Revert "openconnect: move certificate files to config/ to add graceful upgrade"

author Nikos Mavrogiannopoulos <[email protected]>

Mon, 19 Jan 2015 21:37:43 +0000 (22:37 +0100)

committer Nikos Mavrogiannopoulos <[email protected]>

Mon, 19 Jan 2015 22:15:54 +0000 (23:15 +0100)
author Nikos Mavrogiannopoulos <[email protected]>
Mon, 19 Jan 2015 21:37:43 +0000 (22:37 +0100)
committer Nikos Mavrogiannopoulos <[email protected]>
Mon, 19 Jan 2015 22:15:54 +0000 (23:15 +0100)
diff --git a/net/openconnect/README b/net/openconnect/README

index 11e98f5ea779d188cb9ba1ae02866c08d0a5160f..3cd562194adcf4e9478f2c7005e72521f113ef69 100644 (file)
--- a/net/openconnect/README
+++ b/net/openconnect/README
@@ -14,9 +14,9 @@ config interface 'MYVPN'
          option authgroup 'DEFAULT'
  
  The additional files are also used:
-/etc/config/openconnect-user-cert-vpn-MYVPN.pem: The user certificate
-/etc/config/openconnect-user-key-vpn-MYVPN.pem: The user private key
-/etc/config/openconnect-ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
+/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate
+/etc/openconnect/user-key-vpn-MYVPN.pem: The user private key
+/etc/openconnect/ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
  
  After these are setup you can initiate the VPN using "ifup MYVPN", and
  deinitialize it using ifdown. You may also use the luci web interface
diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh

index 2d3f7141cade06ecb28f0539225f243bd00bab83..553a4ed51ac4a82fdae4413f42bad8e8f6489543 100755 (executable)
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -38,19 +38,12 @@ proto_openconnect_setup() {
  
         cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
  
-       # migrate to new config files
-       [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && mv "/etc/openconnect/user-cert-vpn-$config.pem" "/etc/config/openconnect-user-cert-vpn-$config.pem"
-       [ -f /etc/openconnect/user-key-vpn-$config.pem ] && mv "/etc/openconnect/user-key-vpn-$config.pem" "/etc/config/openconnect-user-key-vpn-$config.pem"
-       [ -f /etc/openconnect/ca-vpn-$config.pem ] && mv "/etc/openconnect/ca-vpn-$config.pem" "/etc/config/openconnect-ca-vpn-$config.pem"
-
-       # read new config files
-       [ -f /etc/config/openconnect-user-cert-vpn-$config.pem ] && append cmdline "-c /etc/config/openconnect-user-cert-vpn-$config.pem"
-       [ -f /etc/config/openconnect-user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/config/openconnect-user-key-vpn-$config.pem"
-       [ -f /etc/config/openconnect-ca-vpn-$config.pem ] && {
+       [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
+       [ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
+       [ -f /etc/openconnect/ca-vpn-$config.pem ] && {
                 append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
                 append cmdline "--no-system-trust"
         }
-
         [ -n "$serverhash" ] && {
                 append cmdline " --servercert=$serverhash"
                 append cmdline "--no-system-trust"
author	Nikos Mavrogiannopoulos <[email protected]>
	Mon, 19 Jan 2015 21:37:43 +0000 (22:37 +0100)
committer	Nikos Mavrogiannopoulos <[email protected]>
	Mon, 19 Jan 2015 22:15:54 +0000 (23:15 +0100)
net/openconnect/README		patch \| blob \| history
net/openconnect/files/openconnect.sh		patch \| blob \| history