ovpn-key 0.6 → 0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/bin/ovpn-key +20 -7
- data/defaults/ovpn-key.yml +1 -1
- data/lib/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 75b4b86d88cbfbac55deafa5ab94d8f306efa10c001e2107bfdb04ac29515969
|
|
4
|
+
data.tar.gz: bab07249832317c9281f055772f0f33ffeb8474be7200bf477b78e3481dea06b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b28955c734a4f52a445fd278a9de148c64ffc2ed67584364d9466d62ce110981779a8a43d90d3de4d573dd03f2d85a23972d289bcdd2093d2dfb89ac342b1eb9
|
|
7
|
+
data.tar.gz: a15d392159908b1d8f2a7a9a95e395ea3ebe875a3ca1df255ec0e622d42aa5e6cf6bef73bdd52ce2cfeac3b566ec1eded257e212a1ee1071d095d012515acb81
|
data/README.md
CHANGED
|
@@ -12,6 +12,8 @@ It supports encrypting `.key` files with a passphrase (there is an option to dis
|
|
|
12
12
|
|
|
13
13
|
It can be used with a non-self signed CA, just place your `ca.key` and `ca.crt` in the keys directory and skip the `--ca` step.
|
|
14
14
|
|
|
15
|
+
It can be used to manage a non-OpenVPN CA, in that case `--zip` step will be useless, but all others will work.
|
|
16
|
+
|
|
15
17
|
For now it should be considered experimental and rather undocumented.
|
|
16
18
|
If you're brave, [let me know](https://github.com/chillum/ovpn-key/issues), where the problems are.
|
|
17
19
|
|
|
@@ -25,10 +27,11 @@ If you're brave, [let me know](https://github.com/chillum/ovpn-key/issues), wher
|
|
|
25
27
|
1. `ovpn-key --init`
|
|
26
28
|
2. edit `ovpn-key.yml` and `openssl.ini`
|
|
27
29
|
3. `ovpn-key --ca --dh --server --nopass`
|
|
28
|
-
4.
|
|
30
|
+
4. `ovpn-key --client somebody`
|
|
31
|
+
5. `ovpn-key --revoke somebody`
|
|
32
|
+
6. add a file with `.ovpn` extension to the directory
|
|
29
33
|
it should contain every setting except for `cert` and `key`
|
|
30
|
-
|
|
31
|
-
6. `ovpn-key --revoke somebody`
|
|
34
|
+
7. `ovpn-key --zip somebody-else`
|
|
32
35
|
|
|
33
36
|
### Configuration
|
|
34
37
|
|
data/bin/ovpn-key
CHANGED
|
@@ -34,11 +34,16 @@ OptionParser.new do |opts|
|
|
|
34
34
|
end
|
|
35
35
|
check_crt(options[:generate_server])
|
|
36
36
|
end
|
|
37
|
-
opts.on("--client [name]", "Generate a client key and
|
|
37
|
+
opts.on("--client [name]", "Generate a client key and sign it") do |v|
|
|
38
38
|
abort "Error: client should have an alphanumeric name" unless v
|
|
39
39
|
check_crt(v)
|
|
40
40
|
options[:generate_client] = v
|
|
41
41
|
end
|
|
42
|
+
opts.on("--zip [name]", "Ditto plus pack it to ZIP with OpenVPN config") do |v|
|
|
43
|
+
abort "Error: client should have an alphanumeric name" unless v
|
|
44
|
+
check_crt(v)
|
|
45
|
+
options[:generate_zip] = v
|
|
46
|
+
end
|
|
42
47
|
opts.on("--revoke [name]", "Revoke a certificate (using crl.pem) and delete it") do |v|
|
|
43
48
|
abort "Please specify what certificate to revoke" unless v
|
|
44
49
|
options[:revoke] = v
|
|
@@ -50,10 +55,14 @@ end.parse!
|
|
|
50
55
|
if ARGV.length > 0
|
|
51
56
|
abort "Error: invalid args: #{ARGV.join ' '}\nSee `#{File.basename $0} -h` for help"
|
|
52
57
|
end
|
|
53
|
-
unless options[:init] || options[:generate_ca] || options[:generate_dh] \
|
|
54
|
-
|| options[:
|
|
58
|
+
unless options[:init] || options[:generate_ca] || options[:generate_dh] || options[:generate_server] \
|
|
59
|
+
|| options[:generate_client] || options[:generate_zip] || options[:revoke]
|
|
55
60
|
abort "See `#{File.basename $0} -h` for usage"
|
|
56
61
|
end
|
|
62
|
+
if options[:generate_client] and options[:generate_zip]
|
|
63
|
+
# I assume that user likely wants one of them and is confused with usage
|
|
64
|
+
abort "There can be only one: --client or --zip"
|
|
65
|
+
end
|
|
57
66
|
File.umask 0077
|
|
58
67
|
|
|
59
68
|
if options[:init]
|
|
@@ -101,6 +110,10 @@ if options[:generate_server]
|
|
|
101
110
|
req('server', options[:generate_server], options[:generate_server])
|
|
102
111
|
end
|
|
103
112
|
if options[:generate_client]
|
|
113
|
+
genrsa('client', options[:generate_client], options[:no_password])
|
|
114
|
+
req('client', options[:generate_client], options[:generate_client])
|
|
115
|
+
end
|
|
116
|
+
if options[:generate_zip]
|
|
104
117
|
ovpn_files = Dir['*.ovpn']
|
|
105
118
|
case ovpn_files.length
|
|
106
119
|
when 1
|
|
@@ -111,17 +124,17 @@ if options[:generate_client]
|
|
|
111
124
|
abort "More than one .ovpn files in current directory, aborting"
|
|
112
125
|
end
|
|
113
126
|
|
|
114
|
-
genrsa('client', options[:
|
|
115
|
-
req('client', options[:
|
|
127
|
+
genrsa('client', options[:generate_zip], options[:no_password])
|
|
128
|
+
req('client', options[:generate_zip], options[:generate_zip])
|
|
116
129
|
|
|
117
130
|
zip_file = File.join(File.expand_path(ZIP_DIR), "#{File.basename ovpn_file, '.ovpn'}.tblk.zip")
|
|
118
131
|
File.delete(zip_file) if File.exist?(zip_file)
|
|
119
132
|
Zip::File.open(zip_file, Zip::File::CREATE) do |zip|
|
|
120
133
|
zip.get_output_stream(ovpn_file) {|f|
|
|
121
134
|
File.open(ovpn_file).each {|line| f.write line}
|
|
122
|
-
f.write "cert #{options[:
|
|
135
|
+
f.write "cert #{options[:generate_zip]}.crt\nkey #{options[:generate_zip]}.key\n"
|
|
123
136
|
}
|
|
124
|
-
[ 'ca.crt', "#{options[:
|
|
137
|
+
[ 'ca.crt', "#{options[:generate_zip]}.crt", "#{options[:generate_zip]}.key"].each {|i|
|
|
125
138
|
zip.add(i, i)
|
|
126
139
|
}
|
|
127
140
|
end
|
data/defaults/ovpn-key.yml
CHANGED
data/lib/version.rb
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
::Version = '0.
|
|
1
|
+
::Version = '0.7'
|