easy-rsa icon indicating copy to clipboard operation
easy-rsa copied to clipboard

Published 20 hours ago verified publisher icon OpenVPN

`dev/easyrsa-tools.lib` missing in release build

Open freddebacker opened this issue 1 year ago • 3 comments

Hi,

dev/easyrsa-tools.lib seems to be missing in the release file. I downloaded EasyRSA-3.2.0.tgz and command ./easyrsa show-expire does not work complaining missing file.

I worked around by downloading it directly from github.

Fred

freddebacker avatar May 20 '24 08:05 freddebacker

worked around by downloading it directly from github

For the time being, downloading is the correct solution.

Includes: Easy-RSA version 3.2.0 and 3.2.1

The rational is: easyrsa v3.1.7 carries around a lot of old code, including the status reports you mentioned, certificate renewal and the upgrade procedure:

  • Status reports are still a work in progress; while they work, they are cumbersome. Development can continue without disturbing easyrsa code.
  • Command renew has been replaced by better code. The renew command did not work properly; it would drop some certificate attributes during renewal and the work required to make renew work correctly is an unnecessary maintenance burden. Now, if a certificate is expiring/expired, it can be replaced with a new certificate with all the same attributes as the original, via sign-req command.
  • Upgrading the CA/PKI is now considered to be obsoleted. The code was removed.

easyrsa v3.2.0 is the start of a new version, that will not be overly burdened by old code.

This does not effect the core functionality of Easy-RSA; Building a secure Public Key Infrastructure.

TinCanTech avatar May 20 '24 12:05 TinCanTech

Arch Linux issue: https://gitlab.archlinux.org/archlinux/packaging/packages/easy-rsa/-/issues/1

Is there a workaround (-> what is a standard system location)?

marek22k avatar Sep 21 '24 12:09 marek22k

For Easy-RSA Standard system location:

  • The Easy-RSA pki directory, specified by $EASYRSA_PKI env-var.
  • The directory specified by $EASYRSA env-var.
  • The current working directory, specified by $PWD env-var.
  • The directory specified by the easyrsa script location $0 env-var.
  • The directory /usr/local/share/easy-rsa.
  • The directory /usr/share/easy-rsa.
  • The directory /etc/easy-rsa.
  • Any preferred directory, specified by --tools=<PATH/FILE-NAME>.

TinCanTech avatar Sep 22 '24 12:09 TinCanTech

I believe easyrsa-tools.lib ~has had enough time to stabilize~. I intend to fold it back into the main easyrsa script before ~v3.2.2~ (#1258).

Perhaps v3.2.3 is a better target.

TinCanTech avatar Nov 28 '24 21:11 TinCanTech

It would be simpler, if easyrsa-tools.lib were simply moved to the easyrsa3/ directory. #1259

TinCanTech avatar Nov 29 '24 20:11 TinCanTech

Closed via d30b6885f9b90b422b1eb7102e8702be9d3ebe36

TinCanTech avatar Dec 01 '24 17:12 TinCanTech