Minor tidy-up

TinCanTech · TinCanTech · commit e6153d9f6d13 · 2022-01-14T23:08:14.000Z
Signed-off-by: Richard T Bonhomme &lt;tincantech@protonmail.com&gt;
diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml
@@ -38,7 +38,8 @@ jobs:
       #    run: |
       #      echo Add other actions to build,
       #      echo test, and deploy your project.
-        # This workflow contains a single job called "build"
+      # This workflow contains a single job called "build"
+
   wtest:
     # The type of runner that the job will run on
     runs-on: windows-latest
diff --git a/EasyTLS-Change.log b/EasyTLS-Change.log
@@ -2,7 +2,7 @@ https://github.com/TinCanTech/easy-tls
   Change log:
 
 Version 2.7.0
-* TBD
+* 2022-01-14 - Commit 
   Switch to fast hash routine
     Commit b5baffdf19f23b217a29e4a11dbf8a380b03cb21
       This is approximately 28% faster than wiscii_hash
@@ -11,7 +11,7 @@ Version 2.7.0
       Add Client-Group keys to standard TLS-Crypt-V2 Server-keys
 
 Version 2.6.0
-* 2021-12-13
+* 2021-12-13 - Commit 28936a49805e241ec10c848648aa52675ee7472c
   Introduce easytls-tctip.lib (Optional library)
     Commit f85e95e4bdd4a6d74bb180a8859206e1452f5aa1
       Shared IPv4/6 address functions
diff --git a/easytls b/easytls
@@ -9141,18 +9141,18 @@ main ()
 			empty_ok=1
 			FILE_HASH_DISABLED=1
 		;;
-		-b|--base-dir)
-			EASYTLS_base_dir="${val}"
-		;;
 		-t|--tmp-dir)
 			EASYTLS_tmp_dir="${val}"
 		;;
-		-e|--ersabin-dir)
-			EASYTLS_ersabin_dir="${val}"
+		-b|--base-dir)
+			EASYTLS_base_dir="${val}"
 		;;
 		-o|--ovpnbin-dir)
 			EASYTLS_ovpnbin_dir="${val}"
 		;;
+		-e|--ersabin-dir)
+			EASYTLS_ersabin_dir="${val}"
+		;;
 		-*)
 			fatal_opt "Unknown option: ${opt}"
 			shift
diff --git a/easytls-client-connect.sh b/easytls-client-connect.sh
@@ -16,11 +16,6 @@ copyright ()
 # This code is released under version 2 of the GNU GPL
 # See LICENSE of this project for full licensing details.
 #
-# Acknowledgement:
-# syzzer: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txt
-#
-# Lock client connections to specific client devices.
-#
 VERBATUM_COPYRIGHT_HEADER_INCLUDE_NEGOTIABLE
 }
 
@@ -919,12 +914,12 @@ while [ -n "${1}" ]; do
 				EASYTLS_VARS_FILE="${val}" ;;
 		esac
 	;;
-	-b|--base-dir)
-		EASYTLS_base_dir="${val}"
-	;;
 	-t|--tmp-dir)
 		EASYTLS_tmp_dir="${val}"
 	;;
+	-b|--base-dir)
+		EASYTLS_base_dir="${val}"
+	;;
 	-o|--openvpn-bin-dir)
 		EASYTLS_ovpnbin_dir="${val}"
 	;;
diff --git a/easytls-client-connect.vars-example b/easytls-client-connect.vars-example
@@ -11,31 +11,30 @@
 #ENFORCE_CRYPT_V2=1
 #ENFORCE_KEY_HWADDR=1
 #PEER_IP_MATCH=1
+
+# Openvpn dynamic client options
 #EASYTLS_DYN_OPTS_FILE=/etc/openvpn/server/easytls-dyn-opts
 
-# One of these directories MUST exist
+# Set a specific temporary directory
 #EASYTLS_tmp_dir=/tmp
 #EASYTLS_tmp_dir=/Windows/Temp
 
+# Connection tracking
 #ENABLE_CONN_TRAC=1 # Also requires easytls-client-disconnect.sh
 #VERBOSE_CONN_TRAC=1
 #ENABLE_CONN_TRAC_STATS=1
 
-# Be careful ..
+# Enable tlskey-status tracking
+#EASYTLS_TLSKEY_STATUS=1
+
+# Fine tune lock time-out
+#LOCK_TIMEOUT=30
+
+# Debug tools
 #FATAL_CONN_TRAC=1
 #FATAL_CONN_TRAC_2=1
 #POOL_EXHAUST_FATAL=1
 #POOL_EXHAUST_KILL_CLIENT=1
-
-# Enable tlskey-status tracking
-#EASYTLS_TLSKEY_STATUS=1
-
-# Enable kill server mode
 #ENABLE_KILL_SERVER=1
-
-# Write environment to temporary log file
 #WRITE_ENV=1
 
-# Fine tune lock time-out
-#LOCK_TIMEOUT=30
-
diff --git a/easytls-client-disconnect.sh b/easytls-client-disconnect.sh
@@ -16,11 +16,6 @@ copyright ()
 # This code is released under version 2 of the GNU GPL
 # See LICENSE of this project for full licensing details.
 #
-# Acknowledgement:
-# syzzer: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txt
-#
-# Lock client connections to specific client devices.
-#
 VERBATUM_COPYRIGHT_HEADER_INCLUDE_NEGOTIABLE
 }
 
