more robust internals
This commit is contained in:
parent
17c5440205
commit
16bce04c29
1 changed files with 23 additions and 7 deletions
30
ovpngen
30
ovpngen
|
@ -1,11 +1,11 @@
|
||||||
#!/bin/sh
|
#!/bin/bash
|
||||||
|
|
||||||
## Tested and works with OpenVPN Connect 1.0.7 build 199 (iOS 64-bit) on iOS 9.3.3
|
## Tested and works with OpenVPN Connect 1.0.7 build 199 (iOS 64-bit) on iOS 9.3.3
|
||||||
##
|
##
|
||||||
## Majority of the credit goes to the script's original author, trovao
|
## Majority of the credit goes to the script's original author, trovao
|
||||||
## Link to original script: https://gist.github.com/trovao/18e428b5a758df24455b
|
## Link to original script: https://gist.github.com/trovao/18e428b5a758df24455b
|
||||||
|
|
||||||
if [[ -z ${1} ]]; then
|
usage() {
|
||||||
echo "Usage: $0 SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET PORT PROTO"
|
echo "Usage: $0 SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET PORT PROTO"
|
||||||
echo
|
echo
|
||||||
echo "The first 5 tokens are required while the last are optional"
|
echo "The first 5 tokens are required while the last are optional"
|
||||||
|
@ -20,13 +20,29 @@ if [[ -z ${1} ]]; then
|
||||||
echo "For example:"
|
echo "For example:"
|
||||||
echo "ovpngen titty.nipples.org /etc/openvpn/ca.crt /etc/easy-rsa/pki/signed/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/ta.key > iphone.ovpn"
|
echo "ovpngen titty.nipples.org /etc/openvpn/ca.crt /etc/easy-rsa/pki/signed/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/ta.key > iphone.ovpn"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
}
|
||||||
|
|
||||||
|
[[ -z "$1" ]] && usage
|
||||||
|
|
||||||
server=${1?"The server address is required"}
|
server=${1?"The server address is required"}
|
||||||
cacert=${2?"The path to the ca certificate file is required"}
|
cacert=${2?"The path to the ca certificate file is required"}
|
||||||
client_cert=${3?"The path to the client certificate file is required"}
|
client_cert=${3?"The path to the client certificate file is required"}
|
||||||
client_key=${4?"The path to the client private key file is required"}
|
client_key=${4?"The path to the client private key file is required"}
|
||||||
tls_key=${5?"The path to the TLS shared secret file is required"}
|
tls_key=${5?"The path to the TLS shared secret file is required"}
|
||||||
|
|
||||||
|
# test for readable files
|
||||||
|
for i in "$cacert" "$client_cert" "$client_key" "$tls_key"; do
|
||||||
|
[[ -f "$i" ]] || {
|
||||||
|
echo " I cannot find $i on the filesystem."
|
||||||
|
echo " This could be due to permissions or that you did not define the full path correctly."
|
||||||
|
echo " Check the path and try again."
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
[[ -r "$i" ]] || {
|
||||||
|
echo " I cannot read $i. Try invoking $0 as root."
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
done
|
||||||
[[ -z "$6" ]] && port=1194 || port="$6"
|
[[ -z "$6" ]] && port=1194 || port="$6"
|
||||||
[[ -z "$7" ]] && proto='udp' || proto="$7"
|
[[ -z "$7" ]] && proto='udp' || proto="$7"
|
||||||
|
|
||||||
|
@ -48,22 +64,22 @@ remote-cert-tls server
|
||||||
key-direction 1
|
key-direction 1
|
||||||
<ca>
|
<ca>
|
||||||
EOF
|
EOF
|
||||||
cat ${cacert}
|
cat "${cacert}"
|
||||||
cat << EOF
|
cat << EOF
|
||||||
</ca>
|
</ca>
|
||||||
<cert>
|
<cert>
|
||||||
EOF
|
EOF
|
||||||
cat ${client_cert}
|
cat "${client_cert}"
|
||||||
cat << EOF
|
cat << EOF
|
||||||
</cert>
|
</cert>
|
||||||
<key>
|
<key>
|
||||||
EOF
|
EOF
|
||||||
cat ${client_key}
|
cat "${client_key}"
|
||||||
cat << EOF
|
cat << EOF
|
||||||
</key>
|
</key>
|
||||||
<tls-auth>
|
<tls-auth>
|
||||||
EOF
|
EOF
|
||||||
cat ${tls_key}
|
cat "${tls_key}"
|
||||||
cat << EOF
|
cat << EOF
|
||||||
</tls-auth>
|
</tls-auth>
|
||||||
EOF
|
EOF
|
||||||
|
|
Loading…
Reference in a new issue