From: Adolf Belka <adolf.belka@ipfire.org>
Date: Mon, 5 Jun 2023 11:55:29 +0000 (+0200)
Subject: backup.pl: Fixes Bug#13137 - Existing n2n client connection created with openssl... 
X-Git-Tag: v2.27-core175~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9eb2086e0f3b6feb6e52d01c7faf5d79791650ea;p=ipfire-2.x.git

backup.pl: Fixes Bug#13137 - Existing n2n client connection created with openssl-1.1.1x fails to start with openssl-3.x

- This code adds the "providers legacy default" line into OpenVPN N2N Client config files
   when restoring them in case it is missing from a backup earlier than CU175.
   Only adds the line if it is not already present.
- Tested out on my vm testbed system

Fixes: Bug#13137
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index 96e794439f..8d990c0f1f 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -189,6 +189,21 @@ restore_backup() {
 
 	# Update OpenVPN CRL
 	/etc/fcron.daily/openvpn-crl-updater
+	
+	# Update OpenVPN N2N Client Configs
+	## Add providers legacy default line to n2n client config files
+	# Check if ovpnconfig exists and is not empty
+	if [ -s /var/ipfire/ovpn/ovpnconfig ]; then
+	       # Identify all n2n connections
+	       for y in $(awk -F',' '/net/ { print $3 }' /var/ipfire/ovpn/ovpnconfig); do
+	           # Add the legacy option to all N2N client conf files if it does not already exist
+			if [ $(grep -c "Open VPN Client Config" /var/ipfire/ovpn/n2nconf/${y}/${y}.conf) -eq 1 ] ; then
+				if [ $(grep -c "providers legacy default" /var/ipfire/ovpn/n2nconf/${y}/${y}.conf) -eq 0 ] ; then
+					echo "providers legacy default" >> /var/ipfire/ovpn/n2nconf/${y}/${y}.conf
+				fi
+			fi
+	       done
+	fi
 
 	return 0
 }