@@ -644,12 +639,12 @@ while [ -n "${1}" ]; do
 				EASYTLS_VARS_FILE="${val}" ;;
 		esac
 	;;
-	-b|--base-dir)
-		EASYTLS_base_dir="${val}"
-	;;
 	-t|--tmp-dir)
 		EASYTLS_tmp_dir="${val}"
 	;;
+	-b|--base-dir)
+		EASYTLS_base_dir="${val}"
+	;;
 	-o|--openvpn-bin-dir)
 		EASYTLS_ovpnbin_dir="${val}"
 	;;
diff --git a/easytls-client-disconnect.vars-example b/easytls-client-disconnect.vars-example
@@ -3,6 +3,11 @@
 
 #EASYTLS_VERBOSE=1
 
+# Set a specific temporary directory
+#EASYTLS_tmp_dir=/tmp
+#EASYTLS_tmp_dir=/Windows/Temp
+
+# Connection tracking
 #ENABLE_CONN_TRAC=1 # Also requires easytls-client-disconnect.sh
 #VERBOSE_CONN_TRAC=1
 #ENABLE_CONN_TRAC_STATS=1
@@ -11,19 +16,11 @@
 #EASYTLS_TLSKEY_STATUS=1
 #ENABLE_STALE_LOG=1
 
-# One of these directories MUST exist
-#EASYTLS_tmp_dir=/tmp
-#EASYTLS_tmp_dir=/Windows/Temp
+# Fine tune lock time-out
+#LOCK_TIMEOUT=30
 
-# be careful..
+# Debug tools
 #FATAL_CONN_TRAC=1
-
-# Enable kill server mode
 #ENABLE_KILL_SERVER=1
-
-# Write environment to temporary log file
 #WRITE_ENV=1
 
-# Fine tune lock time-out
-#LOCK_TIMEOUT=30
-
diff --git a/easytls-cryptv2-verify.sh b/easytls-cryptv2-verify.sh
@@ -958,18 +958,18 @@ while [ -n "${1}" ]; do
 	-p|--preload-id)
 		PRELOAD_CA_ID="${val}"
 	;;
-	-b|--base-dir)
-		EASYTLS_base_dir="${val}"
-	;;
 	-t|--tmp-dir)
 		EASYTLS_tmp_dir="${val}"
 	;;
-	-e|--easyrsa-bin-dir)
-		EASYTLS_ersabin_dir="${val}"
+	-b|--base-dir)
+		EASYTLS_base_dir="${val}"
 	;;
 	-o|--openvpn-bin-dir)
 		EASYTLS_ovpnbin_dir="${val}"
 	;;
+	-e|--easyrsa-bin-dir)
+		EASYTLS_ersabin_dir="${val}"
+	;;
 	*)
 		warn_die "Unknown option: ${1}"
 	;;
diff --git a/easytls-cryptv2-verify.vars-example b/easytls-cryptv2-verify.vars-example
@@ -31,20 +31,20 @@
 #X509_METHOD=3
 
 # Preload CA-ID
-#PRELOAD_CA_ID='paste the CA-ID here'
+#PRELOAD_CA_ID=<paste the CA-ID here>
 
 # Enable/disable kill_client mode
 #ENABLE_KILL_CLIENT=1
 
 # Set a specific temporary directory
-#EASYTLS_tmp_dir='/tmp'               # *nix
-#EASYTLS_tmp_dir='C:/Windows/Temp'    # Win
+#EASYTLS_tmp_dir=/tmp               # *nix
+#EASYTLS_tmp_dir=C:/Windows/Temp    # Win
 
 # If easytls-cryptv2-verify.sh is run stand alone then use this
 #EASYTLS_STAND_ALONE=1
 
 # Hash algorithm
-#EASYTLS_HASH_ALGO='SHA256'
+#EASYTLS_HASH_ALGO=SHA256
 
 # Write environment to temporary log file
 #WRITE_ENV=1
diff --git a/easytls-op-test.bat b/easytls-op-test.bat
@@ -13,12 +13,6 @@ REM
 REM This code is released under version 2 of the GNU GPL
 REM See LICENSE of this project for full licensing details.
 REM
-REM Acknowledgement:
-REM This utility is "written in the style of" and "borrows heavily from" Easy-RSA
-REM
-REM Easy-TLS is inspired by syzzer
-REM See: https://github.com/OpenVPN/openvpn/blob/master/doc/tls-crypt-v2.txt
-REM
 REM VERBATUM_COPYRIGHT_HEADER_INCLUDE_NEGOTIABLE
 
 set
@@ -56,7 +50,7 @@ IF ERRORLEVEL 0 SET SH_EXIT=0
 REM X509 certificate revoked
 IF ERRORLEVEL 1 SET SH_EXIT=1
 
-ECHO * Verified expected errors: 54
+ECHO * Verified expected errors: 42
 
 ECHO SH_EXIT: %SH_EXIT%
 EXIT /B %SH_EXIT%
