1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-24 13:50:16 +00:00
Commit graph

104 commits

Author SHA1 Message Date
4s3ti
b1dbe27b2d fixed conflicts between pr and local works 2019-09-01 19:48:50 +02:00
4s3ti
a884d22cbc Issues Introduced with lastest commits:
Install script not creating ovpns dir, and throwing error:

```
cp: cannot stat '/tmp/OLD_UFW': No such file or directory
mkdir: cannot create directory ‘/root\n/usr/sbin\n/bin\n/dev\n/bin\n/usr/games\n/var/cache/man\n/var/spool/lpd\n/var/mail\n/var/spool/news\n/var/spool/uucp\n/bin\n/var/www\n/var/backups\n/var/list\n/var/run/ircd\n/var/lib/gnats\n/nonexistent\n/nonexistent\n/run/systemd\n/run/systemd\n/run/systemd\n/nonexistent\n/run/sshd\n/\n/home/pivpntest/ovpns’: No such file or directory
chmod: cannot access '/root'$'\n''/usr/sbin'$'\n''/bin'$'\n''/dev'$'\n''/bin'$'\n''/usr/games'$'\n''/var/cache/man'$'\n''/var/spool/lpd'$'\n''/var/mail'$'\n''/var/spool/news'$'\n''/var/spool/uucp'$'\n''/bin'$'\n''/var/www'$'\n''/var/backups'$'\n''/var/list'$'\n''/var/run/ircd'$'\n''/var/lib/gnats'$'\n''/nonexistent'$'\n''/nonexistent'$'\n''/run/systemd'$'\n''/run/systemd'$'\n''/run/systemd'$'\n''/nonexistent'$'\n''/run/sshd'$'\n''/'$'\n''/home/pivpntest/ovpns': No such file or directory
```

Found incosistencies in instalation user var/files namings, to have it consistend and easy to understand and considering everyone is more familiar with INSTALL_USER

Changed $pivpnUser to INSTALL_USER
Changed pivpnUSR to INSTALL_USER

Removed PiVPN Secure Notes from PiVPN ADD introduced with PR 
	- Notes not being pushed to BW Vault
	- OVPN files not going to ovpns dir
	- Needs investigation
2019-09-01 19:39:37 +02:00
MichaIng
04c1c2dae2
Failsafe home dir obtaining
+ When estimating $INSTALL_HOME, assure grep can only match user names, to avoid possible wrong multi-line value
+ Remove possible trailing slash from $INSTALL_HOME, to avoid double slash in "$INSTALL_HOME/ovpns"
+ Avoid "cat <file> | grep <pattern>", since grep can process files directly
+ Avoid "VAR=$(cat file)", since "VAR=$(<file)" has the same result without using a slow external command

Signed-off-by: MichaIng <micha@dietpi.com>
2019-09-01 17:47:38 +02:00
MichaIng
d79dc3db61
Failsafe home dir obtaining
+ When estimating $INSTALL_HOME, assure grep can only match user names, to avoid possible wrong multi-line value
+ Remove possible trailing slash from $INSTALL_HOME, to avoid double slash in "$INSTALL_HOME/ovpns"
+ Avoid "cat <file> | grep <pattern>", since grep can process files directly
+ Avoid "VAR=$(cat file)", since "VAR=$(<file)" has the same result without using a slow external command

Signed-off-by: MichaIng <micha@dietpi.com>
2019-09-01 17:46:07 +02:00
MichaIng
51333a9313
Failsafe home dir obtaining
+ When estimating $INSTALL_HOME, assure grep can only match user names, to avoid possible wrong multi-line value
+ Remove possible trailing slash from $INSTALL_HOME, to avoid double slash in "$INSTALL_HOME/ovpns"
+ Avoid "cat <file> | grep <pattern>", since grep can process files directly

