summaryrefslogtreecommitdiffstats
path: root/openvpn-model.lua
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2009-12-29 14:59:46 +0000
committerTed Trask <ttrask01@yahoo.com>2009-12-29 14:59:46 +0000
commit7ec500251e61075bff07c8d40274cca92ba321af (patch)
tree011459100560b8cc81d148eb26a74ef77e2b379c /openvpn-model.lua
parenta164ef3512aeb64918d0240c8bfe1512d1ff509b (diff)
downloadacf-openvpn-7ec500251e61075bff07c8d40274cca92ba321af.tar.bz2
acf-openvpn-7ec500251e61075bff07c8d40274cca92ba321af.tar.xz
Moved certificates to subdirectory and enabled multiple instances.
Diffstat (limited to 'openvpn-model.lua')
-rw-r--r--openvpn-model.lua33
1 files changed, 20 insertions, 13 deletions
diff --git a/openvpn-model.lua b/openvpn-model.lua
index b4befce..59be82c 100644
--- a/openvpn-model.lua
+++ b/openvpn-model.lua
@@ -12,9 +12,16 @@ local processname = "openvpn"
local packagename = "openvpn"
local configfile = "/etc/openvpn/openvpn.conf"
local baseurl = "/etc/openvpn/"
+local certurl = "/etc/openvpn/openvpn_certs/"
local path = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin "
+function set_processname(p)
+ processname = p
+ configfile = "/etc/openvpn/"..processname..".conf"
+ certurl = "/etc/openvpn/"..processname.."_certs/"
+end
+
-- ################################################################################
-- LOCAL FUNCTIONS
@@ -194,8 +201,8 @@ end
function list_certs()
local list = {}
- for file in fs.find(".*%.pem", baseurl) do
- list[#list+1] = posix.basename(file)
+ for file in fs.find(".*%.pem", certurl) do
+ list[#list+1] = file
end
return cfe({ type="list", value=list, label="OpenVPN Certificates" })
end
@@ -205,7 +212,7 @@ function delete_cert(certname)
local retval = cfe({ label="Delete Certificate result", errtxt="Invalid cert name" })
for i,cert in ipairs(list.value) do
if cert == certname then
- os.remove(baseurl..certname)
+ os.remove(certname)
retval.value = "Certificate deleted"
retval.errtxt = nil
break
@@ -269,20 +276,20 @@ function upload_cert(newcert)
if newcert.value.name.value == "" then
newcert.value.name.errtxt = "Cannot be blank"
success = false
- elseif posix.stat(baseurl..newcert.value.name.value.."-cert.pem") or posix.stat(baseurl..newcert.value.name.value.."-key.pem") or posix.stat(baseurl..newcert.value.name.value.."-ca.pem") then
+ elseif posix.stat(certurl..newcert.value.name.value.."-cert.pem") or posix.stat(certurl..newcert.value.name.value.."-key.pem") or posix.stat(certurl..newcert.value.name.value.."-ca.pem") then
newcert.value.name.errtxt = "Certificate of this name already exists"
success = false
end
if success then
- if not posix.stat(baseurl) then
- posix.mkdir(baseurl)
+ if not posix.stat(certurl) then
+ posix.mkdir(certurl)
end
-- copy the keys
- fs.move_file(newcert.value.cert.value.."cert.pem", baseurl..newcert.value.name.value.."-cert.pem")
- fs.move_file(newcert.value.cert.value.."key.pem", baseurl..newcert.value.name.value.."-key.pem")
- fs.move_file(newcert.value.cert.value.."ca.pem", baseurl..newcert.value.name.value.."-ca.pem")
- posix.chmod(baseurl..newcert.value.name.value.."-key.pem", "rw-------")
+ fs.move_file(newcert.value.cert.value.."cert.pem", certurl..newcert.value.name.value.."-cert.pem")
+ fs.move_file(newcert.value.cert.value.."key.pem", certurl..newcert.value.name.value.."-key.pem")
+ fs.move_file(newcert.value.cert.value.."ca.pem", certurl..newcert.value.name.value.."-ca.pem")
+ posix.chmod(certurl..newcert.value.name.value.."-key.pem", "rw-------")
else
newcert.errtxt = "Failed to upload certificate"
end
@@ -300,9 +307,9 @@ end
view_cert = function(certname)
local cmdresult = "Invalid cert name"
if not string.find(certname, "/") then
- certname = baseurl..certname
+ certname = certurl..certname
end
- if validator.is_valid_filename(certname, baseurl) then
+ if validator.is_valid_filename(certname, certurl) or validator.is_valid_filename(certname, baseurl) then
local cmd = path .. "openssl x509 -in "..format.escapespecialcharacters(certname).." -noout -text"
local f = io.popen(cmd)
cmdresult = f:read("*a")
@@ -313,7 +320,7 @@ view_cert = function(certname)
end
generate_dh_params = function()
- local cmd = path .. "openssl dhparam -out /etc/openvpn/dh1024.pem 1024 2>&1"
+ local cmd = path .. "openssl dhparam -out "..certurl.."dh1024.pem 1024 2>&1"
f = io.popen(cmd)
local cmdresult = f:read("*a")
f:close()