Cleanup

extras/vpnupgrade.sh

@@ -29,13 +29,13 @@ os_type=$(lsb_release -si 2>/dev/null)
 os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
 [ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
 case $os_type in
-  *[Uu]buntu*)
+  [Uu]buntu)
     os_type=ubuntu
     ;;
-  *[Dd]ebian*)
+  [Dd]ebian)
     os_type=debian
     ;;
-  *[Rr]aspbian*)
+  [Rr]aspbian)
     os_type=raspbian
     ;;
   *)
@@ -73,7 +73,7 @@ EOF
 esac
 
 ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
-ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey) on .*//')
+ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey).*//')
 swan_ver_old=$(printf '%s' "$ipsec_ver_short" | sed -e 's/Libreswan //')
 if ! printf '%s' "$ipsec_ver" | grep -q "Libreswan"; then
 cat 1>&2 <<'EOF'
@@ -84,12 +84,10 @@ EOF
 fi
 
 swan_ver_cur=4.1
-swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanverupg?arch=$os_arch&ver=$swan_ver_cur&ver2=$SWAN_VER"
+swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanverupg?arch=$os_arch&ver1=$swan_ver_old&ver2=$SWAN_VER"
 swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
-if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
-  swan_ver_latest=$swan_ver_cur
-fi
-if [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
+if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$' \
+  && [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
   echo "Note: A newer version of Libreswan ($swan_ver_latest) is available."
   echo "To update to the new version, exit the script and run:"
   echo "  wget https://git.io/vpnupgrade -O vpnupgrade.sh"
@@ -139,24 +137,22 @@ Version to install: Libreswan $SWAN_VER
 EOF
 
 cat <<'EOF'
-NOTE: This script will make the following changes to your IPsec config:
+NOTE: This script will make the following changes to your VPN configuration:
     - Fix obsolete ipsec.conf and/or ikev2.conf options
     - Optimize VPN ciphers
 
-    Your other VPN configuration files will not be modified.
+    Your other VPN config files will not be modified.
 
 EOF
 
-case $SWAN_VER in
-  3.2[679]|3.3[12])
+if [ "$SWAN_VER" != "4.1" ]; then
 cat <<'EOF'
 WARNING: Older versions of Libreswan could contain known security vulnerabilities.
     See https://libreswan.org/security/ for more information.
     Are you sure you want to install an older version?
 
 EOF
-    ;;
-esac
+fi
 
 printf "Do you want to continue? [y/N] "
 read -r response

extras/vpnupgrade_amzn.sh

@@ -52,7 +52,7 @@ EOF
 esac
 
 ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
-ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey) on .*//')
+ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey).*//')
 swan_ver_old=$(printf '%s' "$ipsec_ver_short" | sed -e 's/Libreswan //')
 if ! printf '%s' "$ipsec_ver" | grep -q "Libreswan"; then
 cat 1>&2 <<'EOF'
@@ -63,12 +63,10 @@ EOF
 fi
 
 swan_ver_cur=4.1
-swan_ver_url="https://dl.ls20.com/v1/amzn/2/swanverupg?arch=$os_arch&ver=$swan_ver_cur&ver2=$SWAN_VER"
+swan_ver_url="https://dl.ls20.com/v1/amzn/2/swanverupg?arch=$os_arch&ver1=$swan_ver_old&ver2=$SWAN_VER"
 swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
-if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
-  swan_ver_latest=$swan_ver_cur
-fi
-if [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
+if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$' \
+  && [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
   echo "Note: A newer version of Libreswan ($swan_ver_latest) is available."
   echo "To update to the new version, exit the script and run:"
   echo "  wget https://git.io/vpnupgrade-amzn -O vpnupgrade.sh"
@@ -118,24 +116,22 @@ Version to install: Libreswan $SWAN_VER
 EOF
 
 cat <<'EOF'
-NOTE: This script will make the following changes to your IPsec config:
+NOTE: This script will make the following changes to your VPN configuration:
     - Fix obsolete ipsec.conf and/or ikev2.conf options
     - Optimize VPN ciphers
 
-    Your other VPN configuration files will not be modified.
+    Your other VPN config files will not be modified.
 