Signed-off-by: MichaIng <micha@dietpi.com>
2019-09-01 17:41:44 +02:00
4s3ti
ad466f8728 Permissions hardening and Standardization 2019-09-01 16:10:53 +02:00
4s3ti
1bd8169aa6
Merge branch 'test' into master 2019-09-01 15:32:56 +02:00
IcedComputer
2da5c512d0
Merge branch 'test' into patch-2 2019-08-27 12:46:18 -07:00
IcedComputer
f6beac87d7
changed password parameter
Removed typo and changed -passin pass:$PASSWD to -passin env:$PASSWD
2019-08-27 12:44:37 -07:00
IcedComputer
5862d15d60
Update scripts/makeOVPN.sh
Co-Authored-By: Giraffe1966 <35208168+Giraffe1966@users.noreply.github.com>
2019-08-27 12:42:53 -07:00
Douglas Orend
371e65444b Update makeOVPN.sh 2019-08-21 19:25:32 -05:00
Akvile
9d66688341 added the functionality to send your OVPN file to your Bitwarden vault 2019-08-20 11:36:05 -05:00
Douglas Orend
44e1f48856 Update makeOVPN.sh
Fixed ownership line to use only username, not install path.
2019-08-20 09:02:31 -05:00
Douglas Orend
8b40035bf5 Properly determine user's home directory
Code assumes that the specified user directory is under /home.  This code parses the /etc/passwd file in order to determine what that user's proper home directory is.
2019-08-13 11:23:08 -05:00
4s3ti
18b7e16694
Merge branch 'test' into bitwarden 2019-08-08 10:34:17 +02:00
4s3ti
c2c3fc4229
Merge pull request from orazioedoardo/recreate-ovpn-folder
Recreate ovpn folder if deleted
2019-08-07 16:45:56 +02:00
Orazio
b71c67c78a Recreate ovpn folder if deleted 2019-08-06 10:02:28 +02:00
Orazio
e6a13cc65e Handle older UFW version from Jessie 2019-08-06 09:53:14 +02:00
Akvile
b60a06791d integrated bitwarden password manager into pivpn 2019-07-23 22:12:35 +02:00
Orazio
8a6d32ced5 Fixed regular expression 2019-07-13 19:59:28 +02:00
Orazio
241e06f970 Miscellaeous fixes 2019-07-13 10:45:44 +02:00
4s3ti
7aa803720c
Merge pull request from orazioedoardo/debug-privacy
Hide client IPs inside the debug log
2019-07-02 13:10:43 +01:00
Orazio
b823737b5a Hide client IPs in the debug log 2019-07-01 15:44:00 +02:00
Orazio
bcc780546c Get variable value before the file is deleted 2019-07-01 11:39:42 +02:00
Orazio
7a34dd3704 Improve iptables detection 2019-07-01 11:12:46 +02:00
IcedComputer
1d7ebd9d2f
added support to remove .ovpn12 files
the makeOVPN.sh now generates .ovpn12 files in the /home/${INSTALL_USER}/ovpns/ directory.
The remove script was updated to remove both the .ovpn and .ovpn12 files
2019-06-27 14:53:23 -07:00
IcedComputer
97bb319795
Updated .ovpn12 configuration
Incorporated feedback on how to properly implement .ovpn12 files.
2019-06-27 14:43:30 -07:00
IcedComputer
dae6276d37
Made updates based on comments
added changes related to chown and chmod of .ovpn12 file.  Also removed sudo.
2019-06-27 11:47:24 -07:00
IcedComputer
bda0d58b81
.ovpn12 files
Added new step to create an .ovpn12 file that can be stored on iOS keychain
This step is more secure method and does not require the end-user to keep entering passwords, or storing the client private cert where it can be easily tampered based on documentation located:
 https://openvpn.net/faq/how-do-i-use-a-client-certificate-and-private-key-from-the-ios-keychain/

Someone can improve upon this by adding a parameter (possibly -i|--iOS) and then generating the original .ovpn file to not contain the client private certificate.
2019-06-20 16:53:29 -07:00
TheDen
0cf7f21d3d
ensure -n check retuned value 2019-05-30 22:09:23 +10:00
Orazio
e70cb32caa Fixed logic 2019-05-10 12:53:52 +02:00
Orazio
e26cef1863 Custom certificate duration and more flexible names 2019-05-08 13:01:56 +02:00
Orazio
63d3335f33 Resolved merge conflict 2019-05-03 10:26:56 +02:00
Orazio
e3f729f260 General fixes and improvements 2019-03-03 10:18:45 +01:00
LMS235
996c5469f3 Telekom Hybrid Check
Small check whether Telekom Hybrid will be used to give helpful tips.
2018-12-24 15:49:44 +01:00
LMS235
d0f85e3429 right adjustment
-read for "other" withdrawn from .ovpn files

- delete also /etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn after remove certificate
2018-12-24 14:24:20 +01:00
redfast00
0b4464b3ee
Merge branch 'master' into test 2018-10-19 22:10:37 +01:00
Orazio
e2cde58cc8 Update makeOVPN.sh 2018-10-19 22:04:30 +01:00
Giraffe1966
f2f248e6ce
Add '--' to prevent 'send' from interpreting passwords beginning with '-' as options.
See .
2018-10-11 17:58:29 -04:00
redfast00
b7c28af844
Merge pull request from pivpn/test
Merge test branch into master
2018-05-29 22:38:46 +02:00
redfast00
09a73f9d3f
Merge pull request from orazioedoardo/master
Several changes and some fixes
2018-05-29 22:33:42 +02:00
Zeik0s
fc3691406e
Merge pull request from pivpn/master
Merge commits
2018-05-29 14:47:31 +02:00
johanfagerstroem
23cc58ce3a Changing name validation regex to allow dashes
Great for readable naming conventions.
2018-05-01 16:38:38 +02:00
Piero
33e7ef0c91 Several changes 2018-04-02 12:07:58 +02:00
Zeik0s
b8e5f318b6
makeOVPN.sh change 3DES to AES-128 2018-03-14 21:55:05 +01:00
Piero
4b47b5aa61 2.4 2018-02-15 10:14:03 +01:00
Tuan M. Dang
455b754c41 Issue-171: Error using iOS OpenVPN
As @fyellin There is some chatter on other groups that some
OpenVPN implementations cannot handle client keys that are
encrypted with RSA.

If the client key is encrypted, we might re-encrypting the
current client key using 3DES.

This commit will convert user client key to 3DES in command
`pivpn -a`

P/S: All credits to @fyellin. Many thanks to him.
2017-11-19 21:36:21 +07:00
Carlos Colaço
053c0d9d21 Fix Clients only in one line ()
* fixed pivpn clients text display

* #Oops

* clients in only 1 line fixed
2017-10-18 20:58:20 +02:00
redfast00
1a67b505f6 Merge pull request from azlux/master
Add human readable values for bytes received/sent
2017-10-11 17:49:44 +02:00
azlux
b0d2085996 make the humain-readable a function
I forgot the function !
2017-10-10 01:15:03 +02:00