Improve OS support
- Make the VPN setup scripts work on Kali Linux (based on Debian). - Update IKEv2 helper script to check for OpenSSL 3 first when exporting the .p12 file.
This commit is contained in:
parent
e2f211c678
commit
4995ec03f5
@ -76,7 +76,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
@ -763,17 +763,7 @@ export_p12_file() {
|
|||||||
p12_file="$export_dir$client_name.p12"
|
p12_file="$export_dir$client_name.p12"
|
||||||
p12_file_enc="$export_dir$client_name.enc.p12"
|
p12_file_enc="$export_dir$client_name.enc.p12"
|
||||||
pk12util -W "$p12_password" -d "$CERT_DB" -n "$client_name" -o "$p12_file_enc" >/dev/null || exit 1
|
pk12util -W "$p12_password" -d "$CERT_DB" -n "$client_name" -o "$p12_file_enc" >/dev/null || exit 1
|
||||||
if [ "$os_type" = "alpine" ] || { [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "11" ]; }; then
|
if [ "$os_ver" = "bookwormsid" ] || openssl version 2>/dev/null | grep -q "^OpenSSL 3"; then
|
||||||
pem_file="$export_dir$client_name.temp.pem"
|
|
||||||
openssl pkcs12 -in "$p12_file_enc" -out "$pem_file" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
|
|
||||||
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file_enc" \
|
|
||||||
-name "$client_name" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
|
|
||||||
if [ "$use_config_password" = "0" ]; then
|
|
||||||
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file" \
|
|
||||||
-name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
|
|
||||||
fi
|
|
||||||
/bin/rm -f "$pem_file"
|
|
||||||
elif [ "$os_ver" = "bookwormsid" ] || openssl version 2>/dev/null | grep -q "^OpenSSL 3"; then
|
|
||||||
ca_crt="$export_dir$client_name.ca.crt"
|
ca_crt="$export_dir$client_name.ca.crt"
|
||||||
client_crt="$export_dir$client_name.client.crt"
|
client_crt="$export_dir$client_name.client.crt"
|
||||||
client_key="$export_dir$client_name.client.key"
|
client_key="$export_dir$client_name.client.key"
|
||||||
@ -791,6 +781,16 @@ export_p12_file() {
|
|||||||
-legacy -name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
|
-legacy -name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
|
||||||
fi
|
fi
|
||||||
/bin/rm -f "$pem_file"
|
/bin/rm -f "$pem_file"
|
||||||
|
elif [ "$os_type" = "alpine" ] || [ "$os_ver" = "kalirolling" ] || [ "$os_type$os_ver" = "ubuntu11" ]; then
|
||||||
|
pem_file="$export_dir$client_name.temp.pem"
|
||||||
|
openssl pkcs12 -in "$p12_file_enc" -out "$pem_file" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
|
||||||
|
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file_enc" \
|
||||||
|
-name "$client_name" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
|
||||||
|
if [ "$use_config_password" = "0" ]; then
|
||||||
|
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file" \
|
||||||
|
-name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
|
||||||
|
fi
|
||||||
|
/bin/rm -f "$pem_file"
|
||||||
elif [ "$use_config_password" = "0" ]; then
|
elif [ "$use_config_password" = "0" ]; then
|
||||||
pk12util -W "" -d "$CERT_DB" -n "$client_name" -o "$p12_file" >/dev/null || exit 1
|
pk12util -W "" -d "$CERT_DB" -n "$client_name" -o "$p12_file" >/dev/null || exit 1
|
||||||
fi
|
fi
|
||||||
|
@ -102,7 +102,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
|
@ -55,7 +55,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
|
@ -70,7 +70,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
|
@ -46,7 +46,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
|
@ -102,7 +102,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
|
@ -79,7 +79,7 @@ check_os() {
|
|||||||
[Uu]buntu)
|
[Uu]buntu)
|
||||||
os_type=ubuntu
|
os_type=ubuntu
|
||||||
;;
|
;;
|
||||||
[Dd]ebian)
|
[Dd]ebian|[Kk]ali)
|
||||||
os_type=debian
|
os_type=debian
|
||||||
;;
|
;;
|
||||||
[Rr]aspbian)
|
[Rr]aspbian)
|
||||||
|
Loading…
Reference in New Issue
Block a user