kissbac
/
packages
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Revert "openconnect: move certificate files to config/ to add graceful upgrade" 

This reverts commit b53e5bfe87.
Nikos Mavrogiannopoulos 10 years ago
parent
cd73693255
commit
ab50e4802f
2 changed files with 6 additions and 13 deletions
Unified View Show Diff Stats
  1. 3
    3
      net/openconnect/README
  2. 3
    10
      net/openconnect/files/openconnect.sh

+ 3
- 3
net/openconnect/README View File

14 
         option authgroup 'DEFAULT'
 14 
         option authgroup 'DEFAULT'
15
15
16 
 The additional files are also used:
 16 
 The additional files are also used:
17 
-/etc/config/openconnect-user-cert-vpn-MYVPN.pem: The user certificate
18 
-/etc/config/openconnect-user-key-vpn-MYVPN.pem: The user private key
19 
-/etc/config/openconnect-ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
17 
+/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate
18 
+/etc/openconnect/user-key-vpn-MYVPN.pem: The user private key
19 
+/etc/openconnect/ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
20
20
21 
 After these are setup you can initiate the VPN using "ifup MYVPN", and
 21 
 After these are setup you can initiate the VPN using "ifup MYVPN", and
22 
 deinitialize it using ifdown. You may also use the luci web interface
 22 
 deinitialize it using ifdown. You may also use the luci web interface

+ 3
- 10
net/openconnect/files/openconnect.sh View File

38
38
39 
 	cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
 39 
 	cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
40
40
41 
-	# migrate to new config files
42 
-	[ -f /etc/openconnect/user-cert-vpn-$config.pem ] && mv "/etc/openconnect/user-cert-vpn-$config.pem" "/etc/config/openconnect-user-cert-vpn-$config.pem"
43 
-	[ -f /etc/openconnect/user-key-vpn-$config.pem ] && mv "/etc/openconnect/user-key-vpn-$config.pem" "/etc/config/openconnect-user-key-vpn-$config.pem"
44 
-	[ -f /etc/openconnect/ca-vpn-$config.pem ] && mv "/etc/openconnect/ca-vpn-$config.pem" "/etc/config/openconnect-ca-vpn-$config.pem"
45 
-
46 
-	# read new config files
47 
-	[ -f /etc/config/openconnect-user-cert-vpn-$config.pem ] && append cmdline "-c /etc/config/openconnect-user-cert-vpn-$config.pem"
48 
-	[ -f /etc/config/openconnect-user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/config/openconnect-user-key-vpn-$config.pem"
49 
-	[ -f /etc/config/openconnect-ca-vpn-$config.pem ] && {
41 
+	[ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
42 
+	[ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
43 
+	[ -f /etc/openconnect/ca-vpn-$config.pem ] && {
50 
 		append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
 44 
 		append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
51 
 		append cmdline "--no-system-trust"
 45 
 		append cmdline "--no-system-trust"
52 
 	}
 46 
 	}
53 
-
54 
 	[ -n "$serverhash" ] && {
 47 
 	[ -n "$serverhash" ] && {
55 
 		append cmdline " --servercert=$serverhash"
 48 
 		append cmdline " --servercert=$serverhash"
56 
 		append cmdline "--no-system-trust"
 49 
 		append cmdline "--no-system-trust"