From be8f400b1343b01a7871db33d00f604ff832611e Mon Sep 17 00:00:00 2001 From: Richard T Bonhomme Date: Wed, 10 Apr 2024 23:21:14 +0100 Subject: [PATCH 1/2] Remove command and function display_cn(), unused Signed-off-by: Richard T Bonhomme --- easyrsa3/easyrsa | 87 +++--------------------------------------------- 1 file changed, 4 insertions(+), 83 deletions(-) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index ac8f66f52..5c85405a4 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -499,9 +499,6 @@ These commands are safe to test and will NOT effect your PKI. Check number is unique: serial|check-serial - Display CN of request or certificate:
= req|x509 - display-cn - Display DN of request or certificate: = req|x509 display-dn @@ -616,11 +613,12 @@ Certificate & Request options: (these impact cert/req field values) --copy-ext : Copy included request X509 extensions (namely subjAltName) For more info, see: 'easyrsa help copyext' ---san|--subject-alt-name= - : Add a subjectAltName. +--san|--subject-alt-name=SUBJECT_ALT_NAME + : Add a subjectAltName. Can be used multiple times. For more info and syntax, see: 'easyrsa help altname' ---new-subject : Specify a new subject field to sign a request with. +--new-subject='SUBJECT' + : Specify a new subject field to sign a request with. For more info and syntax, see: 'easyrsa help subject' --usefn=NAME : export-p12, set 'friendlyName' to NAME @@ -3393,79 +3391,6 @@ update_db() { die "Failed to perform update-db." } # => update_db() -# Display commonName -display_cn() { - format="$1" - path="$2" - var_name="$3" - shift "$#" - - case "$format" in - req) - def_dir=reqs - dot_3=req - ;; - x509) - def_dir=issued - dot_3=crt - ;; - '') - user_error "display_cn - Unspecified format" - ;; - *) - user_error "display_cn - Unknown format: '$format'" - esac - - # Check for absolute or relative file name - if [ -e "$path" ]; then - : # ok - else - in_file="${EASYRSA_PKI}/${def_dir}/${path}.${dot_3}" - in_file_1="${EASYRSA_PKI}/${def_dir}/${path}" - if [ -e "$in_file" ]; then - path="$in_file" - elif [ -e "$in_file_1" ]; then - path="$in_file_1" - else - user_error "\ -display_cn - Type '$format', missing: '$path'" - fi - fi - - # Extract commonName - error_info="Certs require form 'x509'; Reqs require form 'req'" - if ssl_cn="$( - export OPENSSL_CONF=/dev/null - "$EASYRSA_OPENSSL" "$format" -in "$path" -noout -subject \ - -nameopt utf8,sep_multiline,space_eq,lname,align | \ - grep '^[[:blank:]]*commonName' - )" - then - unset -v error_info - else - die "display_cn - ssl_cn: Not found 'commonName'" - fi - - # Return commonName - if [ "$internal_batch" ] || [ "$EASYRSA_BATCH" ]; then - # Remove the label - ssl_cn="${ssl_cn#*= }" - # if set then return CN via variable - if [ "$var_name" ]; then - verbose "display_cn - force_set_var '$var_name' '$ssl_cn'" - force_set_var "$var_name" "$ssl_cn" || \ - die "display_cn - force_set_var '$var_name' '$ssl_cn'" - else - print "$ssl_cn" - fi - else - print "$ssl_cn" - fi - - unset -v ssl_cn var_name in_file in_file_1 \ - def_dir dot_3 path format internal_batch -} # => display_cn() - # display cert DN info on a req/X509, passed by full pathname display_dn() { [ "$#" = 2 ] || die "\ @@ -5533,10 +5458,6 @@ Place a copy of easyrsa-tools.lib in a standard system location." check_serial_unique "$@" || \ easyrsa_exit_with_error=1 ;; - display-cn) - verify_working_env - display_cn "$@" - ;; display-dn) verify_working_env display_dn "$@" From fac93ba9796bd1f9a092d0dc7a6e865995b773c7 Mon Sep 17 00:00:00 2001 From: Richard T Bonhomme Date: Wed, 10 Apr 2024 23:34:55 +0100 Subject: [PATCH 2/2] ChangeLog: Remove command and function display_cn(), unused Signed-off-by: Richard T Bonhomme --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 853b8d751..fcd804ca9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ Easy-RSA 3 ChangeLog 3.2.0 (TBD) + * Remove command and function display_cn(), unused (be8f400) (#1114) * Introduce Options to edit Request Subject during command 'sign-req' Global Option: --new-subject -- Command 'sign-req' option: 'newsubj' First proposed in: (#439) -- Completed: (83b81c7) (#1111)