Commit e33ded5d authored by Janek Bevendorff's avatar Janek Bevendorff

Fix OVPN generation when no key file is given.

parent 4c245f7d
......@@ -176,21 +176,22 @@ resolve_ca_chain() {
done
}
# Usage: OUT_FILE KEY CERT CA_CERT
# Usage: OUT_FILE CERT CA_CERT [KEY]
generate_ovpn_file() {
if [ "$2" == "" ]; then
if [ "$4" != "" ]; then
echo "Password to encrypt private key in .ovpn config file: " >&2
local pem="$(openssl rsa -aes256 -in $2)"
local pem="$(openssl rsa -aes256 -in $4)"
while [ "$pem" == "" ]; do
logError "Invalid passphrase, please try again."
local pem="$(openssl rsa -aes256 -in $2)"
local pem="$(openssl rsa -aes256 -in $4)"
done
fi
local out_file="$1"
if ! $(echo "$out_file" | grep -q '\.ovpn$'); then
out_file="${out_file}.ovpn"
fi
local out_file="$1"
if ! $(echo "$out_file" | grep -q '\.ovpn$'); then
out_file="${out_file}.ovpn"
fi
cat <<EOL > "$out_file"
client
remote vpn.webis.de
......@@ -206,11 +207,11 @@ $pem
</key>
<cert>
$(cat "$3")
$(cat "$2")
</cert>
<ca>
$(resolve_ca_chain $4)
$(resolve_ca_chain "$3")
</ca>
EOL
......@@ -304,8 +305,7 @@ issue() {
if [ "$FLAGS_type" == "client" ]; then
logInfo "Writing .ovpn file..."
ROOT_CA_CERT="$(dirname $ROOT_CERT)/Webis_Root_CA.crt"
generate_ovpn_file "$FLAGS_out" "$KEY" "$CERT" "$ROOT_CERT"
generate_ovpn_file "$FLAGS_out" "$CERT" "$ROOT_CERT" "$KEY"
fi
if $DELETE_KEY; then
# delete private key after generating ovpn file
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment