From: Adolf Belka Date: Mon, 5 Jun 2023 11:55:29 +0000 (+0200) Subject: backup.pl: Fixes Bug#13137 - Existing n2n client connection created with openssl... X-Git-Tag: v2.27-core175~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9eb2086e0f3b6feb6e52d01c7faf5d79791650ea;p=ipfire-2.x.git backup.pl: Fixes Bug#13137 - Existing n2n client connection created with openssl-1.1.1x fails to start with openssl-3.x - This code adds the "providers legacy default" line into OpenVPN N2N Client config files when restoring them in case it is missing from a backup earlier than CU175. Only adds the line if it is not already present. - Tested out on my vm testbed system Fixes: Bug#13137 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Reviewed-by: Michael Tremer --- diff --git a/config/backup/backup.pl b/config/backup/backup.pl index 96e794439f..8d990c0f1f 100644 --- a/config/backup/backup.pl +++ b/config/backup/backup.pl @@ -189,6 +189,21 @@ restore_backup() { # Update OpenVPN CRL /etc/fcron.daily/openvpn-crl-updater + + # Update OpenVPN N2N Client Configs + ## Add providers legacy default line to n2n client config files + # Check if ovpnconfig exists and is not empty + if [ -s /var/ipfire/ovpn/ovpnconfig ]; then + # Identify all n2n connections + for y in $(awk -F',' '/net/ { print $3 }' /var/ipfire/ovpn/ovpnconfig); do + # Add the legacy option to all N2N client conf files if it does not already exist + if [ $(grep -c "Open VPN Client Config" /var/ipfire/ovpn/n2nconf/${y}/${y}.conf) -eq 1 ] ; then + if [ $(grep -c "providers legacy default" /var/ipfire/ovpn/n2nconf/${y}/${y}.conf) -eq 0 ] ; then + echo "providers legacy default" >> /var/ipfire/ovpn/n2nconf/${y}/${y}.conf + fi + fi + done + fi return 0 }