# shellcheck disable=1090 # can't follow .. vars
. "$vars" 2>/dev/null
unset -v EASYRSA_CALLER

# Take note of important variables
# set after sourcing vars
unset -v after_EASYRSA
[ -z "$EASYRSA" ] || after_EASYRSA=1
unset -v after_EASYRSA_PKI
[ -z "$EASYRSA_PKI" ] || after_EASYRSA_PKI=1

# If the user has set something important
# then they know what they are doing
if [ "$before_EASYRSA" ] ||
[ "$before_EASYRSA_PKI" ] ||
[ "$after_EASYRSA" ] ||
[ "$after_EASYRSA_PKI" ]
then
# Don't pester about vars in PKI
user_pki_true=1
verbose "\
vars_setup: disable vars_in_pki_msg, user pki"
else
unset -v user_pki_true
fi
unset -v \
before_EASYRSA before_EASYRSA_PKI \
after_EASYRSA after_EASYRSA_PKI
fi

# Set defaults, preferring existing env-vars if present
Expand Down Expand Up @@ -6101,16 +6135,6 @@ fi

# DO YOUR EDITS BELOW THIS POINT

# This variable is used as the base location of configuration files needed by
# easyrsa. More specific variables for specific files (eg: EASYRSA_SSL_CONF)
# may override this default.
#
# The default value of this variable is the location of the easyrsa script
# itself, which is also where the configuration files are located in the
# easy-rsa tree.
#
#set_var EASYRSA "${0%/*}"

# If your OpenSSL command is not in the system PATH, you will need to define
# the path here. Normally this means a full path to the executable, otherwise
# you could have left it undefined here and the shown default would be used.
Expand All @@ -6124,19 +6148,6 @@ fi
# This sample is in Windows syntax -- edit it for your path if not using PATH:
#set_var EASYRSA_OPENSSL "C:/Program Files/OpenSSL-Win32/bin/openssl.exe"

# Edit this variable to point to your soon-to-be-created key directory.
# By default, this will be "$PWD/pki" (ie: the "pki" subdirectory of the
# directory you are currently in).
#
# WARNING: init-pki will do a rm -rf on this directory so make sure you define
# it correctly! Interactive mode will prompt before acting.
#
#set_var EASYRSA_PKI "$PWD/pki"

# Define directory for temporary subdirectories.
#
#set_var EASYRSA_TEMP_DIR "$EASYRSA_PKI"

# Define X509 DN mode.
#
# This is used to adjust which elements are included in the Subject field
Expand Down