From e3c71af1466da42403fa23bc23e7e530df71c6c8 Mon Sep 17 00:00:00 2001
From: Kim Hagen <kim@sentrium.io>
Date: Thu, 2 Sep 2021 09:58:42 -0500
Subject: remove secrets file if the tunnel is deleted and fix opmode commands

---
 op-mode-definitions/openvpn.xml.in  | 14 +++++++-------
 src/conf_mode/interfaces-openvpn.py |  4 ++++
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/op-mode-definitions/openvpn.xml.in b/op-mode-definitions/openvpn.xml.in
index ee3b073b5..6549976c5 100644
--- a/op-mode-definitions/openvpn.xml.in
+++ b/op-mode-definitions/openvpn.xml.in
@@ -59,27 +59,27 @@
                 <properties>
                   <help>Show OpenVPN interface users</help>
                   <completionHelp>
-                    <script>sudo ${vyos_completion_dir}/list_openvpn_users.py --interface "$4"</script>
+                    <script>sudo ${vyos_completion_dir}/list_openvpn_users.py --interface ${COMP_WORDS[3]}</script>
                   </completionHelp>
                 </properties>
                 <children>
-                  <leafNode name="2fa secret">
+                  <leafNode name="2fa-secret">
                     <properties>
                       <help>Show 2fa authentication secret</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$4" --intf="$6" --action=sercret</command>
+                    <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=secret</command>
                   </leafNode>
-                  <leafNode name="2fa otpauth uri">
+                  <leafNode name="2fa-uri">
                     <properties>
                       <help>Show 2fa otpauth uri</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$4" --intf="$6" --action=uri</command>
+                    <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=uri</command>
                   </leafNode>
-                  <leafNode name="2fa QR code">
+                  <leafNode name="2fa-QRcode">
                     <properties>
                       <help>Show 2fa QR code</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$4" --intf="$6" --action=qrcode</command>
+                    <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=qrcode</command>
                   </leafNode>
                 </children>
               </tagNode>
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index efab07ddc..194126a34 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -177,6 +177,10 @@ def verify_pki(openvpn):
 
 def verify(openvpn):
     if 'deleted' in openvpn:
+        # remove totp secrets file if totp is not configured
+        if os.path.isfile(otp_file.format(**openvpn)):
+            os.remove(otp_file.format(**openvpn))
+
         verify_bridge_delete(openvpn)
         return None
 
-- 
cgit v1.2.3