탐색 도움말
로그인
rajven
/
openvpn-status-page
의 미러 https://github.com/rajven/openvpn-status-page
1
0
포크 0
파일 이슈 0 위키
트리: 0721828ad1
브랜치 태그
openvpn-status-...
/
addons
/
cmd
/
functions.sh

functions.sh 2.2 KB
히스토리 Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. #!/bin/bash
    2. 

  2. 

  3. owner_user=nobody
    4. 

  4. owner_group=www-data
    5. 

  5. 

  6. # Name of the current script (without path)
    7. 

  7. script_name="$(basename "${BASH_SOURCE[0]}")"
    8. 

  8. 

  9. log() {
    10. 

  10.     logger -t "$script_name" -p user.info "$1"
    11. 

  11.     echo "$1"
    12. 

  12. }
    13. 

  13. 

  14. mlog() {
    15. 

  15.     logger -t "$script_name" -p user.info "$1"
    16. 

  16. }
    17. 

  17. 

  18. # Check permissions (must be root)
    19. 

  19. check_permissions() {
    20. 

  20.     if [[ $EUID -ne 0 ]]; then
    21. 

  21.         log "Error: This script must be run as root"
    22. 

  22.         exit 1
    23. 

  23.     fi
    24. 

  24. }
    25. 

  25. 

  26. # Validate that the path is a file or directory and is writable
    27. 

  27. check_ccd_path() {
    28. 

  28.     local path="$1"
    29. 

  29. 

  30.     if [[ -d "$path" ]]; then
    31. 

  31.         # It's a directory — check write permission
    32. 

  32.         if [[ ! -w "$path" ]]; then
    33. 

  33.             log "Error: No write permission for directory: $path"
    34. 

  34.             exit 1
    35. 

  35.         fi
    36. 

  36.     elif [[ -f "$path" ]]; then
    37. 

  37.         # It's a file — check write permission
    38. 

  38.         if [[ ! -w "$path" ]]; then
    39. 

  39.             log "Error: No write permission for file: $path"
    40. 

  40.             exit 1
    41. 

  41.         fi
    42. 

  42.     else
    43. 

  43.         # Path does not exist or is not a regular file/directory
    44. 

  44.         log "Error: Path does not exist or is not a file/directory: $path"
    45. 

  45.         exit 1
    46. 

  46.     fi
    47. 

  47. }
    48. 

  48. 

  49. validate_pki_dir() {
    50. 

  50.     local pki_dir=$1
    51. 

  51.     if [[ ! -d "${pki_dir}" || ! -f "${pki_dir}/index.txt" ]]; then
    52. 

  52.         log "Error: Invalid PKI directory - missing index.txt"
    53. 

  53.         exit 2
    54. 

  54.     fi
    55. 

  55. }
    56. 

  56. 

  57. find_cert_file() {
    58. 

  58.     local cn=$1 pki_dir=$2
    59. 

  59.     local cert_file
    60. 

  60. 

  61.     # Try standard location first
    62. 

  62.     cert_file="${pki_dir}/issued/${cn}.crt"
    63. 

  63.     [[ -f "${cert_file}" ]] && echo "${cert_file}" && return 0
    64. 

  64. 

  65.     # Fallback to serial-based lookup
    66. 

  66.     local serial
    67. 

  67.     serial=$(awk -v cn="${cn}" '$0 ~ "/CN=" cn "/" && $1 == "V" {print $3}' "${pki_dir}/index.txt")
    68. 

  68.     [[ -z "${serial}" ]] && return 1
    69. 

  69. 

  70.     cert_file="${pki_dir}/certs_by_serial/${serial}.pem"
    71. 

  71.     [[ -f "${cert_file}" ]] && echo "${cert_file}" && return 0
    72. 

  72. 

  73.     return 1
    74. 

  74. }
    75. 

  75. 

  76. find_key_file() {
    77. 

  77.     local cn=$1 pki_dir=$2 serial=$3
    78. 

  78.     local key_file
    79. 

  79. 

  80.     # Try standard locations
    81. 

  81.     for candidate in "${pki_dir}/private/${cn}.key" "${pki_dir}/private/${serial}.key"; do
    82. 

  82.         if [[ -f "${candidate}" ]]; then
    83. 

  83.             echo "${candidate}"
    84. 

  84.             return 0
    85. 

  85.         fi
    86. 

  86.     done
    87. 

  87. 

  88.     return 1
    89. 

  89. }
    90. 

  90. 

  91. mlog "Script called with: $0 $@"
    92.