summaryrefslogtreecommitdiff
path: root/src/conf_mode/vpn_sstp.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/conf_mode/vpn_sstp.py')
-rwxr-xr-xsrc/conf_mode/vpn_sstp.py30
1 files changed, 11 insertions, 19 deletions
diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py
index 205702a9f..8583ece74 100755
--- a/src/conf_mode/vpn_sstp.py
+++ b/src/conf_mode/vpn_sstp.py
@@ -32,15 +32,11 @@ pidfile = r'/var/run/accel_sstp.pid'
sstp_cnf_dir = r'/etc/accel-ppp/sstp'
chap_secrets = sstp_cnf_dir + '/chap-secrets'
sstp_conf = sstp_cnf_dir + '/sstp.config'
-ssl_cert_dir = r'/config/user-data/sstp'
# config path creation
if not os.path.exists(sstp_cnf_dir):
os.makedirs(sstp_cnf_dir)
-if not os.path.exists(ssl_cert_dir):
- os.makedirs(ssl_cert_dir)
-
sstp_config = """### generated by vpn_sstp.py ###
[modules]
log_syslog
@@ -74,9 +70,9 @@ disable
[sstp]
verbose=1
accept=ssl
-ssl-ca-file=/config/user-data/sstp/{{ ssl_ca }}
-ssl-pemfile=/config/user-data/sstp/{{ ssl_cert }}
-ssl-keyfile=/config/user-data/sstp/{{ ssl_key }}
+ssl-ca-file={{ ssl_ca }}
+ssl-pemfile={{ ssl_cert }}
+ssl-keyfile={{ ssl_key }}
{% if client_ip_pool %}
[ip-pool]
@@ -452,22 +448,18 @@ def verify(sstp):
if not sstp['ssl_ca'] or not sstp['ssl_cert'] or not sstp['ssl_key']:
raise ConfigError('One or more SSL certificates missing')
- ssl_path = ssl_cert_dir + '/'
- if not os.path.exists(ssl_path + sstp['ssl_ca']):
- ca = ssl_path + sstp['ssl_ca']
- raise ConfigError(f'CA cert file {ca} does not exist')
+ if not os.path.exists(sstp['ssl_ca']):
+ raise ConfigError(f"CA cert file {sstp['ssl_ca']} does not exist")
- if not os.path.exists(ssl_path + sstp['ssl_cert']):
- cert = ssl_path + sstp['ssl_cert']
- raise ConfigError(f'SSL cert file {cert} does not exist')
+ if not os.path.exists(sstp['ssl_cert']):
+ raise ConfigError(f"SSL cert file {sstp['ssl_cert']} does not exist")
- if not os.path.exists(ssl_path + sstp['ssl_key']):
- key = ssl_path + sstp['ssl_key']
- raise ConfigError(f'SSL key file {key} does not exist')
+ if not os.path.exists(sstp['ssl_key']):
+ raise ConfigError(f"SSL key file {sstp['ssl_key']} does not exist")
if sstp['auth_mode'] == 'radius':
if len(sstp['radius_server']) == 0:
- raise ConfigError('RADIUS authentication requires at least one server')
+ raise ConfigError("RADIUS authentication requires at least one server")
for radius in sstp['radius_server']:
if not radius['key']:
@@ -489,7 +481,7 @@ def generate(sstp):
with open(chap_secrets, 'w') as f:
f.write(config_text)
- os.chmod(chap_secrets, S_IRUSR | S_IWUSR | S_IRGRP )
+ os.chmod(chap_secrets, S_IRUSR | S_IWUSR | S_IRGRP)
else:
if os.path.exists(chap_secrets):
os.unlink(chap_secrets)