Update easy-rsa to 3.1.2 and fix compatibility with Ubuntu 22.04

Based on this patch by @zerodivisi0n: https://github.com/angristan/openvpn-install/issues/1000#issuecomment-1283484772
2024-11-21 08:19:03 +01:00 · 2023-01-22 00:06:51 +01:00 · 2023-01-22 00:06:51 +01:00 · 2f76bb5e40
commit 2f76bb5e40
parent ca8d58d5f0
2 changed files with 6 additions and 7 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -15,6 +15,7 @@ jobs:
          - debian-11-x64
          - ubuntu-18-04-x64
          - ubuntu-20-04-x64
+          - ubuntu-22-04-x64
          - fedora-35-x64
          - centos-7-x64
          - centos-stream-8-x64
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@ -706,7 +706,7 @@ function installOpenVPN() {

 	# Install the latest version of easy-rsa from source, if not already installed.
 	if [[ ! -d /etc/openvpn/easy-rsa/ ]]; then
-		local version="3.0.7"
+		local version="3.1.2"
 		wget -O ~/easy-rsa.tgz https://github.com/OpenVPN/easy-rsa/releases/download/v${version}/EasyRSA-${version}.tgz
 		mkdir -p /etc/openvpn/easy-rsa
 		tar xzf ~/easy-rsa.tgz --strip-components=1 --no-same-owner --directory /etc/openvpn/easy-rsa
@ -729,18 +729,16 @@ function installOpenVPN() {
 		SERVER_NAME="server_$(head /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)"
 		echo "$SERVER_NAME" >SERVER_NAME_GENERATED

-		echo "set_var EASYRSA_REQ_CN $SERVER_CN" >>vars
-
 		# Create the PKI, set up the CA, the DH params and the server certificate
 		./easyrsa init-pki
-		./easyrsa --batch build-ca nopass
+		./easyrsa --batch --req-cn="$SERVER_CN" build-ca nopass

 		if [[ $DH_TYPE == "2" ]]; then
 			# ECDH keys are generated on-the-fly so we don't need to generate them beforehand
 			openssl dhparam -out dh.pem $DH_KEY_SIZE
 		fi

-		./easyrsa build-server-full "$SERVER_NAME" nopass
+		./easyrsa --batch build-server-full "$SERVER_NAME" nopass
 		EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl

 		case $TLS_SIG in
@ -1087,11 +1085,11 @@ function newClient() {
 		cd /etc/openvpn/easy-rsa/ || return
 		case $PASS in
 		1)
-			./easyrsa build-client-full "$CLIENT" nopass
+			./easyrsa --batch build-client-full "$CLIENT" nopass
 			;;
 		2)
 			echo "⚠️ You will be asked for the client password below ⚠️"
-			./easyrsa build-client-full "$CLIENT"
+			./easyrsa --batch build-client-full "$CLIENT"
 			;;
 		esac
 		echo "Client $CLIENT added."