Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-20 03:40:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #788 from orazioedoardo/miscellaneous

Browse source 
Miscellaneous fixes
This commit is contained in:
4s3ti 2019-07-14 00:22:43 +01:00 committed by GitHub
commit a8df7f26cf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
auto_install/install.sh
View file

@ -532,7 +532,7 @@ getGitFiles() {
echo ":::" echo ":::"
echo "::: Checking for existing base files..." echo "::: Checking for existing base files..."
if is_repo "${1}"; then if is_repo "${1}"; then
update_repo "${1}" update_repo "${1}" "${2}"
else else
make_repo "${1}" "${2}" make_repo "${1}" "${2}"
fi fi
@ -565,6 +565,9 @@ update_repo() {
# Pull the latest commits # Pull the latest commits
echo -n "::: Updating repo in $1..." echo -n "::: Updating repo in $1..."
$SUDO rm -rf "${1}" $SUDO rm -rf "${1}"
# Go back to /etc otherwhise git will complain when the current working directory has
# just been deleted (/etc/.pivpn).
cd /etc
$SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $! $SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $!
cd "${1}" || exit 1 cd "${1}" || exit 1
if [ -z "${TESTING+x}" ]; then if [ -z "${TESTING+x}" ]; then
@ -753,6 +756,8 @@ confOpenVPN() {
NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1) NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
SERVER_NAME="server_${NEW_UUID}" SERVER_NAME="server_${NEW_UUID}"
declare -A ECDSA_MAP=(["256"]="prime256v1" ["384"]="secp384r1" ["521"]="secp521r1")
if [[ ${useUpdateVars} == false ]]; then if [[ ${useUpdateVars} == false ]]; then
# Ask user for desired level of encryption # Ask user for desired level of encryption
@ -783,7 +788,6 @@ confOpenVPN() {
else else
declare -A ECDSA_MAP=(["256"]="prime256v1" ["384"]="secp384r1" ["521"]="secp521r1")
ENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "ECDSA certificate size" --radiolist \ ENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "ECDSA certificate size" --radiolist \
"Choose the desired size of your certificate (press space to select):\n This is an certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 256 bits. You can increase the number of bits if you care about, however, consider that 256 bits are already as secure as 3072 bit RSA." ${r} ${c} 3 \ "Choose the desired size of your certificate (press space to select):\n This is an certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 256 bits. You can increase the number of bits if you care about, however, consider that 256 bits are already as secure as 3072 bit RSA." ${r} ${c} 3 \
"256" "Use a 256-bit certificate (recommended level)" ON \ "256" "Use a 256-bit certificate (recommended level)" ON \
@ -851,7 +855,7 @@ EOF
fi fi
# Build the server # Build the server
${SUDOE} ./easyrsa build-server-full ${SERVER_NAME} nopass EASYRSA_CERT_EXPIRE=3650 ${SUDOE} ./easyrsa build-server-full ${SERVER_NAME} nopass
if [[ ${useUpdateVars} == false ]]; then if [[ ${useUpdateVars} == false ]]; then
if [[ ${APPLY_TWO_POINT_FOUR} == false ]]; then if [[ ${APPLY_TWO_POINT_FOUR} == false ]]; then
@ -988,8 +992,10 @@ confNetwork() {
# iptables -S, '^-P' skips the policies and 'ufw-' skips ufw chains (in case ufw was found # iptables -S, '^-P' skips the policies and 'ufw-' skips ufw chains (in case ufw was found
# installed but not enabled). # installed but not enabled).
INPUT_RULES_COUNT="$($SUDO iptables -S INPUT | grep -vcE '(^-P|ufw-)')" # Grep returns non 0 exit code where there are no matches, however that would make the script exit,
FORWARD_RULES_COUNT="$($SUDO iptables -S FORWARD | grep -vcE '(^-P|ufw-)')" # for this reasons we use '|| true' to force exit code 0
INPUT_RULES_COUNT="$($SUDO iptables -S INPUT | grep -vcE '(^-P|ufw-)' || true)"
FORWARD_RULES_COUNT="$($SUDO iptables -S FORWARD | grep -vcE '(^-P|ufw-)' || true)"
INPUT_POLICY="$($SUDO iptables -S INPUT | grep '^-P' | awk '{print $3}')" INPUT_POLICY="$($SUDO iptables -S INPUT | grep '^-P' | awk '{print $3}')"
FORWARD_POLICY="$($SUDO iptables -S FORWARD | grep '^-P' | awk '{print $3}')" FORWARD_POLICY="$($SUDO iptables -S FORWARD | grep '^-P' | awk '{print $3}')"

2
scripts/makeOVPN.sh
View file

@ -147,7 +147,7 @@ if [[ ${NAME::1} == "." ]] || [[ ${NAME::1} == "-" ]]; then
exit 1 exit 1
fi fi
if [[ "${NAME}" =~ [^a-zA-Z0-9\.\-\@\_] ]]; then if [[ "${NAME}" =~ [^a-zA-Z0-9.@_-] ]]; then
echo "Name can only contain alphanumeric characters and these characters (.-@_)." echo "Name can only contain alphanumeric characters and these characters (.-@_)."
exit 1 exit 1
fi fi