admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(settings): OpenVPN ClientCrt -> Cert

Browse Source
This commit is contained in:
Quentin McGaw
2022-08-13 18:59:07 +00:00
parent 5986432a22
commit 8db2944749
5 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/configuration/settings/openvpn.go
View File

@@ -41,11 +41,11 @@ type OpenVPN struct {
// It cannot be nil in the internal state. // It cannot be nil in the internal state.
// It is ignored if it is set to the empty string. // It is ignored if it is set to the empty string.
Auth *string Auth *string
// ClientCrt is the OpenVPN client certificate. // Cert is the OpenVPN certificate for the <cert> block.
// This is notably used by Cyberghost. // This is notably used by Cyberghost.
// It can be set to the empty string to be ignored. // It can be set to the empty string to be ignored.
// It cannot be nil in the internal state. // It cannot be nil in the internal state.
ClientCrt *string Cert *string
// Key is the OpenVPN key. // Key is the OpenVPN key.
// This is used by Cyberghost and VPN Unlimited. // This is used by Cyberghost and VPN Unlimited.
// It can be set to the empty string to be ignored. // It can be set to the empty string to be ignored.
@@ -106,7 +106,7 @@ func (o OpenVPN) validate(vpnProvider string) (err error) {
return fmt.Errorf("custom configuration file: %w", err) return fmt.Errorf("custom configuration file: %w", err)
} }
err = validateOpenVPNClientCertificate(vpnProvider, *o.ClientCrt) err = validateOpenVPNClientCertificate(vpnProvider, *o.Cert)
if err != nil { if err != nil {
return fmt.Errorf("client certificate: %w", err) return fmt.Errorf("client certificate: %w", err)
} }
@@ -211,7 +211,7 @@ func (o *OpenVPN) copy() (copied OpenVPN) {
ConfFile: helpers.CopyStringPtr(o.ConfFile), ConfFile: helpers.CopyStringPtr(o.ConfFile),
Ciphers: helpers.CopyStringSlice(o.Ciphers), Ciphers: helpers.CopyStringSlice(o.Ciphers),
Auth: helpers.CopyStringPtr(o.Auth), Auth: helpers.CopyStringPtr(o.Auth),
ClientCrt: helpers.CopyStringPtr(o.ClientCrt), Cert: helpers.CopyStringPtr(o.Cert),
Key: helpers.CopyStringPtr(o.Key), Key: helpers.CopyStringPtr(o.Key),
PIAEncPreset: helpers.CopyStringPtr(o.PIAEncPreset), PIAEncPreset: helpers.CopyStringPtr(o.PIAEncPreset),
IPv6: helpers.CopyBoolPtr(o.IPv6), IPv6: helpers.CopyBoolPtr(o.IPv6),
@@ -232,7 +232,7 @@ func (o *OpenVPN) mergeWith(other OpenVPN) {
o.ConfFile = helpers.MergeWithStringPtr(o.ConfFile, other.ConfFile) o.ConfFile = helpers.MergeWithStringPtr(o.ConfFile, other.ConfFile)
o.Ciphers = helpers.MergeStringSlices(o.Ciphers, other.Ciphers) o.Ciphers = helpers.MergeStringSlices(o.Ciphers, other.Ciphers)
o.Auth = helpers.MergeWithStringPtr(o.Auth, other.Auth) o.Auth = helpers.MergeWithStringPtr(o.Auth, other.Auth)
o.ClientCrt = helpers.MergeWithStringPtr(o.ClientCrt, other.ClientCrt) o.Cert = helpers.MergeWithStringPtr(o.Cert, other.Cert)
o.Key = helpers.MergeWithStringPtr(o.Key, other.Key) o.Key = helpers.MergeWithStringPtr(o.Key, other.Key)
o.PIAEncPreset = helpers.MergeWithStringPtr(o.PIAEncPreset, other.PIAEncPreset) o.PIAEncPreset = helpers.MergeWithStringPtr(o.PIAEncPreset, other.PIAEncPreset)
o.IPv6 = helpers.MergeWithBool(o.IPv6, other.IPv6) o.IPv6 = helpers.MergeWithBool(o.IPv6, other.IPv6)
@@ -253,7 +253,7 @@ func (o *OpenVPN) overrideWith(other OpenVPN) {
o.ConfFile = helpers.OverrideWithStringPtr(o.ConfFile, other.ConfFile) o.ConfFile = helpers.OverrideWithStringPtr(o.ConfFile, other.ConfFile)
o.Ciphers = helpers.OverrideWithStringSlice(o.Ciphers, other.Ciphers) o.Ciphers = helpers.OverrideWithStringSlice(o.Ciphers, other.Ciphers)
o.Auth = helpers.OverrideWithStringPtr(o.Auth, other.Auth) o.Auth = helpers.OverrideWithStringPtr(o.Auth, other.Auth)
o.ClientCrt = helpers.OverrideWithStringPtr(o.ClientCrt, other.ClientCrt) o.Cert = helpers.OverrideWithStringPtr(o.Cert, other.Cert)
o.Key = helpers.OverrideWithStringPtr(o.Key, other.Key) o.Key = helpers.OverrideWithStringPtr(o.Key, other.Key)
o.PIAEncPreset = helpers.OverrideWithStringPtr(o.PIAEncPreset, other.PIAEncPreset) o.PIAEncPreset = helpers.OverrideWithStringPtr(o.PIAEncPreset, other.PIAEncPreset)
o.IPv6 = helpers.OverrideWithBool(o.IPv6, other.IPv6) o.IPv6 = helpers.OverrideWithBool(o.IPv6, other.IPv6)
@@ -275,7 +275,7 @@ func (o *OpenVPN) setDefaults(vpnProvider string) {
o.ConfFile = helpers.DefaultStringPtr(o.ConfFile, "") o.ConfFile = helpers.DefaultStringPtr(o.ConfFile, "")
o.Auth = helpers.DefaultStringPtr(o.Auth, "") o.Auth = helpers.DefaultStringPtr(o.Auth, "")
o.ClientCrt = helpers.DefaultStringPtr(o.ClientCrt, "") o.Cert = helpers.DefaultStringPtr(o.Cert, "")
o.Key = helpers.DefaultStringPtr(o.Key, "") o.Key = helpers.DefaultStringPtr(o.Key, "")
var defaultEncPreset string var defaultEncPreset string
@@ -313,8 +313,8 @@ func (o OpenVPN) toLinesNode() (node *gotree.Node) {
node.Appendf("Auth: %s", *o.Auth) node.Appendf("Auth: %s", *o.Auth)
} }
if *o.ClientCrt != "" { if *o.Cert != "" {
node.Appendf("Client crt: %s", helpers.ObfuscateData(*o.ClientCrt)) node.Appendf("Client crt: %s", helpers.ObfuscateData(*o.Cert))
} }
if *o.Key != "" { if *o.Key != "" {

