webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
883ec31e3c3e7ec9fa27e65a6c15e2c9effd7e9f
bpfire/config/ovpn/verify
Michael Tremer 4176a1bada openvpn: Fix verify script. 
Former versions of openvpn called the script where the arguments
in the certificate's common name where separated by /.
Now, those are separated by ", " (comma, space).
2013-12-25 15:12:34 +01:00

59 lines
2.4 KiB
Perl
Raw Blame History

#!/usr/bin/perl
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2013 IPFire Team <info@ipfire.org>. #
# #
############################################################################
require '/var/ipfire/general-functions.pl';
my $DEPTH = $ARGV[0];
my $CN = $ARGV[1];
# Exit immediately for every certificate depth other than 0.
exit 0 unless ($DEPTH eq "0");
# Strip the CN from the X509 identifier.
$CN =~ /(\/|,\ )CN=(.*)$/i;
$CN = $2;
my %confighash = ();
if (-f "${General::swroot}/ovpn/ovpnconfig"){
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
foreach my $key (keys %confighash) {
my $cn = $confighash{$key}[2];
# Skip disabled connections.
next unless ($confighash{$key}[0] eq "on");
# Skip non-roadwarrior connections.
next unless ($confighash{$key}[3] eq "host");
# Search for a matching CN.
exit 0 if ($cn eq $CN);
# Compatibility code for incorrectly saved CNs.
$cn =~ s/\ /_/g;
exit 0 if ($cn eq $CN);
}
}
# Return an error if ovpnconfig could not be found.
exit 1;
Reference in New Issue View Git Blame Copy Permalink