notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Ukraine
FreshPorts needs to find a new hosting provide willing to take a 2U chassis and host it free of charge. This is part of the FreshPorts project. Preferably in the Austin area. This is not a primary server, but it used for development.
Port details
easy-rsa Small RSA key management package based on openssl
3.1.0_2 security on this many watch lists=16 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout Version of this port present on the latest quarterly branch.
Maintainer: mandree@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2013-01-13 21:35:17
Last Update: 2022-06-05 12:57:25
Commit Hash: 32877d0
People watching this port, also watch:: pkg, ca_root_nss, openvpn, curl, readline
Also Listed In: net-mgmt
License: GPLv2
Description:
SVNWeb : git : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (10 items)
Collapse this list.
  1. /usr/local/share/licenses/easy-rsa-3.1.0_2/catalog.mk
  2. /usr/local/share/licenses/easy-rsa-3.1.0_2/LICENSE
  3. /usr/local/share/licenses/easy-rsa-3.1.0_2/GPLv2
  4. bin/easyrsa
  5. bin/easy-rsa
  6. @sample share/easy-rsa/openssl-easyrsa.cnf.example share/easy-rsa/openssl-easyrsa.cnf
  7. share/easy-rsa/vars.example
  8. @owner
  9. @group
  10. @mode
Collapse this list.
Dependency lines:
  • easy-rsa>0:security/easy-rsa
Conflicts:
CONFLICTS_INSTALL:
  • easy-rsa2
Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
To install the port:
cd /usr/ports/security/easy-rsa/ && make install clean
To add the package, run one of these commands:
  • pkg install security/easy-rsa
  • pkg install easy-rsa
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: easy-rsa
Flavors: there is no flavor information for this port.
distinfo:
Packages (timestamps in pop-ups are UTC):
easy-rsa
ABIlatestquarterly
FreeBSD:11:aarch643.0.5_13.0.7
FreeBSD:11:amd643.0.83.0.8
FreeBSD:11:armv63.0.1_13.0.7
FreeBSD:11:i3863.0.83.0.8
FreeBSD:11:mips--
FreeBSD:11:mips643.0.1_13.0.7
FreeBSD:12:aarch643.0.5_13.1.0_2
FreeBSD:12:amd643.1.0_23.1.0_2
FreeBSD:12:armv63.0.5_13.0.8
FreeBSD:12:armv73.0.5_13.0.8
FreeBSD:12:i3863.1.0_23.1.0_2
FreeBSD:12:mips--
FreeBSD:12:mips643.0.5_13.0.7
FreeBSD:12:powerpc64-3.0.8
FreeBSD:13:aarch643.1.0_23.1.0_2
FreeBSD:13:amd643.1.0_23.1.0_2
FreeBSD:13:armv63.0.83.1.0_2
FreeBSD:13:armv73.1.0_23.1.0_2
FreeBSD:13:i3863.1.0_23.1.0_2
FreeBSD:13:mips--
FreeBSD:13:mips643.0.83.0.8
FreeBSD:13:powerpc643.0.83.0.8
FreeBSD:13:riscv64-3.1.0_2
FreeBSD:14:aarch643.1.0_2-
FreeBSD:14:amd643.1.0_2-
FreeBSD:14:armv63.1.0_2-
FreeBSD:14:armv73.1.0_2-
FreeBSD:14:i3863.1.0_2-
FreeBSD:14:mips--
FreeBSD:14:mips643.0.8-
FreeBSD:14:powerpc643.0.8-
FreeBSD:14:riscv643.0.8-
 

This port is required by:
for Run
  1. security/openvpn
  2. security/openvpn-devel

Deleted ports which required this port:

Expand this list of 4 deleted ports
  1. security/openvpn-mbedtls*
  2. security/openvpn-polarssl*
  3. security/openvpn23*
  4. security/openvpn23-polarssl*
  5. Collapse this list of deleted ports.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:
Options name:

USES:

pkg-message:

Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://github.com/OpenVPN/easy-rsa/releases/download/v3.1.0/
Collapse this list.
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2016-01-11
    Affects: users of security/easy-rsa
    Author: mandree@FreeBSD.org
    Reason: 
      The port has been upgraded to version 3. This incurs major changes,
      please see ${PREFIX}/share/doc/easy-rsa/doc/EasyRSA-Upgrade-Notes.md
      for details.
    
      The old version 2.2.2 has been retained as security/easy-rsa2.
    
    
Port Moves
  • port moved here from security/easy-rsa2 on 2019-06-23
    REASON: Has expired: Use easy-rsa 3 instead

Number of commits found: 24

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
05 Jun 2022 12:57:25
 files touched by this commit commit hash:32877d0369a1bf4ac1cbd0a6c11ac3347bb5653b  3.1.0_2
Matthias Andree (mandree) search for other commits by this committer
security/easy-rsa: fix EASYRSA override and locale

* remove our own wrapper, overriding the EASYRSA folder is no
  longer working since 3.1.0.