2
internal/configuration/sources/env/openvpn.go vendored
View File

@@ -30,7 +30,7 @@ func (r *Reader) readOpenVPN() (
openVPN.Auth = &auth openVPN.Auth = &auth
} }
openVPN.ClientCrt, err = readBase64OrNil("OPENVPN_CERT") openVPN.Cert, err = readBase64OrNil("OPENVPN_CERT")
if err != nil { if err != nil {
return openVPN, fmt.Errorf("environment variable OPENVPN_CERT: %w", err) return openVPN, fmt.Errorf("environment variable OPENVPN_CERT: %w", err)
} }

2
internal/configuration/sources/files/openvpn.go
View File

@@ -19,7 +19,7 @@ func (r *Reader) readOpenVPN() (settings settings.OpenVPN, err error) {
return settings, fmt.Errorf("client key: %w", err) return settings, fmt.Errorf("client key: %w", err)
} }
settings.ClientCrt, err = ReadFromFile(OpenVPNClientCertificatePath) settings.Cert, err = ReadFromFile(OpenVPNClientCertificatePath)
if err != nil { if err != nil {
return settings, fmt.Errorf("client certificate: %w", err) return settings, fmt.Errorf("client certificate: %w", err)
} }

2
internal/configuration/sources/secrets/openvpn.go
View File

@@ -32,7 +32,7 @@ func readOpenVPN() (
return settings, fmt.Errorf("cannot read client key file: %w", err) return settings, fmt.Errorf("cannot read client key file: %w", err)
} }
settings.ClientCrt, err = readSecretFileAsStringPtr( settings.Cert, err = readSecretFileAsStringPtr(
"OPENVPN_CLIENTCRT_SECRETFILE", "OPENVPN_CLIENTCRT_SECRETFILE",
"/run/secrets/openvpn_clientcrt", "/run/secrets/openvpn_clientcrt",
) )

6
internal/provider/utils/openvpn.go
View File

@@ -189,9 +189,9 @@ func OpenVPNConfig(provider OpenVPNProviderSettings,
lines.addLines(WrapOpenvpnTLSCrypt(provider.TLSCrypt)) lines.addLines(WrapOpenvpnTLSCrypt(provider.TLSCrypt))
} }
if *settings.ClientCrt != "" { if *settings.Cert != "" {
certData, err := extract.PEM([]byte(*settings.ClientCrt)) certData, err := extract.PEM([]byte(*settings.Cert))
panicOnError(err, "cannot extract client crt") panicOnError(err, "cannot extract OpenVPN certificate")
lines.addLines(WrapOpenvpnCert(certData)) lines.addLines(WrapOpenvpnCert(certData))
} }