1
0
mirror of synced 2024-11-29 16:16:03 +03:00

Update IKEv2 script

- Show client certificate statuses when listing IKEv2 clients
- Fixes #1038
This commit is contained in:
hwdsl2 2021-11-07 00:13:42 -05:00
parent 78b3766846
commit bc312e0736

View File

@ -153,7 +153,7 @@ check_container() {
show_header() { show_header() {
cat <<'EOF' cat <<'EOF'
IKEv2 Script Copyright (c) 2020-2021 Lin Song 10 Oct 2021 IKEv2 Script Copyright (c) 2020-2021 Lin Song 7 Nov 2021
EOF EOF
} }
@ -383,7 +383,20 @@ get_server_address() {
list_existing_clients() { list_existing_clients() {
echo "Checking for existing IKEv2 client(s)..." echo "Checking for existing IKEv2 client(s)..."
certutil -L -d sql:/etc/ipsec.d | grep -v -e '^$' -e 'IKEv2 VPN CA' -e '\.' | tail -n +3 | cut -f1 -d ' ' echo
client_names=$(certutil -L -d sql:/etc/ipsec.d | grep -v -e '^$' -e 'IKEv2 VPN CA' -e '\.' | tail -n +3 | cut -f1 -d ' ')
max_len=$(printf '%s\n' "$client_names" | wc -L 2>/dev/null)
[[ $max_len =~ ^[0-9]+$ ]] || max_len=64
[ "$max_len" -gt "64" ] && max_len=64
[ "$max_len" -lt "16" ] && max_len=16
printf "%-${max_len}s %s\n" 'Client Name' 'Certificate Status'
printf "%-${max_len}s %s\n" '------------' '-------------------'
printf '%s\n' "$client_names" | while read -r line; do
printf "%-${max_len}s " "$line"
client_status=$(certutil -V -u C -d sql:/etc/ipsec.d -n "$line" | grep -o -e ' valid' -e expired -e revoked | sed -e 's/^ //')
[ -z "$client_status" ] && client_status=unknown
printf '%s\n' "$client_status"
done
} }
enter_server_address() { enter_server_address() {