mirror of
https://github.com/pivpn/pivpn.git
synced 2024-12-22 12:50:16 +00:00
Shellcheck compliance
scripts/openvpn/removeOVPN.sh * SC1090: ShellCheck can't follow non-constant source. Use a directive to specify location. * Disabled warning * SC2128: Expanding an array without an index only gives the first element. * Disabled warning, as its only checking if variable is empty * SC2001: See if you can use ${variable//search/replace} instead. * Disabled warning, regex doesn't apply to ${variable//search/replace} * SC2086: Double quote to prevent globbing and word splitting. * Added double quotes * SC2140: Word is of the form "A"B"C" (B indicated). Did you mean "ABC" or "A\"B\"C"? * Removed unecessary double quotes from %s * SC2154: <VariableName> is referenced but not assigned. * Disabled warning, variables sourced externally
This commit is contained in:
parent
0e313fa3b3
commit
78810a5781
1 changed files with 16 additions and 7 deletions
|
@ -9,6 +9,7 @@ if [ ! -f "${setupVars}" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# shellcheck disable=SC1090
|
||||||
source "${setupVars}"
|
source "${setupVars}"
|
||||||
|
|
||||||
helpFunc() {
|
helpFunc() {
|
||||||
|
@ -47,6 +48,8 @@ if [ ! -f "${INDEX}" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Disabling SC2128, just checking if variable is empty or not
|
||||||
|
# shellcheck disable=SC2128
|
||||||
if [[ -z "${CERTS_TO_REVOKE}" ]]; then
|
if [[ -z "${CERTS_TO_REVOKE}" ]]; then
|
||||||
printf "\n"
|
printf "\n"
|
||||||
printf " ::\e[4m Certificate List \e[0m:: \n"
|
printf " ::\e[4m Certificate List \e[0m:: \n"
|
||||||
|
@ -55,6 +58,8 @@ if [[ -z "${CERTS_TO_REVOKE}" ]]; then
|
||||||
while read -r line || [ -n "$line" ]; do
|
while read -r line || [ -n "$line" ]; do
|
||||||
STATUS=$(echo "$line" | awk '{print $1}')
|
STATUS=$(echo "$line" | awk '{print $1}')
|
||||||
if [[ "${STATUS}" = "V" ]]; then
|
if [[ "${STATUS}" = "V" ]]; then
|
||||||
|
# Disabling SC2001 warning, suggested method doesn't work with regexp
|
||||||
|
# shellcheck disable=SC2001
|
||||||
NAME=$(echo "$line" | sed -e 's:.*/CN=::')
|
NAME=$(echo "$line" | sed -e 's:.*/CN=::')
|
||||||
if [ "$i" != 0 ]; then
|
if [ "$i" != 0 ]; then
|
||||||
# Prevent printing "server" certificate
|
# Prevent printing "server" certificate
|
||||||
|
@ -66,8 +71,8 @@ if [[ -z "${CERTS_TO_REVOKE}" ]]; then
|
||||||
|
|
||||||
i=1
|
i=1
|
||||||
len=${#CERTS[@]}
|
len=${#CERTS[@]}
|
||||||
while [ $i -le ${len} ]; do
|
while [ $i -le "${len}" ]; do
|
||||||
printf "%0${#len}s) %s\r\n" ${i} ${CERTS[(($i))]}
|
printf "%0${#len}s) %s\r\n" ${i} "${CERTS[(($i))]}"
|
||||||
((i++))
|
((i++))
|
||||||
done
|
done
|
||||||
printf "\n"
|
printf "\n"
|
||||||
|
@ -117,7 +122,7 @@ else
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ "${VALID}" != 1 ]; then
|
if [ "${VALID}" != 1 ]; then
|
||||||
printf "You passed an invalid cert name: '"%s"'!\n" "${CERTS_TO_REVOKE[ii]}"
|
printf "You passed an invalid cert name: '%s'! \n" "${CERTS_TO_REVOKE[ii]}"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
@ -129,10 +134,10 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
|
||||||
if [ -n "$CONFIRM" ]; then
|
if [ -n "$CONFIRM" ]; then
|
||||||
REPLY="y"
|
REPLY="y"
|
||||||
else
|
else
|
||||||
read -r -p "Do you really want to revoke ${CERTS_TO_REVOKE[ii]}? [Y/n] "
|
read -r -p "Do you really want to revoke '${CERTS_TO_REVOKE[ii]}'? [Y/n] "
|
||||||
fi
|
fi
|
||||||
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
||||||
printf "\n::: Revoking certificate '"%s"'.\n" "${CERTS_TO_REVOKE[ii]}"
|
printf "\n::: Revoking certificate '%s'. \n" "${CERTS_TO_REVOKE[ii]}"
|
||||||
./easyrsa --batch revoke "${CERTS_TO_REVOKE[ii]}"
|
./easyrsa --batch revoke "${CERTS_TO_REVOKE[ii]}"
|
||||||
./easyrsa gen-crl
|
./easyrsa gen-crl
|
||||||
printf "\n::: Certificate revoked, and CRL file updated.\n"
|
printf "\n::: Certificate revoked, and CRL file updated.\n"
|
||||||
|
@ -141,11 +146,15 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
|
||||||
rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key"
|
rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key"
|
||||||
rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt"
|
rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt"
|
||||||
|
|
||||||
|
# Disabling SC2154 $pivpnNET sourced externally
|
||||||
|
# shellcheck disable=SC2154
|
||||||
# Grab the client IP address
|
# Grab the client IP address
|
||||||
NET_REDUCED="${pivpnNET::-2}"
|
NET_REDUCED="${pivpnNET::-2}"
|
||||||
STATIC_IP=$(grep -v "^#" /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}" | grep -w ifconfig-push | grep -oE "${NET_REDUCED}\.[0-9]{1,3}")
|
STATIC_IP=$(grep -v "^#" /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}" | grep -w ifconfig-push | grep -oE "${NET_REDUCED}\.[0-9]{1,3}")
|
||||||
rm -rf /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}"
|
rm -rf /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}"
|
||||||
|
|
||||||
|
# disablung warning SC2154, $install_home sourced externally
|
||||||
|
# shellcheck disable=SC2154
|
||||||
rm -rf "${install_home}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn"
|
rm -rf "${install_home}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn"
|
||||||
rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn"
|
rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn"
|
||||||
cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem
|
cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem
|
||||||
|
|
Loading…
Reference in a new issue