[Astlinux-commits] SF.net SVN: astlinux:[5957] branches/1.0

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 5957
          http://astlinux.svn.sourceforge.net/astlinux/?rev=5957&view=rev
Author:   abelbeck
Date:     2013-02-16 20:53:24 +0000 (Sat, 16 Feb 2013)
Log Message:
-----------
openvpn, add optional tls-auth support for both server and client, OVPN_TA and OVPNC_TA variables

Modified Paths:
--------------
    branches/1.0/package/openvpn/openvpn.init
    branches/1.0/package/openvpn/openvpnclient.init
    branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf

Modified: branches/1.0/package/openvpn/openvpn.init
===================================================================

--- branches/1.0/package/openvpn/openvpn.init	2013-02-15 18:40:33 UTC (rev 5956)
+++ branches/1.0/package/openvpn/openvpn.init	2013-02-16 20:53:24 UTC (rev 5957)
@@ -55,7 +55,8 @@
 ca $OVPN_CA
 cert $OVPN_CERT
 key $OVPN_KEY
-dh $OVPN_DH
+dh $OVPN_DH${OVPN_TA:+
+tls-auth $OVPN_TA 0}
 server $OVPN_SERVER${OVPN_SERVERV6:+
 server-ipv6 $OVPN_SERVERV6}
 verb $OVPN_VERBOSITY" > /tmp/etc/openvpn.conf
@@ -128,9 +129,8 @@
 start () {
   if [ -f $lock ]; then
     # we were not shut down correctly
-    kill `cat $pid` >/dev/null 2>&1
-    rm -f $pid
-    rm -f $lock
+    kill $(cat $pid) >/dev/null 2>&1
+    rm -f $pid $lock
     sleep 2
   fi
 
@@ -146,9 +146,8 @@
 stop () {
   if [ -f $pid ]; then
     echo "Stopping OpenVPN Server..."
-    kill `cat $pid` >/dev/null 2>&1
-    rm -f $pid
-    rm -f $lock
+    kill $(cat $pid) >/dev/null 2>&1
+    rm -f $pid $lock
   fi
 }
 

Modified: branches/1.0/package/openvpn/openvpnclient.init
===================================================================
--- branches/1.0/package/openvpn/openvpnclient.init	2013-02-15 18:40:33 UTC (rev 5956)
+++ branches/1.0/package/openvpn/openvpnclient.init	2013-02-16 20:53:24 UTC (rev 5957)
@@ -54,7 +54,8 @@
 proto $OVPNC_PROTOCOL
 ca $OVPNC_CA
 cert $OVPNC_CERT
-key $OVPNC_KEY
+key $OVPNC_KEY${OVPNC_TA:+
+tls-auth $OVPNC_TA 1}
 verb $OVPNC_VERBOSITY" > /tmp/etc/openvpnclient.conf
 
     IFS=$'\n'
@@ -94,9 +95,8 @@
 start () {
   if [ -f $lock ]; then
     # we were not shut down correctly
-    kill `cat $pid` >/dev/null 2>&1
-    rm -f $pid
-    rm -f $lock
+    kill $(cat $pid) >/dev/null 2>&1
+    rm -f $pid $lock
     sleep 2
   fi
 
@@ -112,9 +112,8 @@
 stop () {
   if [ -f $pid ]; then
     echo "Stopping OpenVPN Client..."
-    kill `cat $pid` >/dev/null 2>&1
-    rm -f $pid
-    rm -f $lock
+    kill $(cat $pid) >/dev/null 2>&1
+    rm -f $pid $lock
   fi
 }
 

Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf	2013-02-15 18:40:33 UTC (rev 5956)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf	2013-02-16 20:53:24 UTC (rev 5957)
@@ -495,6 +495,7 @@
 #OVPN_CERT="/etc/openvpn/easy-rsa/keys/server.crt"
 #OVPN_KEY="/etc/openvpn/easy-rsa/keys/server.key"
 #OVPN_DH="/etc/openvpn/easy-rsa/keys/dh1024.pem"
+#OVPN_TA="/etc/openvpn/ta.key"       # optional tls-auth shared key
 #OVPN_HOSTNAME="vpn.example.com"     # DNS name, IPv4 or IPv6 address of OpenVPN Server - Only used by the web interface.
 #OVPN_SERVER="10.8.0.0 255.255.255.0"
 #OVPN_SERVERV6="2001:db8:108::1/64"  # valid OVPN_SERVER also required if defined
@@ -552,6 +553,7 @@
 #OVPNC_CA="/etc/openvpn/client/ca.crt"
 #OVPNC_CERT="/etc/openvpn/client/client.crt"
 #OVPNC_KEY="/etc/openvpn/client/client.key"
+#OVPNC_TA="/etc/openvpn/client/ta.key"       # optional tls-auth shared key
 #OVPNC_SERVER="10.8.0.0 255.255.255.0"
 #OVPNC_VERBOSITY="1"
 ##

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