* patch EasyRSA to unset LC_ALL and override LC_TIME, to avoid
  date command failures

* bump PORTREVISION=2

see comment #7 ff. of
PR:		264415
02 Jun 2022 21:29:43
 files touched by this commit commit hash:0a0dd568d8ab0a5598b7d0ccc6d560102418f512  3.1.0_1
Matthias Andree (mandree) search for other commits by this committer
security/easy-rsa: fix confusion of vars file

...and no longer package it as @sample. It is per-PKI, and easyrsa init-pki
will copy vars.example from the distribution, and create a PKI-local copy
named vars.  Should fix grembo@'s bug report [1]

add a new pkg-message file to explain this.

while here, add a convenience hardlink easy-rsa to the easyrsa wrapper,
to have an executable matching the package name.

PR:		264415
Reported by:	grembo@ (Michael Gmelin)
21 May 2022 13:10:05
 files touched by this commit commit hash:3ec62b06e2c63703aba5944a0dbe58824a982299  3.1.0
Matthias Andree (mandree) search for other commits by this committer
security/easy-rsa: update to 3.1.0

3.1.0 (2022-05-18)
   * Introduce basic support for OpenSSL version 3 (#492)
   * Update regex in grep to be POSIX compliant (#556)
   * Introduce status reporting tools (#555 & #557)
   * Display certificates using UTF8 (#551)
   * Allow certificates to be created with fixed date offset (#550)
   * Add 'verify' to verify certificate against CA (#549)
   * Add PKCS#12 alias 'friendlyName' (#544)
   * Disallow use of '--vars=FILE init-pki' (#566)
   * Support multiple IP-Addresses in SAN (#564)
   * Add option '--renew-days=NN', custom renew grace period (#557)
   * Add 'nopass' option to the 'export-pkcs' functions (#411)
   * Add support for 'busybox' (#543)
(Only the first 15 lines of the commit message are shown above View all of this commit message)
06 May 2022 17:34:51
 files touched by this commit commit hash:8e0b9d2d558fe1cdab743ca0b954ef5a3f578bc2  3.0.8_1
Matthias Andree (mandree) search for other commits by this committer
security/easy-rsa: fix cert issuance with BSD grep

easyrsa running on systems with bsdgrep for grep
fails issuing certs because it attempts \d as shorthand for
[[:digit:]] or [0-9] and triggers a grep failure with diagnostic

    grep: trailing backslash (\)

Filed upstream: https://github.com/OpenVPN/easy-rsa/issues/556

PR:		263812
Submitted by:	grembo@
25 Nov 2021 21:40:11
 files touched by this commit commit hash:04b9da414081a733478d3def4e1e3777908536c6  3.0.8
Stefan E├čer (se) search for other commits by this committer
*/*: Remove redundant '-*' from CONFLICTS definitions

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Approved by: portmgr (blanket)
07 Apr 2021 08:09:01
 files touched by this commit commit hash:cf118ccf875508b9a1c570044c93cfcc82bd455c  3.0.8
Mathieu Arnold (mat) search for other commits by this committer
One more small cleanup, forgotten yesterday.
Reported by:	lwhsu
06 Apr 2021 14:31:07
 files touched by this commit commit hash:305f148f482daf30dcf728039d03d019f88344eb  3.0.8
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
19 Sep 2020 07:49:11
Original commit files touched by this commit Revision:548946  3.0.8
mandree search for other commits by this committer
security/easy-rsa: update to 3.0.8

   * Provide --version option (#372)
   * Version information now within generated certificates like on *nix
   * Fixed issue where gen-dh overwrote existing files without warning (#373)
   * Fixed issue with ED/EC certificates were still signed by RSA (#374)
   * Added support for export-p8 (#339)
   * Clarified error message (#384)
   * 2->3 upgrade now errors and prints message when vars isn't found (#377)
31 Mar 2020 00:36:54
Original commit files touched by this commit Revision:529928  3.0.7
mandree search for other commits by this committer
security/easy-rsa: Update to v3.0.7

FreeBSD-relevant ChangeLog extract since 3.0.6:
   * Remove RANDFILE environment variable (#261)
   * Workaround for bug in win32 mktemp (#247, #305, PR #312)
   * Handle IP address in SAN and renewals (#317)
   * Workaround for ash and no set -o echo (#319)
   * Shore up windows testing framework (#314)
   * Provide upgrade mechanism for older versions of EasyRSA (#349)
   * Add support for KDC certificates (#322)
   * Add support for Edward Curves (#354, #350)
   * Add support for EASYRSA_PASSIN and EASYRSA_PASSOUT env vars (#368)
   * Add support for RID to SAN (#362)

Update WWW: link in pkg-descr.

Remove patches that have been integrated upstream.

Shuffle USES=-line to please portlint.

