-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
easyrsa gen-req is overwriting --req-cn
option with default value
#668
Comments
Sure, I can see the issue. The problem then becomes inconsistent behavior between batch mode and normal mode. I probably went too far trying to resolve related issue #456 |
Related Pull Request: #669 |
Currently I don't see any different behaviour in the Should there be any distincation? Based on the documentation it appears
Is that something we'd need to implement again? Happy to help out. |
I think that you are correct and my earlier change was based on my misunderstanding. Also, #669 looks good, thanks! Although, I may have to link the behavior to |
I believe the help-text is factually incorrect. As opposed to requiring Yet another example of how EasyRSA has abused Batch mode. At tomdev, you have already helped by submitting this issue, thanks. |
Before easyrsa v3.0.9 it was possible to pass in a custom common name with the
--req-cn
option flag:This functionality is broken as of easyrsa v3.0.9, and the common name will now always get set to the passed in "fileName". This is unexpected behaviour.
Bug
This bug was introduced in v3.0.9: https://github.com/OpenVPN/easy-rsa/blob/v3.0.9/easyrsa3/easyrsa#L1097 in commit a52d6c5
Previously, the variable
EASYRSA_REQ_CN
would only get set to the default value of the fileName when not in batch mode, but that check has been removed. I assume this was erroneously removed, as the code was updated to support EASYRSA_REQ_CN for all operation, and not just batch mode. The code did not make clear the EASYRSA_REQ_CN could have been set by a user already.Behaviour
Running the following command:
results in a request with common name set to "fileName".
Expected behaviour
Running the following command:
results in a request with common name set to "myCommonName".
Fix
Will link a pull request to this issue that fixes the bug.
The text was updated successfully, but these errors were encountered: