From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: Re: [PATCH 2/3] backup.pl: Remove the previous code for adding legacty provider to n2n Date: Sat, 10 Jun 2023 13:16:13 +0200 Message-ID: <5eddbfbc-1f0a-bdf9-36b5-80f9b783b487@ipfire.org> In-Reply-To: <3AAAC2AE-27F8-4B57-8104-147744CECA1A@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3946317333598551962==" List-Id: --===============3946317333598551962== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Michael, On 10/06/2023 12:16, Michael Tremer wrote: > I did not merge this, as I believe we need this, because: >=20 > We won=E2=80=99t rewrite the OpenVPN configuration files on update, so it m= ight be a good idea to just add the line and if someone edits the connection = it might be removed. The code in the backup.pl put the line into the config irrespective of=20 the certificate being legacy or not. With the ovpnmain.cgi code patch of this patch set, it now only adds the=20 providers legacy default to the config file if the cert is legacy when=20 downloading the connection set. This is now done for both n2n and=20 roadwarrior connection sets. >=20 > That should work I believe and -legacy should not have any side effects whe= n enabled but not needed. That is something I have not tested out but I think you are correct, it=20 shouldn't have any side affects. I think it is good to go now and I can always do any additional minor=20 tunings later in CU176 and onwards, otherwise we will be here for ever. Regards, Adolf. >=20 > Best, > -Michael >=20 >> On 7 Jun 2023, at 15:21, Adolf Belka wrote: >> >> - This code is no longer needed with the code in the ovpnmain.cgi patch in= this patch set. >> >> Tested-by: Adolf Belka >> Signed-off-by: Adolf Belka >> --- >> config/backup/backup.pl | 15 --------------- >> 1 file changed, 15 deletions(-) >> >> diff --git a/config/backup/backup.pl b/config/backup/backup.pl >> index 8d990c0f1..60138a58a 100644 >> --- a/config/backup/backup.pl >> +++ b/config/backup/backup.pl >> @@ -190,21 +190,6 @@ restore_backup() { >> # Update OpenVPN CRL >> /etc/fcron.daily/openvpn-crl-updater >> >> - # Update OpenVPN N2N Client Configs >> - ## Add providers legacy default line to n2n client config files >> - # Check if ovpnconfig exists and is not empty >> - if [ -s /var/ipfire/ovpn/ovpnconfig ]; then >> - # Identify all n2n connections >> - for y in $(awk -F',' '/net/ { print $3 }' /var/ipfire/ovpn/ovpncon= fig); do >> - # Add the legacy option to all N2N client conf files if it doe= s not already exist >> - if [ $(grep -c "Open VPN Client Config" /var/ipfire/ovpn/n2nconf/${y}/${= y}.conf) -eq 1 ] ; then >> - if [ $(grep -c "providers legacy default" /var/ipfire/ovpn/n2nconf/${y}/= ${y}.conf) -eq 0 ] ; then >> - echo "providers legacy default" >> /var/ipfire/ovpn/n2nconf/${y}/${y}.co= nf >> - fi >> - fi >> - done >> - fi >> - >> return 0 >> } >> >> --=20 >> 2.40.1 >> >=20 --=20 Sent from my laptop --===============3946317333598551962==--