openvpn: Prevent failures when regenerating user certificate

Set unique_subject attribute to no in index.txt.attr file. This allows regenerating a certificate for a user. Signed-off-by: Hemanth Kumar Veeranki <hemanthveeranki@gmail.com>
2026-02-04 08:13:38 +00:00 · 2017-03-28 21:10:32 +05:30 · 2017-03-28 21:10:32 +05:30 · 04cadbc82f
commit 04cadbc82f
parent 4feb0c7a01
1 changed files with 23 additions and 1 deletions
--- a/actions/openvpn
+++ b/actions/openvpn
@ -24,6 +24,7 @@ Configuration helper for OpenVPN server.
 import argparse
 import os
 import subprocess
+import augeas

 from plinth import action_utils

@ -36,6 +37,7 @@ SERVER_CONFIGURATION_PATH = '/etc/openvpn/freedombox.conf'
 CA_CERTIFICATE_PATH = KEYS_DIRECTORY + '/ca.crt'
 USER_CERTIFICATE_PATH = KEYS_DIRECTORY + '/{username}.crt'
 USER_KEY_PATH = KEYS_DIRECTORY + '/{username}.key'
+ATTR_FILE = KEYS_DIRECTORY + '/index.txt.attr'

 SERVER_CONFIGURATION = '''
 port 1194
@ -145,6 +147,7 @@ def _create_certificates():
    except FileExistsError:
        pass

+    set_unique_subject('no')  # Set unique subject in ATTR_FILE to no
    subprocess.check_call(['/usr/share/easy-rsa/clean-all'], **COMMON_ARGS)
    subprocess.check_call(['/usr/share/easy-rsa/pkitool', '--initca'],
                          **COMMON_ARGS)
@ -180,8 +183,15 @@ def subcommand_get_profile(arguments):
    print(profile)


+def set_unique_subject(value):
+    """ Sets the unique_subject value to a particular value"""
+    aug = load_augeas()
+    aug.set('/files' + ATTR_FILE + '/unique_subject', value)
+    aug.save()
+
+
 def _read_file(filename):
-    """Return the entire contens of a file as string."""
+    """Return the entire contents of a file as string."""
    with open(filename, 'r') as file_handle:
        return ''.join(file_handle.readlines())

@ -191,6 +201,18 @@ def _is_non_empty_file(filepath):
    return os.path.isfile(filepath) and os.path.getsize(filepath) > 0


+def load_augeas():
+    """Initialize Augeas."""
+    aug = augeas.Augeas(flags=augeas.Augeas.NO_LOAD +
+                              augeas.Augeas.NO_MODL_AUTOLOAD)
+
+    # shell-script config file lens
+    aug.set('/augeas/load/Simplevars/lens', 'Simplevars.lns')
+    aug.set('/augeas/load/Simplevars/incl[last() + 1]', ATTR_FILE)
+    aug.load()
+    return aug
+
+
 def main():
    """Parse arguments and perform all duties."""
    arguments = parse_arguments()