Add NO_ARCH=yes, since this is all scripts and text.

Reported by:	Eric F Crist (upstream maintainer)
23 Mar 2019 11:11:25
Original commit files touched by this commit Revision:496638  3.0.6
mandree search for other commits by this committer
security/easy-rsa: update to 3.0.6

ChangeLog: <https://github.com/OpenVPN/easy-rsa/releases/tag/v3.0.6>

This also includes a cherry-pick for Issue #261 that happened
only after v3.0.6, <https://github.com/OpenVPN/easy-rsa/issues/261>
15 Sep 2018 15:30:23
Original commit files touched by this commit Revision:479838  3.0.5_1
mandree search for other commits by this committer
Fix security/easy-rsa regression that broke bootstrapping.

v3.0.5 added code that expanded variables, for compatibility with LibreSSL.
This code assumed that the source configuration file could be variable-
expanded and the result could be saved next to the source - which it
cannot, since the latter is under ${PREFIX} where the unprivileged users
should not be able to write.

Add a patch provided by Eric Crist, and rename another file to keep
a sane patch order.
15 Sep 2018 13:22:32
Original commit files touched by this commit Revision:479835  3.0.5
mandree search for other commits by this committer
Mark broken pending a band-aid fix from upstream.
15 Sep 2018 12:55:34
Original commit files touched by this commit Revision:479834  3.0.5
mandree search for other commits by this committer
Update security/easy-rsa to 3.0.5 release.

ChangeLog: <https://github.com/OpenVPN/easy-rsa/releases/tag/v3.0.5>
25 Jun 2018 19:00:26
Original commit files touched by this commit Revision:473331  3.0.4
mandree search for other commits by this committer
Upgrade Easy-RSA to v3.0.4

Upstream's ChangeLog (without Windows-/Travis related changes) since v3.0.1:

* Remove use of egrep (#154)
* Remove "local" from variable assignment (#165)
* Assign values to variables defined previously w/local
* Finally(?) fix the subjectAltName issues presented earlier (really fixes #168)
* copy CSR extensions into signed certificate
11 Jan 2018 14:18:01
Original commit files touched by this commit Revision:458739  3.0.1_1
danfe search for other commits by this committer
Do not abuse INSTALL_MAN when installing documentation, examples, and
other miscellaneous files that are not actually manual pages (part 2).
17 Feb 2016 20:36:46
Original commit files touched by this commit Revision:409070  3.0.1_1
mandree search for other commits by this committer
Install openssl-1.0.cnf as well (EasyRSA-3.0 specific).

Originally install it as ${DATADIR}/*.example and mark it as @sample in
pkg-plist, so that it gets copied to the real file name on installation,
and will not be removed if modified by the user.

Submitted by:	Michele Possamai (e-mail kept private)
11 Jan 2016 23:27:56
Original commit files touched by this commit Revision:405814  3.0.1
mandree search for other commits by this committer
Repair breakage on older make implementations (FreeBSD 9.3).
11 Jan 2016 23:23:01
Original commit files touched by this commit Revision:405813  3.0.1
mandree search for other commits by this committer
Update security/easy-rsa to major release 3.0.1.

Move a copy of the older package to security/easy-rsa2,
add CONFLICTS_INSTALL markers, and an UPDATING entry.

Changelog: <https://github.com/OpenVPN/easy-rsa/releases>
21 May 2015 05:08:49
Original commit files touched by this commit Revision:386906  2.2.2
bdrewery search for other commits by this committer
Update to 2.2.2.

Changes:
  - Default KEY_SIZE to 2048 bits
  - Default the signing hash to SHA256 rather than SHA1 and MD5
  - vars cleanups
  - pkitool cleanups
  - pkitool -days fix for https://community.openvpn.net/openvpn/ticket/198

Approved by:	2 year old fix for SHA1->SHA256.
13 Nov 2014 09:02:57
Original commit files touched by this commit Revision:372514  2.2.0.m
antoine search for other commits by this committer
Cleanup plist
25 Sep 2013 00:54:09
Original commit files touched by this commit Revision:328226  2.2.0.m
bdrewery search for other commits by this committer
- Remove NO_STAGE as these have been tested to be safe

With hat:	portmgr
20 Sep 2013 22:55:26
Original commit files touched by this commit Revision:327769  2.2.0.m
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
29 Mar 2013 19:33:42
Original commit files touched by this commit Revision:315566  2.2.0.m
cs search for other commits by this committer
- Remove A/An in COMMENT
- Trim Header where applicable
13 Jan 2013 21:35:06
Original commit files touched by this commit Revision:310340  2.2.0.m
mandree search for other commits by this committer
Add a new security/easy-rsa package that contains the bits that got
split out of OpenVPN prior to the current 2.3.0 release, and make that
security/openvpn RUN_DEPENDS on it. Also update UPDATING record.

Number of commits found: 24