mirror of
https://github.com/pivpn/pivpn.git
synced 2024-12-24 05:40:16 +00:00
Merge pull request #788 from orazioedoardo/miscellaneous
Miscellaneous fixes
This commit is contained in:
commit
a8df7f26cf
2 changed files with 12 additions and 6 deletions
|
@ -532,7 +532,7 @@ getGitFiles() {
|
|||
echo ":::"
|
||||
echo "::: Checking for existing base files..."
|
||||
if is_repo "${1}"; then
|
||||
update_repo "${1}"
|
||||
update_repo "${1}" "${2}"
|
||||
else
|
||||
make_repo "${1}" "${2}"
|
||||
fi
|
||||
|
@ -565,6 +565,9 @@ update_repo() {
|
|||
# Pull the latest commits
|
||||
echo -n "::: Updating repo in $1..."
|
||||
$SUDO rm -rf "${1}"
|
||||
# Go back to /etc otherwhise git will complain when the current working directory has
|
||||
# just been deleted (/etc/.pivpn).
|
||||
cd /etc
|
||||
$SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $!
|
||||
cd "${1}" || exit 1
|
||||
if [ -z "${TESTING+x}" ]; then
|
||||
|
@ -753,6 +756,8 @@ confOpenVPN() {
|
|||
NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
|
||||
SERVER_NAME="server_${NEW_UUID}"
|
||||
|
||||
declare -A ECDSA_MAP=(["256"]="prime256v1" ["384"]="secp384r1" ["521"]="secp521r1")
|
||||
|
||||
if [[ ${useUpdateVars} == false ]]; then
|
||||
# Ask user for desired level of encryption
|
||||
|
||||
|
@ -783,7 +788,6 @@ confOpenVPN() {
|
|||
|
||||
else
|
||||
|
||||
declare -A ECDSA_MAP=(["256"]="prime256v1" ["384"]="secp384r1" ["521"]="secp521r1")
|
||||
ENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "ECDSA certificate size" --radiolist \
|
||||
"Choose the desired size of your certificate (press space to select):\n This is an certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 256 bits. You can increase the number of bits if you care about, however, consider that 256 bits are already as secure as 3072 bit RSA." ${r} ${c} 3 \
|
||||
"256" "Use a 256-bit certificate (recommended level)" ON \
|
||||
|
@ -851,7 +855,7 @@ EOF
|
|||
fi
|
||||
|
||||
# Build the server
|
||||
${SUDOE} ./easyrsa build-server-full ${SERVER_NAME} nopass
|
||||
EASYRSA_CERT_EXPIRE=3650 ${SUDOE} ./easyrsa build-server-full ${SERVER_NAME} nopass
|
||||
|
||||
if [[ ${useUpdateVars} == false ]]; then
|
||||
if [[ ${APPLY_TWO_POINT_FOUR} == false ]]; then
|
||||
|
@ -988,8 +992,10 @@ confNetwork() {
|
|||
# iptables -S, '^-P' skips the policies and 'ufw-' skips ufw chains (in case ufw was found
|
||||
# installed but not enabled).
|
||||
|
||||
INPUT_RULES_COUNT="$($SUDO iptables -S INPUT | grep -vcE '(^-P|ufw-)')"
|
||||
FORWARD_RULES_COUNT="$($SUDO iptables -S FORWARD | grep -vcE '(^-P|ufw-)')"
|
||||
# Grep returns non 0 exit code where there are no matches, however that would make the script exit,
|
||||
# for this reasons we use '|| true' to force exit code 0
|
||||
INPUT_RULES_COUNT="$($SUDO iptables -S INPUT | grep -vcE '(^-P|ufw-)' || true)"
|
||||
FORWARD_RULES_COUNT="$($SUDO iptables -S FORWARD | grep -vcE '(^-P|ufw-)' || true)"
|
||||
|
||||
INPUT_POLICY="$($SUDO iptables -S INPUT | grep '^-P' | awk '{print $3}')"
|
||||
FORWARD_POLICY="$($SUDO iptables -S FORWARD | grep '^-P' | awk '{print $3}')"
|
||||
|
|
|
@ -147,7 +147,7 @@ if [[ ${NAME::1} == "." ]] || [[ ${NAME::1} == "-" ]]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "${NAME}" =~ [^a-zA-Z0-9\.\-\@\_] ]]; then
|
||||
if [[ "${NAME}" =~ [^a-zA-Z0-9.@_-] ]]; then
|
||||
echo "Name can only contain alphanumeric characters and these characters (.-@_)."
|
||||
exit 1
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue