From 008d4afa5f65315f9db24794f33abdaf9a6a93ad Mon Sep 17 00:00:00 2001 From: Matthew Hagan Date: Thu, 14 Oct 2021 19:53:53 +0100 Subject: [PATCH] openfortivpn: add user, key, CA PEM support Allow authentication inputs by key/cert PEM. Signed-off-by: Matthew Hagan --- net/openfortivpn/Makefile | 5 ++++- net/openfortivpn/files/openfortivpn.sh | 4 ++++ net/openfortivpn/files/openfortivpn.upgrade | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 net/openfortivpn/files/openfortivpn.upgrade diff --git a/net/openfortivpn/Makefile b/net/openfortivpn/Makefile index 41068180c..c5b0d8ac3 100644 --- a/net/openfortivpn/Makefile +++ b/net/openfortivpn/Makefile @@ -54,12 +54,15 @@ define Package/openfortivpn/install $(INSTALL_DIR) \ $(1)/usr/sbin \ $(1)/lib/netifd/proto \ - $(1)/etc/hotplug.d/iface + $(1)/etc/hotplug.d/iface \ + $(1)/etc/openfortivpn \ + $(1)/lib/upgrade/keep.d $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openfortivpn $(1)/usr/sbin/ $(INSTALL_BIN) ./files/openfortivpn-wrapper $(1)/usr/sbin/ $(INSTALL_BIN) ./files/openfortivpn.sh $(1)/lib/netifd/proto/ $(INSTALL_BIN) ./files/openfortivpn-ppp-up $(1)/lib/netifd/openfortivpn-ppp-up + $(INSTALL_DATA) ./files/openfortivpn.upgrade $(1)/lib/upgrade/keep.d/openfortivpn endef $(eval $(call BuildPackage,openfortivpn)) diff --git a/net/openfortivpn/files/openfortivpn.sh b/net/openfortivpn/files/openfortivpn.sh index 098d7546b..929a0772a 100755 --- a/net/openfortivpn/files/openfortivpn.sh +++ b/net/openfortivpn/files/openfortivpn.sh @@ -132,6 +132,10 @@ proto_openfortivpn_setup() { mkdir -p '/var/etc/openfortivpn/peers' } + [ -f /etc/openfortivpn/user-cert-$config.pem ] && append_args "--user-cert=/etc/openfortivpn/user-cert-$config.pem" + [ -f /etc/openfortivpn/user-key-$config.pem ] && append_args "--user-key=/etc/openfortivpn/user-key-$config.pem" + [ -f /etc/openfortivpn/ca-$config.pem ] && append_args "--ca-file=/etc/openfortivpn/ca-$config.pem" + callfile="/var/etc/openfortivpn/peers/$config" echo "115200 :$local_ip diff --git a/net/openfortivpn/files/openfortivpn.upgrade b/net/openfortivpn/files/openfortivpn.upgrade new file mode 100644 index 000000000..77f4402f5 --- /dev/null +++ b/net/openfortivpn/files/openfortivpn.upgrade @@ -0,0 +1,3 @@ +/etc/openfortivpn/user-cert-*.pem +/etc/openfortivpn/user-key-*.pem +/etc/openfortivpn/ca-*.pem