Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-18 19:00:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

Shellcheck compliance

Browse source 
scripts/openvpn/removeOVPN.sh
  * SC1090: ShellCheck can't follow non-constant source. Use a directive to specify location.
    * Disabled warning
  * SC2128: Expanding an array without an index only gives the first element.
    * Disabled warning, as its only checking if variable is empty
  * SC2001: See if you can use ${variable//search/replace} instead.
    * Disabled warning, regex doesn't apply to ${variable//search/replace}
  * SC2086: Double quote to prevent globbing and word splitting.
    * Added double quotes
  * SC2140: Word is of the form "A"B"C" (B indicated). Did you mean "ABC" or "A\"B\"C"?
    * Removed unecessary double quotes from %s
  * SC2154: <VariableName> is referenced but not assigned.
    * Disabled warning, variables sourced externally
This commit is contained in:
4s3ti 2021-11-03 13:40:51 +01:00
parent 0e313fa3b3
commit 78810a5781
1 changed files with 16 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
scripts/openvpn/removeOVPN.sh
View file

@ -9,6 +9,7 @@ if [ ! -f "${setupVars}" ]; then
exit 1 exit 1
fi fi
# shellcheck disable=SC1090
source "${setupVars}" source "${setupVars}"
helpFunc() { helpFunc() {
@ -47,6 +48,8 @@ if [ ! -f "${INDEX}" ]; then
exit 1 exit 1
fi fi
# Disabling SC2128, just checking if variable is empty or not
# shellcheck disable=SC2128
if [[ -z "${CERTS_TO_REVOKE}" ]]; then if [[ -z "${CERTS_TO_REVOKE}" ]]; then
printf "\n" printf "\n"
printf " ::\e[4m Certificate List \e[0m:: \n" printf " ::\e[4m Certificate List \e[0m:: \n"
@ -55,6 +58,8 @@ if [[ -z "${CERTS_TO_REVOKE}" ]]; then
while read -r line || [ -n "$line" ]; do while read -r line || [ -n "$line" ]; do
STATUS=$(echo "$line" | awk '{print $1}') STATUS=$(echo "$line" | awk '{print $1}')
if [[ "${STATUS}" = "V" ]]; then if [[ "${STATUS}" = "V" ]]; then
# Disabling SC2001 warning, suggested method doesn't work with regexp
# shellcheck disable=SC2001
NAME=$(echo "$line" | sed -e 's:.*/CN=::') NAME=$(echo "$line" | sed -e 's:.*/CN=::')
if [ "$i" != 0 ]; then if [ "$i" != 0 ]; then
# Prevent printing "server" certificate # Prevent printing "server" certificate
@ -66,8 +71,8 @@ if [[ -z "${CERTS_TO_REVOKE}" ]]; then
i=1 i=1
len=${#CERTS[@]} len=${#CERTS[@]}
while [ $i -le ${len} ]; do while [ $i -le "${len}" ]; do
printf "%0${#len}s) %s\r\n" ${i} ${CERTS[(($i))]} printf "%0${#len}s) %s\r\n" ${i} "${CERTS[(($i))]}"
((i++)) ((i++))
done done
printf "\n" printf "\n"
@ -117,7 +122,7 @@ else
done done
if [ "${VALID}" != 1 ]; then if [ "${VALID}" != 1 ]; then
printf "You passed an invalid cert name: '"%s"'!\n" "${CERTS_TO_REVOKE[ii]}" printf "You passed an invalid cert name: '%s'! \n" "${CERTS_TO_REVOKE[ii]}"
exit 1 exit 1
fi fi
done done
@ -129,10 +134,10 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
if [ -n "$CONFIRM" ]; then if [ -n "$CONFIRM" ]; then
REPLY="y" REPLY="y"
else else
read -r -p "Do you really want to revoke ${CERTS_TO_REVOKE[ii]}? [Y/n] " read -r -p "Do you really want to revoke '${CERTS_TO_REVOKE[ii]}'? [Y/n] "
fi fi
if [[ $REPLY =~ ^[Yy]$ ]]; then if [[ $REPLY =~ ^[Yy]$ ]]; then
printf "\n::: Revoking certificate '"%s"'.\n" "${CERTS_TO_REVOKE[ii]}" printf "\n::: Revoking certificate '%s'. \n" "${CERTS_TO_REVOKE[ii]}"
./easyrsa --batch revoke "${CERTS_TO_REVOKE[ii]}" ./easyrsa --batch revoke "${CERTS_TO_REVOKE[ii]}"
./easyrsa gen-crl ./easyrsa gen-crl
printf "\n::: Certificate revoked, and CRL file updated.\n" printf "\n::: Certificate revoked, and CRL file updated.\n"
@ -141,11 +146,15 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key" rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key"
rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt" rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt"
# Disabling SC2154 $pivpnNET sourced externally
# shellcheck disable=SC2154
# Grab the client IP address # Grab the client IP address
NET_REDUCED="${pivpnNET::-2}" NET_REDUCED="${pivpnNET::-2}"
STATIC_IP=$(grep -v "^#" /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}" | grep -w ifconfig-push | grep -oE "${NET_REDUCED}\.[0-9]{1,3}") STATIC_IP=$(grep -v "^#" /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}" | grep -w ifconfig-push | grep -oE "${NET_REDUCED}\.[0-9]{1,3}")
rm -rf /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}" rm -rf /etc/openvpn/ccd/"${CERTS_TO_REVOKE[ii]}"
# disablung warning SC2154, $install_home sourced externally
# shellcheck disable=SC2154
rm -rf "${install_home}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn" rm -rf "${install_home}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn"
rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn" rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn"
cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem