]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/commitdiff
projects / people / teissler / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 310a18f)
Fixed update script, added ovpn lease db + settings.
authorMarcus Scholz <commander1024@ipfire.org>
Sat, 5 Sep 2009 11:13:37 +0000 (13:13 +0200)
committerMarcus Scholz <commander1024@ipfire.org>
Sat, 5 Sep 2009 11:13:37 +0000 (13:13 +0200)
Besides an error in the update.sh file, openvpn now uses a lease file, to
to be able to "remember" dynamic ips not just for runtime but beyond reboots
or restarts of openvpn.
Also modified rootfiles and cgi as well as lfs.

config/rootfiles/common/openvpn patch | blob | blame | history
config/rootfiles/core/31/update.sh patch | blob | blame | history
html/cgi-bin/ovpnmain.cgi patch | blob | blame | history
lfs/openvpn patch | blob | blame | history

diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn
index 7d60e3c947947ed995d3781be5903fd8fae69dd0..47b42f991b6df109b08b3ea10bca540f93f32337 100644 (file)
--- a/config/rootfiles/common/openvpn
+++ b/config/rootfiles/common/openvpn
@@ -13,3 +13,4 @@ var/ipfire/ovpn/openssl/ovpn.cnf
 var/ipfire/ovpn/ovpnconfig
 var/ipfire/ovpn/settings
 var/ipfire/ovpn/verify
+var/ipfire/ovpn/ovpn-leases.db
diff --git a/config/rootfiles/core/31/update.sh b/config/rootfiles/core/31/update.sh
index ebb5083a9abec27370718567fc2d7318d8998f75..fcbee29baf081c61d6ca46ef35925de7ef5b67cf 100644 (file)
--- a/config/rootfiles/core/31/update.sh
+++ b/config/rootfiles/core/31/update.sh
@@ -119,10 +119,20 @@ grub-install --no-floppy ${ROOT::`expr length $ROOT`-1} --recheck
 #
 # Add "script-security 3 system" to openvpn config
 #
-if [ ! -s "/var/ipfire/ovpn/server.conf" ]; then
+if [ ! -x "/var/ipfire/ovpn/server.conf" ]; then
        grep -q "script-security" /var/ipfire/ovpn/server.conf \
        || echo "script-security 3 system" >> /var/ipfire/ovpn/server.conf
 fi
+
+if [ ! -x "/var/ipfire/ovpn/server.conf" ]; then
+       grep -q "ipp-persist" /var/ipfire/ovpn/server.conf \
+       || echo "ipp-persist /var/ipfire/ovpn/ovpn-leases.db" >> /var/ipfire/ovpn/server.conf
+fi
+
+if [ ! -x "/var/ipfire/ovpn/ovpn-leases.db" ]; then
+       touch /var/ipfire/ovpn/ovpn-leases.db
+fi
+        
 #
 # Delete old lm-sensor modullist...
 #
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 8a8390a8f7f5430cf432ecc30583b836d10d210c..b982ee99ae6b277a4da7747b87cfa29f7bfa7989 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -320,6 +320,7 @@ sub writeserverconf {
     print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
     print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
     print CONF "script-security 3 system\n";
+    print CONF "ipp-persist /var/ipfire/ovpn/ovpn-leases.db\n";
     print CONF "tls-server\n";
     print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
     print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
diff --git a/lfs/openvpn b/lfs/openvpn
index e118f8b6cbc6cef472247d9c5749c0657601b722..2537a91c6947a7f57872e879b5608fdc00176edd 100644 (file)
--- a/lfs/openvpn
+++ b/lfs/openvpn
@@ -75,8 +75,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        cd $(DIR_APP) && make $(MAKETUNING)
        cd $(DIR_APP) && make install
        cd $(DIR_APP) && cp -Rvf $(DIR_SRC)/config/ovpn /var/ipfire
-       -mkdir -p /var/ipfire/ovpn/ca
-       -mkdir -p /var/ipfire/ovpn/crls
+       -mkdir -vp /var/ipfire/ovpn/ca
+       -mkdir -vp /var/ipfire/ovpn/crls
+       touch /var/ipfire/ovpn/ovpn-leases.db
+        chmod 700 /var/ipfire/ovpn/ovpn-leases.db
        chown -R nobody:nobody /var/ipfire/ovpn
        chown root.nobody /var/log/ovpnserver.log
        chmod 755 /var/ipfire/ovpn/verify
Timo's tree of IPFire 2.x