nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-05-27 10:44:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

openvpn: Prevent failures when regenerating user certificate

Browse Source 
Set unique_subject attribute to no in index.txt.attr file.  This
allows regenerating a certificate for a user.

Signed-off-by: Hemanth Kumar Veeranki <hemanthveeranki@gmail.com>
This commit is contained in:
Hemanth Kumar Veeranki 2017-03-28 21:10:32 +05:30 committed by Sunil Mohan Adapa
parent 4feb0c7a01
commit 04cadbc82f
No known key found for this signature in database
GPG Key ID: 43EA1CFF0AA7C5F2
1 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
actions/openvpn
View File

@ -24,6 +24,7 @@ Configuration helper for OpenVPN server.
import argparse import argparse
import os import os
import subprocess import subprocess
import augeas
from plinth import action_utils from plinth import action_utils
@ -36,6 +37,7 @@ SERVER_CONFIGURATION_PATH = '/etc/openvpn/freedombox.conf'
CA_CERTIFICATE_PATH = KEYS_DIRECTORY + '/ca.crt' CA_CERTIFICATE_PATH = KEYS_DIRECTORY + '/ca.crt'
USER_CERTIFICATE_PATH = KEYS_DIRECTORY + '/{username}.crt' USER_CERTIFICATE_PATH = KEYS_DIRECTORY + '/{username}.crt'
USER_KEY_PATH = KEYS_DIRECTORY + '/{username}.key' USER_KEY_PATH = KEYS_DIRECTORY + '/{username}.key'
ATTR_FILE = KEYS_DIRECTORY + '/index.txt.attr'
SERVER_CONFIGURATION = ''' SERVER_CONFIGURATION = '''
port 1194 port 1194
@ -145,6 +147,7 @@ def _create_certificates():
except FileExistsError: except FileExistsError:
pass pass
set_unique_subject('no') # Set unique subject in ATTR_FILE to no
subprocess.check_call(['/usr/share/easy-rsa/clean-all'], **COMMON_ARGS) subprocess.check_call(['/usr/share/easy-rsa/clean-all'], **COMMON_ARGS)
subprocess.check_call(['/usr/share/easy-rsa/pkitool', '--initca'], subprocess.check_call(['/usr/share/easy-rsa/pkitool', '--initca'],
**COMMON_ARGS) **COMMON_ARGS)
@ -180,8 +183,15 @@ def subcommand_get_profile(arguments):
print(profile) print(profile)
def set_unique_subject(value):
""" Sets the unique_subject value to a particular value"""
aug = load_augeas()
aug.set('/files' + ATTR_FILE + '/unique_subject', value)
aug.save()
def _read_file(filename): def _read_file(filename):
"""Return the entire contens of a file as string.""" """Return the entire contents of a file as string."""
with open(filename, 'r') as file_handle: with open(filename, 'r') as file_handle:
return ''.join(file_handle.readlines()) return ''.join(file_handle.readlines())
@ -191,6 +201,18 @@ def _is_non_empty_file(filepath):
return os.path.isfile(filepath) and os.path.getsize(filepath) > 0 return os.path.isfile(filepath) and os.path.getsize(filepath) > 0
def load_augeas():
"""Initialize Augeas."""
aug = augeas.Augeas(flags=augeas.Augeas.NO_LOAD +
augeas.Augeas.NO_MODL_AUTOLOAD)
# shell-script config file lens
aug.set('/augeas/load/Simplevars/lens', 'Simplevars.lns')
aug.set('/augeas/load/Simplevars/incl[last() + 1]', ATTR_FILE)
aug.load()
return aug
def main(): def main():
"""Parse arguments and perform all duties.""" """Parse arguments and perform all duties."""
arguments = parse_arguments() arguments = parse_arguments()