--- /dev/null
+Description: Upstream changes introduced in version 0.1-1
+ This patch has been created by dpkg-source during the package build.
+ Here's the last changelog entry, hopefully it gives details on why
+ those changes were made:
+ .
+ keyringer (0.1-1) unstable; urgency=low
+ .
+ * Initial release (Closes: #nnnn) <nnnn is the bug number of your ITP>
+ .
+ The person named in the Author field signed this changelog entry.
+Author: Silvio Rhatto <rhatto@riseup.net>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- keyringer-0.1.orig/Makefile
++++ keyringer-0.1/Makefile
+@@ -23,7 +23,6 @@ clean:
+ find . -name *~ | xargs rm -f # clean local backups
+
+ install_lib:
+- $(INSTALL) -D --mode=0644 lib/keyringer/csr.sh $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/csr.sh
+ $(INSTALL) -D --mode=0644 lib/keyringer/functions $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/functions
+
+ install_share:
+--- keyringer-0.1.orig/share/keyringer/genpair
++++ keyringer-0.1/share/keyringer/genpair
+@@ -101,10 +101,6 @@ function genpair_ssl {
+ cd "$TMPWORK"
+
+ # Generate certificate
+- if [ "$KEYTYPE" == "ssl-cacert" ]; then
+- # We use a custom script for CaCert
+- "$LIB/csr.sh" "$NODE"
+- else
+ cat <<EOF >> openssl.conf
+ [ req ]
+ default_keyfile = ${NODE}_privatekey.pem
+@@ -127,22 +123,21 @@ commonName = Common
+ extendedKeyUsage=serverAuth,clientAuth
+ EOF
+
+- # Add SubjectAltNames so wildcard certs can work correctly.
+- if [ "$WILDCARD" == "yes" ]; then
++ # Add SubjectAltNames so wildcard certs can work correctly.
++ if [ "$WILDCARD" == "yes" ]; then
+ cat <<EOF >> openssl.conf
+ subjectAltName=DNS:${NODE}, DNS:${CNAME}
+ EOF
+- fi
++ fi
+
+- echo "Please review your OpenSSL configuration:"
+- cat openssl.conf
+- read -p "Hit ENTER to continue." prompt
++ echo "Please review your OpenSSL configuration:"
++ cat openssl.conf
++ read -p "Hit ENTER to continue." prompt
+
+- openssl req -batch -nodes -config openssl.conf -newkey rsa:2048 -sha256 \
+- -keyout ${NODE}_privatekey.pem -out ${NODE}_csr.pem
++ openssl req -batch -nodes -config openssl.conf -newkey rsa:2048 -sha256 \
++ -keyout ${NODE}_privatekey.pem -out ${NODE}_csr.pem
+
+- openssl req -noout -text -in ${NODE}_csr.pem
+- fi
++ openssl req -noout -text -in ${NODE}_csr.pem
+
+ # Self-sign
+ if [ "$KEYTYPE" == "ssl-self" ]; then
+@@ -199,9 +194,9 @@ CWD="`pwd`"
+
+ # Verify
+ if [ -z "$NODE" ]; then
+- echo -e "Usage: keyringer <keyring> $BASENAME <gpg|ssh|ssl|ssl-cacert|ssl-self> <file> <hostname> [outfile]"
++ echo -e "Usage: keyringer <keyring> $BASENAME <gpg|ssh|ssl|ssl-self> <file> <hostname> [outfile]"
+ echo -e "Options:"
+- echo -e "\t gpg|ssh|ssl[-cacert,-self]: key type."
++ echo -e "\t gpg|ssh|ssl[-self]: key type."
+ echo -e "\t file : base file name for encrypted output (relative to keys folder)"
+ echo -e "\t hostname : host for the key pair"
+ echo -e "\t outfile : optional unencrypted output file, useful for deployment"
+@@ -216,7 +211,7 @@ keyringer_set_tmpfile genpair -d
+
+ # Dispatch
+ echo "Generating $KEYTYPE key for $NODE..."
+-if [ "$KEYTYPE" == "ssl-self" ] || [ "$KEYTYPE" == "ssl-cacert" ]; then
++if [ "$KEYTYPE" == "ssl-self" ]; then
+ genpair_ssl
+ else
+ genpair_"$KEYTYPE"
projects / keyringer.git / commitdiff