From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 2/2] update.sh: Fixes Bug#13137 - Existing n2n client
 connection created with openssl-1.1.1x fails to start with openssl-3.x
Date: Mon, 05 Jun 2023 14:00:52 +0200
Message-ID: <54b9b04f-f4b1-d78e-3ff6-1c119e20681e@ipfire.org>
In-Reply-To: <F0C42BC1-8434-4FA7-A546-0BEFBC98B7AD@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2841408474310155835=="
List-Id: <development.lists.ipfire.org>

--===============2841408474310155835==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi Michael,

On 05/06/2023 12:32, Michael Tremer wrote:
> Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>
>=20
> We need to consider that people might overwrite this when they restore an o=
lder backup.
>=20
> So I am not sure whether we want those lines added to the backup scripts as=
 well.
That is a good idea. I have created a patch to do that, tested it out and it =
worked. It only adds the line if it doesn't already exist. The patch has been=
 submitted.

Regards,
Adolf.
>=20
> -Michael
>=20
>> On 4 Jun 2023, at 19:57, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>
>> - This modification will check if ovpnconfig exists and is not empty. If s=
o then it will
>>    check for all n2n connections and if they are Client configs will check=
 if
>>    "providers legacy default" is not already present and if so will add it.
>>
>> Fixes: Bug#13137
>> Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
>> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
>> ---
>> config/rootfiles/core/175/update.sh | 14 ++++++++++++++
>> 1 file changed, 14 insertions(+)
>>
>> diff --git a/config/rootfiles/core/175/update.sh b/config/rootfiles/core/1=
75/update.sh
>> index 5e45c819f..82676bc72 100644
>> --- a/config/rootfiles/core/175/update.sh
>> +++ b/config/rootfiles/core/175/update.sh
>> @@ -177,6 +177,20 @@ if [ -e /boot/pakfire-kernel-update ]; then
>>      /boot/pakfire-kernel-update ${KVER}
>> fi
>>
>> +## Add providers legacy default line to n2n client config files
>> +# Check if ovpnconfig exists and is not empty
>> +if [ -s /var/ipfire/ovpn/ovpnconfig ]; then
>> +       # Identify all n2n connections
>> +       for y in $(awk -F',' '/net/ { print $3 }' /var/ipfire/ovpn/ovpncon=
fig); do
>> +           # Add the legacy option to all N2N client conf files
>> + if [ $(grep -c "Open VPN Client Config" /var/ipfire/ovpn/n2nconf/${y}/${=
y}.conf) -eq 1 ] ; then
>> + if [ $(grep -c "providers legacy default" /var/ipfire/ovpn/n2nconf/${y}/=
${y}.conf) -eq 0 ] ; then
>> + echo "providers legacy default" >> /var/ipfire/ovpn/n2nconf/${y}/${y}.co=
nf
>> + fi
>> + fi
>> +       done
>> +fi
>> +
>> # This update needs a reboot...
>> touch /var/run/need_reboot
>>
>> --=20
>> 2.40.1
>>
>=20

--===============2841408474310155835==--