knife-openvpn 0.0.5 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +4 -0
- data/CHANGELOG.md +3 -0
- data/knife-openvpn.gemspec +1 -1
- data/lib/chef/knife/openvpn.rb +26 -19
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aff7e11b6411be2b86730f40fd83dcbce657bd51
|
|
4
|
+
data.tar.gz: e0ca84c8956e28d8afd1fc0fffbbf7790d091261
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: acd8bceffc2342824622ac68f109eef5b2b2a2d93b0049d43a8abe1f3d5e5fa7f7a48c11753b8c5c3def78885ea9aa17dd7aeca5adc9b716ad3de7582c2ec816
|
|
7
|
+
data.tar.gz: 24898768d4ef2e448aba8667c6427db3578febe7023df299b365d74333bc2d18faa9f71a4b7c3a96f97edbb95ea3c7ccb5a917c5172ecdae470b7a382c0e52a0
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
data/knife-openvpn.gemspec
CHANGED
|
@@ -3,7 +3,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
|
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |gem|
|
|
5
5
|
gem.name = 'knife-openvpn'
|
|
6
|
-
gem.version = '0.0.
|
|
6
|
+
gem.version = '0.0.6'
|
|
7
7
|
gem.summary = 'A knife plugin for Express 42 openvpn cookbook'
|
|
8
8
|
gem.description = gem.summary
|
|
9
9
|
gem.authors = ['LLC Express 42']
|
data/lib/chef/knife/openvpn.rb
CHANGED
|
@@ -135,24 +135,27 @@ module OpenvpnPlugin
|
|
|
135
135
|
end
|
|
136
136
|
|
|
137
137
|
def issue_crl(revoke_info, serial, lastup, nextup, extensions,
|
|
138
|
-
|
|
138
|
+
issuer, issuer_key, digest)
|
|
139
139
|
crl = OpenSSL::X509::CRL.new
|
|
140
140
|
crl.issuer = issuer.subject
|
|
141
141
|
crl.version = 1
|
|
142
142
|
crl.last_update = lastup
|
|
143
143
|
crl.next_update = nextup
|
|
144
|
-
revoke_info.each do|rserial, time, reason_code|
|
|
144
|
+
revoke_info.each do |rserial, time, reason_code|
|
|
145
145
|
revoked = OpenSSL::X509::Revoked.new
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
146
|
+
|
|
147
|
+
revoked.serial = if rserial.is_a? OpenSSL::BN
|
|
148
|
+
rserial
|
|
149
|
+
else
|
|
150
|
+
OpenSSL::BN.new(rserial)
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
revoked.time = if time.is_a?
|
|
154
|
+
time
|
|
155
|
+
else
|
|
156
|
+
Time.parse(time)
|
|
157
|
+
end
|
|
158
|
+
|
|
156
159
|
enum = OpenSSL::ASN1::Enumerated(reason_code)
|
|
157
160
|
ext = OpenSSL::X509::Extension.new('CRLReason', enum)
|
|
158
161
|
revoked.add_extension(ext)
|
|
@@ -163,7 +166,7 @@ module OpenvpnPlugin
|
|
|
163
166
|
ef.crl = crl
|
|
164
167
|
crlnum = OpenSSL::ASN1::Integer(serial)
|
|
165
168
|
crl.add_extension(OpenSSL::X509::Extension.new('crlNumber', crlnum))
|
|
166
|
-
extensions.each do|oid, value, critical|
|
|
169
|
+
extensions.each do |oid, value, critical|
|
|
167
170
|
crl.add_extension(ef.create_extension(oid, value, critical))
|
|
168
171
|
end
|
|
169
172
|
crl.sign(issuer_key, digest)
|
|
@@ -374,11 +377,9 @@ module OpenvpnPlugin
|
|
|
374
377
|
user_item = load_databag_item(databag_name, user_name)
|
|
375
378
|
user_cert, _user_key = load_cert_and_key user_item['cert'], user_item['key']
|
|
376
379
|
tmpdir = Dir.mktmpdir
|
|
377
|
-
ui.msg "created tmpdir: #{tmpdir}"
|
|
378
380
|
begin
|
|
379
381
|
user_dir = "#{tmpdir}/#{user_name}-vpn"
|
|
380
382
|
Dir.mkdir user_dir
|
|
381
|
-
ui.msg "created userdir: #{user_dir}"
|
|
382
383
|
export_file "#{user_dir}/ca.crt", ca_cert.to_pem
|
|
383
384
|
export_file "#{user_dir}/#{user_name}.crt", user_cert.to_pem
|
|
384
385
|
export_file "#{user_dir}/#{user_name}.key", user_item['key'].to_s
|
|
@@ -405,8 +406,8 @@ module OpenvpnPlugin
|
|
|
405
406
|
query = "openvpn_server_name:#{server_name}"
|
|
406
407
|
query_nodes = Chef::Search::Query.new
|
|
407
408
|
search_result = query_nodes.search('node', query)[0]
|
|
408
|
-
if search_result.
|
|
409
|
-
fail_with "Cant find vpn server named '#{server_name}'"
|
|
409
|
+
if search_result.empty?
|
|
410
|
+
fail_with "Cant find vpn server named '#{server_name}', chef search for node with attribute openvpn.server_name:#{server_name} return no result"
|
|
410
411
|
end
|
|
411
412
|
config_content = ''
|
|
412
413
|
newline = "\n"
|
|
@@ -416,8 +417,14 @@ module OpenvpnPlugin
|
|
|
416
417
|
config_content << "dev #{config['dev']}" << newline
|
|
417
418
|
config_content << "proto #{config['proto']}" << newline
|
|
418
419
|
search_result.each do |result|
|
|
419
|
-
|
|
420
|
-
|
|
420
|
+
if result['openvpn'][server_name]['remote'].nil?
|
|
421
|
+
config_content << "remote #{result['openvpn'][server_name]['remote_host']} "
|
|
422
|
+
config_content << config['port'].to_s << newline
|
|
423
|
+
else
|
|
424
|
+
result['openvpn'][server_name]['remote'].each do |remote|
|
|
425
|
+
config_content << "remote #{remote}" << newline
|
|
426
|
+
end
|
|
427
|
+
end
|
|
421
428
|
end
|
|
422
429
|
config_content << "verb #{config['verb']}" << newline
|
|
423
430
|
config_content << 'comp-lzo' << newline
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: knife-openvpn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- LLC Express 42
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-09-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: A knife plugin for Express 42 openvpn cookbook
|
|
14
14
|
email: cookbooks@express42.com
|
|
@@ -45,7 +45,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
45
45
|
version: '0'
|
|
46
46
|
requirements: []
|
|
47
47
|
rubyforge_project:
|
|
48
|
-
rubygems_version: 2.
|
|
48
|
+
rubygems_version: 2.5.2
|
|
49
49
|
signing_key:
|
|
50
50
|
specification_version: 4
|
|
51
51
|
summary: A knife plugin for Express 42 openvpn cookbook
|