Linux-Help
/
ovpngen
mirror of
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update for v2.4.0 of openvpn

This commit is contained in:
graysky 2016-12-30 10:04:16 -05:00
parent 16bce04c29
commit a506341991
2 changed files with 32 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -13,7 +13,7 @@ Invoke the script with 5 tokens and the profile is outputted to stdout.
### Example ### Example
``` ```
sudo ./ovpngen titty.nipples.org /etc/openvpn/ca.crt /etc/easy-rsa/pki/signed/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/ta.key > iphone.ovpn sudo ./ovpngen titty.nipples.org /etc/openvpn/server/ca.crt /etc/easy-rsa/pki/signed/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/server/ta.key > iphone.ovpn
``` ```
The resulting myprofile.ovpn can be edited if desired. The resulting myprofile.ovpn can be edited if desired.

54
ovpngen
View File

@ -1,25 +1,31 @@
#!/bin/bash #!/bin/bash
## Tested and works with OpenVPN Connect 1.0.7 build 199 (iOS 64-bit) on iOS 9.3.3 ## Tested and works with OpenVPN Connect 1.0.7 build 199 (iOS 64-bit) on iOS 10.2
## ##
## Majority of the credit goes to the script's original author, trovao ## Majority of the credit goes to the script's original author, trovao
## Link to original script: https://gist.github.com/trovao/18e428b5a758df24455b ## Link to original script: https://gist.github.com/trovao/18e428b5a758df24455b
usage() { usage() {
echo "Usage: $0 SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET PORT PROTO" echo "Usage: $0 SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET PORT PROTO"
echo echo
echo "The first 5 tokens are required while the last are optional" cat << EOF
echo " SERVER = Fully qualified domain name" The first 5 tokens are required while the last are optional
echo " CA_CERT = Full path to the CA cert" SERVER = Fully qualified domain name
echo " CLIENT_CERT = Full path to the client cert" CA_CERT = Full path to the CA cert
echo " CLIENT_KEY = Full path to the client private key" CLIENT_CERT = Full path to the client cert
echo " SHARED_SECRET = Full path to the server TLS shared secret key" CLIENT_KEY = Full path to the client private key
echo " PORT = Port number (defaults to 1194 if left blank)" SHARED_SECRET = Full path to the server TLS shared secret key
echo " PROTO = Protocol (defaults to udp if left blank)" PORT = Port number (defaults to 1194 if left blank)
echo PROTO = Protocol (defaults to udp if left blank)
echo "For example:" EOF
echo "ovpngen titty.nipples.org /etc/openvpn/ca.crt /etc/easy-rsa/pki/signed/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/ta.key > iphone.ovpn" echo
exit 0 echo 'For example:'
echo ' ovpngen titty.nipples.org \'
echo ' /etc/openvpn/server/ca.crt \'
echo ' /etc/easy-rsa/pki/signed/client.crt \'
echo ' /etc/easy-rsa/pki/private/client.key \'
echo ' /etc/openvpn/server/ta.key > iphone.ovpn'
exit 0
} }
[[ -z "$1" ]] && usage [[ -z "$1" ]] && usage
@ -32,15 +38,15 @@ tls_key=${5?"The path to the TLS shared secret file is required"}
# test for readable files # test for readable files
for i in "$cacert" "$client_cert" "$client_key" "$tls_key"; do for i in "$cacert" "$client_cert" "$client_key" "$tls_key"; do
[[ -f "$i" ]] || { [[ -f "$i" ]] || {
echo " I cannot find $i on the filesystem." echo " I cannot find $i on the filesystem."
echo " This could be due to permissions or that you did not define the full path correctly." echo " This could be due to permissions or that you did not define the full path correctly."
echo " Check the path and try again." echo " Check the path and try again."
exit 1 exit 1
} }
[[ -r "$i" ]] || { [[ -r "$i" ]] || {
echo " I cannot read $i. Try invoking $0 as root." echo " I cannot read $i. Try invoking $0 as root."
exit 1 exit 1
} }
done done
[[ -z "$6" ]] && port=1194 || port="$6" [[ -z "$6" ]] && port=1194 || port="$6"
@ -83,3 +89,5 @@ cat "${tls_key}"
cat << EOF cat << EOF
</tls-auth> </tls-auth>
EOF EOF
# vim:set ts=2 sw=2 et: