ovpn-key 0.6 → 0.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/bin/ovpn-key +20 -7
- data/defaults/ovpn-key.yml +1 -1
- data/lib/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 75b4b86d88cbfbac55deafa5ab94d8f306efa10c001e2107bfdb04ac29515969
|
|
4
|
+
data.tar.gz: bab07249832317c9281f055772f0f33ffeb8474be7200bf477b78e3481dea06b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b28955c734a4f52a445fd278a9de148c64ffc2ed67584364d9466d62ce110981779a8a43d90d3de4d573dd03f2d85a23972d289bcdd2093d2dfb89ac342b1eb9
|
|
7
|
+
data.tar.gz: a15d392159908b1d8f2a7a9a95e395ea3ebe875a3ca1df255ec0e622d42aa5e6cf6bef73bdd52ce2cfeac3b566ec1eded257e212a1ee1071d095d012515acb81
|
data/README.md
CHANGED
|
@@ -12,6 +12,8 @@ It supports encrypting `.key` files with a passphrase (there is an option to dis
|
|
|
12
12
|
|
|
13
13
|
It can be used with a non-self signed CA, just place your `ca.key` and `ca.crt` in the keys directory and skip the `--ca` step.
|
|
14
14
|
|
|
15
|
+
It can be used to manage a non-OpenVPN CA, in that case `--zip` step will be useless, but all others will work.
|
|
16
|
+
|
|
15
17
|
For now it should be considered experimental and rather undocumented.
|
|
16
18
|
If you're brave, [let me know](https://github.com/chillum/ovpn-key/issues), where the problems are.
|
|
17
19
|
|
|
@@ -25,10 +27,11 @@ If you're brave, [let me know](https://github.com/chillum/ovpn-key/issues), wher
|
|
|
25
27
|
1. `ovpn-key --init`
|
|
26
28
|
2. edit `ovpn-key.yml` and `openssl.ini`
|
|
27
29
|
3. `ovpn-key --ca --dh --server --nopass`
|
|
28
|
-
4.
|
|
30
|
+
4. `ovpn-key --client somebody`
|
|
31
|
+
5. `ovpn-key --revoke somebody`
|
|
32
|
+
6. add a file with `.ovpn` extension to the directory
|
|
29
33
|
it should contain every setting except for `cert` and `key`
|
|
30
|
-
|
|
31
|
-
6. `ovpn-key --revoke somebody`
|
|
34
|
+
7. `ovpn-key --zip somebody-else`
|
|
32
35
|
|
|
33
36
|
### Configuration
|
|
34
37
|
|
data/bin/ovpn-key
CHANGED
|
@@ -34,11 +34,16 @@ OptionParser.new do |opts|
|
|
|
34
34
|
end
|
|
35
35
|
check_crt(options[:generate_server])
|
|
36
36
|
end
|
|
37
|
-
opts.on("--client [name]", "Generate a client key and
|
|
37
|
+
opts.on("--client [name]", "Generate a client key and sign it") do |v|
|
|
38
38
|
abort "Error: client should have an alphanumeric name" unless v
|
|
39
39
|
check_crt(v)
|
|
40
40
|
options[:generate_client] = v
|
|
41
41
|
end
|
|
42
|
+
opts.on("--zip [name]", "Ditto plus pack it to ZIP with OpenVPN config") do |v|
|
|
43
|
+
abort "Error: client should have an alphanumeric name" unless v
|
|
44
|
+
check_crt(v)
|
|
45
|
+
options[:generate_zip] = v
|
|
46
|
+
end
|
|
42
47
|
opts.on("--revoke [name]", "Revoke a certificate (using crl.pem) and delete it") do |v|
|
|
43
48
|
abort "Please specify what certificate to revoke" unless v
|
|
44
49
|
options[:revoke] = v
|
|
@@ -50,10 +55,14 @@ end.parse!
|
|
|
50
55
|
if ARGV.length > 0
|
|
51
56
|
abort "Error: invalid args: #{ARGV.join ' '}\nSee `#{File.basename $0} -h` for help"
|
|
52
57
|
end
|
|
53
|
-
unless options[:init] || options[:generate_ca] || options[:generate_dh] \
|
|
54
|
-
|| options[:
|
|
58
|
+
unless options[:init] || options[:generate_ca] || options[:generate_dh] || options[:generate_server] \
|
|
59
|
+
|| options[:generate_client] || options[:generate_zip] || options[:revoke]
|
|
55
60
|
abort "See `#{File.basename $0} -h` for usage"
|
|
56
61
|
end
|
|
62
|
+
if options[:generate_client] and options[:generate_zip]
|
|
63
|
+
# I assume that user likely wants one of them and is confused with usage
|
|
64
|
+
abort "There can be only one: --client or --zip"
|
|
65
|
+
end
|
|
57
66
|
File.umask 0077
|
|
58
67
|
|
|
59
68
|
if options[:init]
|
|
@@ -101,6 +110,10 @@ if options[:generate_server]
|
|
|
101
110
|
req('server', options[:generate_server], options[:generate_server])
|
|
102
111
|
end
|
|
103
112
|
if options[:generate_client]
|
|
113
|
+
genrsa('client', options[:generate_client], options[:no_password])
|
|
114
|
+
req('client', options[:generate_client], options[:generate_client])
|
|
115
|
+
end
|
|
116
|
+
if options[:generate_zip]
|
|
104
117
|
ovpn_files = Dir['*.ovpn']
|
|
105
118
|
case ovpn_files.length
|
|
106
119
|
when 1
|
|
@@ -111,17 +124,17 @@ if options[:generate_client]
|
|
|
111
124
|
abort "More than one .ovpn files in current directory, aborting"
|
|
112
125
|
end
|
|
113
126
|
|
|
114
|
-
genrsa('client', options[:
|
|
115
|
-
req('client', options[:
|
|
127
|
+
genrsa('client', options[:generate_zip], options[:no_password])
|
|
128
|
+
req('client', options[:generate_zip], options[:generate_zip])
|
|
116
129
|
|
|
117
130
|
zip_file = File.join(File.expand_path(ZIP_DIR), "#{File.basename ovpn_file, '.ovpn'}.tblk.zip")
|
|
118
131
|
File.delete(zip_file) if File.exist?(zip_file)
|
|
119
132
|
Zip::File.open(zip_file, Zip::File::CREATE) do |zip|
|
|
120
133
|
zip.get_output_stream(ovpn_file) {|f|
|
|
121
134
|
File.open(ovpn_file).each {|line| f.write line}
|
|
122
|
-
f.write "cert #{options[:
|
|
135
|
+
f.write "cert #{options[:generate_zip]}.crt\nkey #{options[:generate_zip]}.key\n"
|
|
123
136
|
}
|
|
124
|
-
[ 'ca.crt', "#{options[:
|
|
137
|
+
[ 'ca.crt', "#{options[:generate_zip]}.crt", "#{options[:generate_zip]}.key"].each {|i|
|
|
125
138
|
zip.add(i, i)
|
|
126
139
|
}
|
|
127
140
|
end
|
data/defaults/ovpn-key.yml
CHANGED
data/lib/version.rb
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
::Version = '0.
|
|
1
|
+
::Version = '0.7'
|