Revert "openconnect: move certificate files to config/ to add graceful upgrade"

author Nikos Mavrogiannopoulos <[email protected]>

Mon, 19 Jan 2015 21:37:43 +0000 (22:37 +0100)

committer Nikos Mavrogiannopoulos <[email protected]>

Mon, 19 Jan 2015 22:30:10 +0000 (23:30 +0100)
author Nikos Mavrogiannopoulos <[email protected]>
Mon, 19 Jan 2015 21:37:43 +0000 (22:37 +0100)
committer Nikos Mavrogiannopoulos <[email protected]>
Mon, 19 Jan 2015 22:30:10 +0000 (23:30 +0100)
diff --git a/net/openconnect/README b/net/openconnect/README

index 5c42fd103d21fa8eb46b2accc546bc1ddf77dabf..a9753f1522eb152c065fdc8fb3906d03a9d9d915 100644 (file)
--- a/net/openconnect/README
+++ b/net/openconnect/README
@@ -12,9 +12,9 @@ config interface 'MYVPN'
          option authgroup 'DEFAULT'
  
  The additional files are also used:
-/etc/config/openconnect-user-cert-vpn-MYVPN.pem: The user certificate
-/etc/config/openconnect-user-key-vpn-MYVPN.pem: The user private key
-/etc/config/openconnect-ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
+/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate
+/etc/openconnect/user-key-vpn-MYVPN.pem: The user private key
+/etc/openconnect/ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
  
  After these are setup you can initiate the VPN using "ifup MYVPN", and
  deinitialize it using ifdown. You may also use the luci web interface
diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh

index 2d3f7141cade06ecb28f0539225f243bd00bab83..553a4ed51ac4a82fdae4413f42bad8e8f6489543 100755 (executable)
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -38,19 +38,12 @@ proto_openconnect_setup() {
  
         cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
  
-       # migrate to new config files
-       [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && mv "/etc/openconnect/user-cert-vpn-$config.pem" "/etc/config/openconnect-user-cert-vpn-$config.pem"
-       [ -f /etc/openconnect/user-key-vpn-$config.pem ] && mv "/etc/openconnect/user-key-vpn-$config.pem" "/etc/config/openconnect-user-key-vpn-$config.pem"
-       [ -f /etc/openconnect/ca-vpn-$config.pem ] && mv "/etc/openconnect/ca-vpn-$config.pem" "/etc/config/openconnect-ca-vpn-$config.pem"
-
-       # read new config files
-       [ -f /etc/config/openconnect-user-cert-vpn-$config.pem ] && append cmdline "-c /etc/config/openconnect-user-cert-vpn-$config.pem"
-       [ -f /etc/config/openconnect-user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/config/openconnect-user-key-vpn-$config.pem"
-       [ -f /etc/config/openconnect-ca-vpn-$config.pem ] && {
+       [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
+       [ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
+       [ -f /etc/openconnect/ca-vpn-$config.pem ] && {
                 append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
                 append cmdline "--no-system-trust"
         }
-
         [ -n "$serverhash" ] && {
                 append cmdline " --servercert=$serverhash"
                 append cmdline "--no-system-trust"
author	Nikos Mavrogiannopoulos <[email protected]>
	Mon, 19 Jan 2015 21:37:43 +0000 (22:37 +0100)
committer	Nikos Mavrogiannopoulos <[email protected]>
	Mon, 19 Jan 2015 22:30:10 +0000 (23:30 +0100)
net/openconnect/README		patch \| blob \| history
net/openconnect/files/openconnect.sh		patch \| blob \| history