1
0
mirror of synced 2024-11-28 15:56:01 +03:00

Improve OS support

- Make the VPN setup scripts work on Kali Linux (based on Debian).
- Update IKEv2 helper script to check for OpenSSL 3 first when
  exporting the .p12 file.
This commit is contained in:
hwdsl2 2022-08-10 23:25:58 -05:00
parent e2f211c678
commit 4995ec03f5
7 changed files with 18 additions and 18 deletions

View File

@ -76,7 +76,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)
@ -763,17 +763,7 @@ export_p12_file() {
p12_file="$export_dir$client_name.p12" p12_file="$export_dir$client_name.p12"
p12_file_enc="$export_dir$client_name.enc.p12" p12_file_enc="$export_dir$client_name.enc.p12"
pk12util -W "$p12_password" -d "$CERT_DB" -n "$client_name" -o "$p12_file_enc" >/dev/null || exit 1 pk12util -W "$p12_password" -d "$CERT_DB" -n "$client_name" -o "$p12_file_enc" >/dev/null || exit 1
if [ "$os_type" = "alpine" ] || { [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "11" ]; }; then if [ "$os_ver" = "bookwormsid" ] || openssl version 2>/dev/null | grep -q "^OpenSSL 3"; then
pem_file="$export_dir$client_name.temp.pem"
openssl pkcs12 -in "$p12_file_enc" -out "$pem_file" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file_enc" \
-name "$client_name" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
if [ "$use_config_password" = "0" ]; then
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file" \
-name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
fi
/bin/rm -f "$pem_file"
elif [ "$os_ver" = "bookwormsid" ] || openssl version 2>/dev/null | grep -q "^OpenSSL 3"; then
ca_crt="$export_dir$client_name.ca.crt" ca_crt="$export_dir$client_name.ca.crt"
client_crt="$export_dir$client_name.client.crt" client_crt="$export_dir$client_name.client.crt"
client_key="$export_dir$client_name.client.key" client_key="$export_dir$client_name.client.key"
@ -791,6 +781,16 @@ export_p12_file() {
-legacy -name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1 -legacy -name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
fi fi
/bin/rm -f "$pem_file" /bin/rm -f "$pem_file"
elif [ "$os_type" = "alpine" ] || [ "$os_ver" = "kalirolling" ] || [ "$os_type$os_ver" = "ubuntu11" ]; then
pem_file="$export_dir$client_name.temp.pem"
openssl pkcs12 -in "$p12_file_enc" -out "$pem_file" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file_enc" \
-name "$client_name" -passin "pass:$p12_password" -passout "pass:$p12_password" || exit 1
if [ "$use_config_password" = "0" ]; then
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in "$pem_file" -out "$p12_file" \
-name "$client_name" -passin "pass:$p12_password" -passout pass: || exit 1
fi
/bin/rm -f "$pem_file"
elif [ "$use_config_password" = "0" ]; then elif [ "$use_config_password" = "0" ]; then
pk12util -W "" -d "$CERT_DB" -n "$client_name" -o "$p12_file" >/dev/null || exit 1 pk12util -W "" -d "$CERT_DB" -n "$client_name" -o "$p12_file" >/dev/null || exit 1
fi fi

View File

@ -102,7 +102,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)

View File

@ -55,7 +55,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)

View File

@ -70,7 +70,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)

View File

@ -46,7 +46,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)

View File

@ -102,7 +102,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)

View File

@ -79,7 +79,7 @@ check_os() {
[Uu]buntu) [Uu]buntu)
os_type=ubuntu os_type=ubuntu
;; ;;
[Dd]ebian) [Dd]ebian|[Kk]ali)
os_type=debian os_type=debian
;; ;;
[Rr]aspbian) [Rr]aspbian)