 EOF
 
-case $SWAN_VER in
-  3.2[679]|3.3[12])
+if [ "$SWAN_VER" != "4.1" ]; then
 cat <<'EOF'
 WARNING: Older versions of Libreswan could contain known security vulnerabilities.
     See https://libreswan.org/security/ for more information.
     Are you sure you want to install an older version?
 
 EOF
-    ;;
-esac
+fi
 
 printf "Do you want to continue? [y/N] "
 read -r response

extras/vpnupgrade_centos.sh

@@ -64,7 +64,7 @@ EOF
 esac
 
 ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
-ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey) on .*//')
+ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey).*//')
 swan_ver_old=$(printf '%s' "$ipsec_ver_short" | sed -e 's/Libreswan //')
 if ! printf '%s' "$ipsec_ver" | grep -q "Libreswan"; then
 cat 1>&2 <<'EOF'
@@ -75,12 +75,10 @@ EOF
 fi
 
 swan_ver_cur=4.1
-swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanverupg?arch=$os_arch&ver=$swan_ver_cur&ver2=$SWAN_VER"
+swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanverupg?arch=$os_arch&ver1=$swan_ver_old&ver2=$SWAN_VER"
 swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
-if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
-  swan_ver_latest=$swan_ver_cur
-fi
-if [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
+if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$' \
+  && [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
   echo "Note: A newer version of Libreswan ($swan_ver_latest) is available."
   echo "To update to the new version, exit the script and run:"
   echo "  wget https://git.io/vpnupgrade-centos -O vpnupgrade.sh"
@@ -130,24 +128,22 @@ Version to install: Libreswan $SWAN_VER
 EOF
 
 cat <<'EOF'
-NOTE: This script will make the following changes to your IPsec config:
+NOTE: This script will make the following changes to your VPN configuration:
     - Fix obsolete ipsec.conf and/or ikev2.conf options
     - Optimize VPN ciphers
 
-    Your other VPN configuration files will not be modified.
+    Your other VPN config files will not be modified.
 
 EOF
 
-case $SWAN_VER in
-  3.2[679]|3.3[12])
+if [ "$SWAN_VER" != "4.1" ]; then
 cat <<'EOF'
 WARNING: Older versions of Libreswan could contain known security vulnerabilities.
     See https://libreswan.org/security/ for more information.
     Are you sure you want to install an older version?
 
 EOF
-    ;;
-esac
+fi
 
 printf "Do you want to continue? [y/N] "
 read -r response

vpnsetup.sh

@@ -1,6 +1,7 @@
 #!/bin/sh
 #
 # Script for automatic setup of an IPsec VPN server on Ubuntu and Debian
+# Works on any dedicated server or virtual private server (VPS)
 #
 # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
 #
@@ -52,13 +53,13 @@ os_type=$(lsb_release -si 2>/dev/null)
 os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
 [ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
 case $os_type in
-  *[Uu]buntu*)
+  [Uu]buntu)
     os_type=ubuntu
     ;;
-  *[Dd]ebian*)
+  [Dd]ebian)
     os_type=debian
     ;;
-  *[Rr]aspbian*)
+  [Rr]aspbian)
     os_type=raspbian
     ;;
   *)

vpnsetup_amzn.sh

@@ -1,6 +1,7 @@
 #!/bin/sh
 #
 # Script for automatic setup of an IPsec VPN server on Amazon Linux 2
+# Works on any dedicated server or virtual private server (VPS)
 #
 # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
 #

vpnsetup_centos.sh

@@ -1,6 +1,7 @@
 #!/bin/sh
 #
 # Script for automatic setup of an IPsec VPN server on CentOS/RHEL 7 and 8
+# Works on any dedicated server or virtual private server (VPS)
 #
 # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
 #