From b49b73ee689f9ef1970e8bb0f18305772ea1081d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20De=20Wilde?= <c.dewilde@gmail.com>
Date: Tue, 21 Jun 2022 08:59:59 +0200
Subject: [PATCH] Fix path for crl_auto_renew with easy_rsa 3.0 Add test for
 for crl.pem with easyrsa 2.0 & 3.0

---
 manifests/server.pp                 | 2 +-
 spec/defines/openvpn_server_spec.rb | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/manifests/server.pp b/manifests/server.pp
index ddb3aeff..e2d87641 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -409,7 +409,7 @@
           }
           '3.0': {
             exec { "renew crl.pem on ${name}":
-              command  => "./easyrsa gen-crl && cp ./keys/crl.pem ${server_directory}/${server}/crl.pem",
+              command  => "./easyrsa gen-crl && cp ./keys/crl.pem ${server_directory}/${name}/crl.pem",
               cwd      => "${server_directory}/${name}/easy-rsa",
               provider => 'shell',
               schedule => "renew crl.pem schedule on ${name}",
diff --git a/spec/defines/openvpn_server_spec.rb b/spec/defines/openvpn_server_spec.rb
index 44f8b36a..a7fcc539 100644
--- a/spec/defines/openvpn_server_spec.rb
+++ b/spec/defines/openvpn_server_spec.rb
@@ -585,6 +585,7 @@
           it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^cert\s+#{server_directory}/test_server/keys/mylittlepony.crt$}) }
           it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^key\s+#{server_directory}/test_server/keys/mylittlepony.key$}) }
           it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^dh\s+#{server_directory}/test_server/keys/dh2048.pem$}) }
+          it { is_expected.to contain_exec('renew crl.pem on test_server').with('command' => ". ./vars && KEY_CN='' KEY_OU='' KEY_NAME='' KEY_ALTNAMES='' openssl ca -gencrl -out #{server_directory}/test_server/crl.pem -config #{server_directory}/test_server/easy-rsa/openssl.cnf") }
         end
 
         context 'creating a server in client mode' do
@@ -972,6 +973,7 @@
           it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^cert\s+#{server_directory}/test_server/keys/issued/mylittlepony.crt$}) }
           it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^key\s+#{server_directory}/test_server/keys/private/mylittlepony.key$}) }
           it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^dh\s+#{server_directory}/test_server/keys/dh.pem$}) }
+          it { is_expected.to contain_exec('renew crl.pem on test_server').with('command' => "./easyrsa gen-crl && cp ./keys/crl.pem #{server_directory}/test_server/crl.pem") }
         end
 
         context 'creating a server in dn_mode cn_only' do