webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

OpenVPN: Show indication when OpenVPN certificates expire

Browse Source 
This will help with #11742 - OpenVPN: No method to replace expired
certificates.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
This commit is contained in:
Michael Tremer
2023-02-22 12:25:33 +00:00
committed by Peter Müller
parent 42d4b88140
commit 498134e5dd
12 changed files with 71 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
doc/language_issues.en
View File

@@ -1413,6 +1413,8 @@ WARNING: untranslated string: only digits allowed in max retries field = Only di
WARNING: untranslated string: only digits allowed in the idle timeout = Only digits allowed in the idle timeout.
WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openssl produced an error = OpenSSL produced an error
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: openvpn client = OpenVPN client
WARNING: untranslated string: openvpn default = Default
WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.

2
doc/language_issues.es
View File

@@ -982,6 +982,8 @@ WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilitie
WARNING: untranslated string: info messages = unknown string
WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname
WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: pakfire ago = ago.
WARNING: untranslated string: route config changed = unknown string
WARNING: untranslated string: routing config added = unknown string

2
doc/language_issues.fr
View File

@@ -946,6 +946,8 @@ WARNING: untranslated string: guardian logtarget_file = unknown string
WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: pakfire ago = ago.
WARNING: untranslated string: route config changed = unknown string
WARNING: untranslated string: routing config added = unknown string

2
doc/language_issues.it
View File

@@ -1174,6 +1174,8 @@ WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: optional = Optional
WARNING: untranslated string: otp qrcode = OTP QRCode
WARNING: untranslated string: outgoing compression in bytes per second = Outgoing compression

2
doc/language_issues.nl
View File

@@ -1197,6 +1197,8 @@ WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: optional = Optional
WARNING: untranslated string: otp qrcode = OTP QRCode
WARNING: untranslated string: outgoing compression in bytes per second = Outgoing compression

2
doc/language_issues.pl
View File

@@ -1355,6 +1355,8 @@ WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: openvpn default = Default
WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.

2
doc/language_issues.ru
View File

@@ -1353,6 +1353,8 @@ WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: openvpn default = Default
WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.

2
doc/language_issues.tr
View File

@@ -1091,6 +1091,8 @@ WARNING: untranslated string: no entries = No entries at the moment.
WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: not validating = Not validating
WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn cert expires soon = Expires Soon
WARNING: untranslated string: openvpn cert has expired = Expired
WARNING: untranslated string: optional = Optional
WARNING: untranslated string: otp qrcode = OTP QRCode
WARNING: untranslated string: ovpn connection name = Connection Name

18
doc/language_missings
View File

@@ -107,6 +107,8 @@
< dns servers
< hardware vulnerabilities
< invalid ip or hostname
< openvpn cert expires soon
< openvpn cert has expired
< service boot setting unavailable
< transport mode does not support vti
< wlanap
@@ -123,6 +125,12 @@
< dhcp fixed ip address in dynamic range
< g.dtm
< g.lite
< guaranteed bandwidth
< retbleed
< service boot setting unavailable
< show dh
< openvpn cert expires soon
< openvpn cert has expired
< upload fcdsl.o
############################################################################
# Checking cgi-bin translations for language: it #
@@ -467,6 +475,8 @@
< one week
< one year
< open connections
< openvpn cert expires soon
< openvpn cert has expired
< optional
< otp qrcode
< outgoing compression in bytes per second
@@ -995,6 +1005,8 @@
< one week
< one year
< open connections
< openvpn cert expires soon
< openvpn cert has expired
< optional
< otp qrcode
< outgoing compression in bytes per second
@@ -1828,6 +1840,8 @@
< one week
< one year
< open connections
< openvpn cert expires soon
< openvpn cert has expired
< openvpn default
< openvpn destination port used
< openvpn disabled
@@ -2812,6 +2826,8 @@
< one week
< one year
< open connections
< openvpn cert expires soon
< openvpn cert has expired
< openvpn default
< openvpn destination port used
< openvpn disabled
@@ -3317,6 +3333,8 @@
< not validating
< okay
< open connections
< openvpn cert expires soon
< openvpn cert has expired
< optional
< otp qrcode
< ovpn connection name

51
html/cgi-bin/ovpnmain.cgi
View File

@@ -33,6 +33,7 @@ use File::Temp qw/ tempfile tempdir /;
use strict;
use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
use Sort::Naturally;
use Date::Parse;
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
@@ -5352,31 +5353,45 @@ END
END
}
if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
if ($id % 2) {
print "<tr>";
$col="bgcolor='$color{'color20'}'";
} else {
print "<tr>";
$col="bgcolor='$color{'color22'}'";
}
print "<td align='center' nowrap='nowrap' $col>$confighash{$key}[1]</td>";
print "<td align='center' nowrap='nowrap' $col>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
#if ($confighash{$key}[4] eq 'cert') {
#print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
#} else {
#print "<td align='left'>&nbsp;</td>";
#}
my @cavalid = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
my $cavalid;
# Fetch information about the certificate
my @cavalid = &General::system_output("/usr/bin/openssl", "x509", "-text",
"-in", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
my $expiryDate = 0;
# Parse the certificate information
foreach my $line (@cavalid) {
if ($line =~ /Not After : (.*)[\n]/) {
$cavalid = $1;
$expiryDate = &Date::Parse::str2time($1);
last;
}
}
# Calculate the remaining time
my $remainingTime = $expiryDate - time();
# Create some simple booleans to check the status
my $hasExpired = ($remainingTime <= 0);
my $expiresSoon = ($remainingTime <= 30 * 24 * 3600);
print "<tr>";
if ($hasExpired || $expiresSoon) {
$col="bgcolor='$color{'color14'}'";
} elsif ($id % 2) {
$col="bgcolor='$color{'color20'}'";
} else {
$col="bgcolor='$color{'color22'}'";
}
print "<td align='center' nowrap='nowrap' $col>$confighash{$key}[1]";
if ($hasExpired) {
print " ($Lang::tr{'openvpn cert has expired'})";
} elsif ($expiresSoon) {
print " ($Lang::tr{'openvpn cert expires soon'})";
}
print "</td>";
print "<td align='center' nowrap='nowrap' $col>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
print "<td align='center' $col>$confighash{$key}[25]</td>";
$col1="bgcolor='${Header::colourred}'";
my $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b>";

2
langs/de/cgi-bin/de.pl
View File

@@ -1884,6 +1884,8 @@
'open connections' => 'Offene Verbindungen',
'open to all' => 'Überschreibe externen Zugang zu ALL',
'openssl produced an error' => 'OpenSSL hat einen Fehler verursacht',
'openvpn cert expires soon' => 'Läuft bald ab',
'openvpn cert has expired' => 'Abgelaufen',
'openvpn client' => 'OpenVPN-Client',
'openvpn default' => 'Vorgabe',
'openvpn destination port used' => 'Der Zielport wird bereits von einer anderen OpenVPN-Server-Instanz genutzt.',

2
langs/en/cgi-bin/en.pl
View File

@@ -1941,6 +1941,8 @@
'open connections' => 'Open Connections',
'open to all' => 'Override external access to ALL',
'openssl produced an error' => 'OpenSSL produced an error',
'openvpn cert expires soon' => 'Expires Soon',
'openvpn cert has expired' => 'Expired',
'openvpn client' => 'OpenVPN client',
'openvpn default' => 'Default',
'openvpn destination port used' => 'The destination port is already used by another OpenVPN server.',