feat: add VPNsecure.me support (#848)
- `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider
This commit is contained in:
Quentin McGaw
@@ -1,65 +1,56 @@
|
||||
package openvpn
|
||||
|
||||
import (
|
||||
"io"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// WriteAuthFile writes the OpenVPN auth file to disk with the right permissions.
|
||||
func (c *Configurator) WriteAuthFile(user, password string) error {
|
||||
file, err := os.Open(c.authFilePath)
|
||||
|
||||
if err != nil && !os.IsNotExist(err) {
|
||||
return err
|
||||
}
|
||||
|
||||
if os.IsNotExist(err) {
|
||||
file, err = os.OpenFile(c.authFilePath, os.O_WRONLY|os.O_CREATE, 0400)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = file.WriteString(user + "\n" + password)
|
||||
if err != nil {
|
||||
_ = file.Close()
|
||||
return err
|
||||
}
|
||||
err = file.Chown(c.puid, c.pgid)
|
||||
if err != nil {
|
||||
_ = file.Close()
|
||||
return err
|
||||
}
|
||||
return file.Close()
|
||||
}
|
||||
|
||||
data, err := io.ReadAll(file)
|
||||
if err != nil {
|
||||
_ = file.Close()
|
||||
return err
|
||||
}
|
||||
if err := file.Close(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
lines := strings.Split(string(data), "\n")
|
||||
if len(lines) > 1 && lines[0] == user && lines[1] == password {
|
||||
return nil
|
||||
}
|
||||
|
||||
c.logger.Info("username and password changed in " + c.authFilePath)
|
||||
file, err = os.OpenFile(c.authFilePath, os.O_TRUNC|os.O_WRONLY, 0400)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = file.WriteString(user + "\n" + password)
|
||||
if err != nil {
|
||||
_ = file.Close()
|
||||
return err
|
||||
}
|
||||
err = file.Chown(c.puid, c.pgid)
|
||||
if err != nil {
|
||||
_ = file.Close()
|
||||
return err
|
||||
}
|
||||
return file.Close()
|
||||
content := strings.Join([]string{user, password}, "\n")
|
||||
return writeIfDifferent(c.authFilePath, content, c.puid, c.pgid)
|
||||
}
|
||||
|
||||
// WriteAskPassFile writes the OpenVPN askpass file to disk with the right permissions.
|
||||
func (c *Configurator) WriteAskPassFile(passphrase string) error {
|
||||
return writeIfDifferent(c.askPassPath, passphrase, c.puid, c.pgid)
|
||||
}
|
||||
|
||||
func writeIfDifferent(path, content string, puid, pgid int) (err error) {
|
||||
fileStat, err := os.Stat(path)
|
||||
if err != nil && !os.IsNotExist(err) {
|
||||
return fmt.Errorf("obtaining file information: %w", err)
|
||||
}
|
||||
|
||||
const perm = os.FileMode(0400)
|
||||
var writeData, setChown bool
|
||||
if os.IsNotExist(err) {
|
||||
writeData = true
|
||||
setChown = true
|
||||
} else {
|
||||
data, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
return fmt.Errorf("reading file: %w", err)
|
||||
}
|
||||
writeData = string(data) != content
|
||||
setChown = fileStat.Mode().Perm() != perm
|
||||
}
|
||||
|
||||
if writeData {
|
||||
err = ioutil.WriteFile(path, []byte(content), perm)
|
||||
if err != nil {
|
||||
return fmt.Errorf("writing file: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
if setChown {
|
||||
err = os.Chown(path, puid, pgid)
|
||||
if err != nil {
|
||||
return fmt.Errorf("setting file permissions: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user