summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-04-12 11:42:27 +0200
committerChristian Poessinger <christian@poessinger.com>2020-04-12 12:04:47 +0200
commit7065330dc023241f5aed98e2233d212c528db60f (patch)
tree0a85f074f682346ab7b7ffe659a0e54719a568d0
parent895ef8729493a566631128908c4cfe848a781a0d (diff)
downloadvyos-1x-7065330dc023241f5aed98e2233d212c528db60f.tar.gz
vyos-1x-7065330dc023241f5aed98e2233d212c528db60f.zip
openvpn: T2273: cleanup client config generation
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py25
1 files changed, 11 insertions, 14 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index d7ac6017b..974aeea69 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -661,9 +661,11 @@ def generate(openvpn):
interface = openvpn['intf']
directory = os.path.dirname(get_config_name(interface))
- # we can't know which clients were deleted, remove all client configs
- if os.path.isdir(os.path.join(directory, 'ccd', interface)):
- rmtree(os.path.join(directory, 'ccd', interface), ignore_errors=True)
+ # we can't know in advance which clients have been,
+ # remove all client configs
+ ccd_dir = os.path.join(directory, 'ccd', interface)
+ if os.path.isdir(ccd_dir):
+ rmtree(ccd_dir, ignore_errors=True)
# create config directory on demand
directories = []
@@ -680,21 +682,21 @@ def generate(openvpn):
fix_permissions.append(openvpn['tls_key'])
# Generate User/Password authentication file
+ user_auth_file = f'/tmp/openvpn-{interface}-pw'
if openvpn['auth']:
- auth_file = '/tmp/openvpn-{}-pw'.format(interface)
- with open(auth_file, 'w') as f:
+ with open(user_auth_file, 'w') as f:
f.write('{}\n{}'.format(openvpn['auth_user'], openvpn['auth_pass']))
# also change permission on auth file
- fix_permissions.append(auth_file)
+ fix_permissions.append(user_auth_file)
else:
# delete old auth file if present
- if os.path.isfile('/tmp/openvpn-{}-pw'.format(interface)):
- os.remove('/tmp/openvpn-{}-pw'.format(interface))
+ if os.path.isfile(user_auth_file):
+ os.remove(user_auth_file)
# Generate client specific configuration
for client in openvpn['client']:
- client_file = directory + '/ccd/' + interface + '/' + client['name']
+ client_file = os.path.join(ccd_dir, client['name'])
tmpl = env.get_template('client.conf.tmpl')
client_text = tmpl.render(client)
with open(client_file, 'w') as f:
@@ -732,11 +734,6 @@ def apply(openvpn):
if os.path.isdir(ccd_dir):
rmtree(ccd_dir, ignore_errors=True)
- # cleanup auth file
- user_auth_file = f'/tmp/openvpn-{interface}-pw'
- if os.path.isfile(user_auth_file):
- os.remove(user_auth_file)
-
return None
# On configuration change we need to wait for the 'old' interface to