ovpn-key 0.7 → 0.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/ovpn-key +11 -22
- data/lib/functions.rb +12 -2
- data/lib/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da769c59267c3c1bc605a2da314d55b0599e56de6e48dc25ef17ea56ed1af960
|
|
4
|
+
data.tar.gz: eb106210d91f8e5ba367d20d94e72e74f27e1a53a8abd3cf58cf61fc7580f0fb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 44b34a49e1730f3c9bff11022fa63e8cf1426c85a6f737c84b68cafa50be8c4e05110202d40dc1e1bfbfda36d29df02003b6ebd07c489fa21a76dcd8afea8d94
|
|
7
|
+
data.tar.gz: c4370cde04518bc151c64f2fb329718d68eed360080987807ed201103d55f999a84b0fcfd4d96634bc1124e96f419956b2c497046ab9bf957e55590e2882724c
|
data/bin/ovpn-key
CHANGED
|
@@ -13,35 +13,26 @@ options = {}
|
|
|
13
13
|
OptionParser.new do |opts|
|
|
14
14
|
opts.banner = "Usage: #{File.basename $0} <options> [--nopass]"
|
|
15
15
|
opts.on("--init [directory]", "Init a CA directory (defaults to current)") do |v|
|
|
16
|
-
|
|
17
|
-
options[:init] = v
|
|
18
|
-
else
|
|
19
|
-
options[:init] = "."
|
|
20
|
-
end
|
|
16
|
+
options[:init] = v ? v : "."
|
|
21
17
|
end
|
|
22
18
|
opts.on("--ca", "Generate a CA (ca.crt)") do |v|
|
|
23
19
|
check_crt('ca')
|
|
24
20
|
options[:generate_ca] = v
|
|
25
21
|
end
|
|
26
22
|
opts.on("--dh", "Generate a DH keyfile (dh.pem)") do |v|
|
|
23
|
+
# it's safe to rewrite this file
|
|
27
24
|
options[:generate_dh] = v
|
|
28
25
|
end
|
|
29
26
|
opts.on("--server [name]", "Generate a server key (defaults to 'server')") do |v|
|
|
30
|
-
|
|
31
|
-
options[:generate_server] = v
|
|
32
|
-
else
|
|
33
|
-
options[:generate_server] = "server"
|
|
34
|
-
end
|
|
27
|
+
options[:generate_server] = v ? v : "server"
|
|
35
28
|
check_crt(options[:generate_server])
|
|
36
29
|
end
|
|
37
30
|
opts.on("--client [name]", "Generate a client key and sign it") do |v|
|
|
38
|
-
|
|
39
|
-
check_crt(v)
|
|
31
|
+
check_client(v)
|
|
40
32
|
options[:generate_client] = v
|
|
41
33
|
end
|
|
42
34
|
opts.on("--zip [name]", "Ditto plus pack it to ZIP with OpenVPN config") do |v|
|
|
43
|
-
|
|
44
|
-
check_crt(v)
|
|
35
|
+
check_client(v)
|
|
45
36
|
options[:generate_zip] = v
|
|
46
37
|
end
|
|
47
38
|
opts.on("--revoke [name]", "Revoke a certificate (using crl.pem) and delete it") do |v|
|
|
@@ -81,6 +72,7 @@ elsif !File.exist? 'ovpn-key.yml'
|
|
|
81
72
|
begin
|
|
82
73
|
rc = YAML.load_file(File.expand_path '~/.ovpn-key.yml')
|
|
83
74
|
rescue Errno::ENOENT
|
|
75
|
+
# no configuration file in home directory is not an error
|
|
84
76
|
end
|
|
85
77
|
Dir.chdir File.expand_path(rc['cd']) if rc && rc['cd']
|
|
86
78
|
end
|
|
@@ -98,20 +90,18 @@ CN_CA = settings['ca_name'] || 'Certification Authority'
|
|
|
98
90
|
REQ = settings['details']
|
|
99
91
|
|
|
100
92
|
if options[:generate_ca]
|
|
101
|
-
|
|
102
|
-
|
|
93
|
+
gen_key('ca', 'ca', options[:no_password])
|
|
94
|
+
sign_key('ca', 'ca', CN_CA)
|
|
103
95
|
gen_crl
|
|
104
96
|
end
|
|
105
97
|
if options[:generate_dh]
|
|
106
98
|
exe "#{OPENSSL} dhparam -out dh.pem #{KEY_SIZE}"
|
|
107
99
|
end
|
|
108
100
|
if options[:generate_server]
|
|
109
|
-
|
|
110
|
-
req('server', options[:generate_server], options[:generate_server])
|
|
101
|
+
gen_and_sign('server', options[:generate_server], options[:no_password])
|
|
111
102
|
end
|
|
112
103
|
if options[:generate_client]
|
|
113
|
-
|
|
114
|
-
req('client', options[:generate_client], options[:generate_client])
|
|
104
|
+
gen_and_sign('client', options[:generate_client], options[:no_password])
|
|
115
105
|
end
|
|
116
106
|
if options[:generate_zip]
|
|
117
107
|
ovpn_files = Dir['*.ovpn']
|
|
@@ -124,8 +114,7 @@ if options[:generate_zip]
|
|
|
124
114
|
abort "More than one .ovpn files in current directory, aborting"
|
|
125
115
|
end
|
|
126
116
|
|
|
127
|
-
|
|
128
|
-
req('client', options[:generate_zip], options[:generate_zip])
|
|
117
|
+
gen_and_sign('client', options[:generate_zip], options[:no_password])
|
|
129
118
|
|
|
130
119
|
zip_file = File.join(File.expand_path(ZIP_DIR), "#{File.basename ovpn_file, '.ovpn'}.tblk.zip")
|
|
131
120
|
File.delete(zip_file) if File.exist?(zip_file)
|
data/lib/functions.rb
CHANGED
|
@@ -4,11 +4,21 @@ def check_crt filename
|
|
|
4
4
|
}
|
|
5
5
|
end
|
|
6
6
|
|
|
7
|
+
def check_client name
|
|
8
|
+
abort "Error: client should have an alphanumeric name" unless name
|
|
9
|
+
check_crt(name)
|
|
10
|
+
end
|
|
11
|
+
|
|
7
12
|
def exe cmd
|
|
8
13
|
system(cmd) or abort "error executing: #{cmd}"
|
|
9
14
|
end
|
|
10
15
|
|
|
11
|
-
def
|
|
16
|
+
def gen_and_sign type, certname, no_password
|
|
17
|
+
gen_key(type, certname, no_password)
|
|
18
|
+
sign_key(type, certname, certname)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def gen_key type, certname, no_password
|
|
12
22
|
if no_password
|
|
13
23
|
exe "#{OPENSSL} genrsa -out '#{certname}.key' #{KEY_SIZE} -config #{SSL_CONF} -extensions ext.#{type}"
|
|
14
24
|
else
|
|
@@ -16,7 +26,7 @@ def genrsa type, certname, no_password
|
|
|
16
26
|
end
|
|
17
27
|
end
|
|
18
28
|
|
|
19
|
-
def
|
|
29
|
+
def sign_key type, certname, cn
|
|
20
30
|
if certname == 'ca'
|
|
21
31
|
exe "#{OPENSSL} req -new -x509 -key '#{certname}.key' -out '#{certname}.crt' -config #{SSL_CONF} -subj '/CN=#{cn}#{REQ}' -extensions ext.#{type}"
|
|
22
32
|
else
|
data/lib/version.rb
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
::Version = '0.7'
|
|
1
|
+
::Version = '0.7.1'
|