bin/ovpn-key in ovpn-key-0.7.4 vs bin/ovpn-key in ovpn-key-0.7.5
- old
+ new
@@ -21,13 +21,13 @@
end
opts.on("--dh", "Generate a DH keyfile (dh.pem)") do |v|
# it's safe to overwrite this file
options[:generate_dh] = v
end
- opts.on("--static [name]", "Generate OpenVPN static key (defaults to 'ta')") do |v|
- options[:generate_static] = v ? v : "ta"
- check_crt(options[:generate_static])
+ opts.on("--static", "Generate OpenVPN static key (ta.key)") do |v|
+ options[:generate_static] = v
+ check_crt("ta")
end
opts.on("--server [name]", "Generate a server key (defaults to 'server')") do |v|
options[:generate_server] = v ? v : "server"
check_crt(options[:generate_server])
end
@@ -87,12 +87,12 @@
abort "Run `#{File.basename $0} --init` before generating certificates"
end
ZIP_DIR = settings['zip_dir'] || '~'
OPENVPN = settings['openvpn'] || 'openvpn'
OPENSSL = settings['openssl'] || 'openssl'
-KEY_SIZE = settings['key_size'] || 2048
ENCRYPT = settings['encrypt'] || 'aes128'
+KEY_SIZE = settings['key_size'] || 2048
CA_DAYS = settings['ca_days'] || 3650
CN_CA = settings['ca_name'] || 'Certification Authority'
REQ = settings['details']
if options[:generate_ca]
@@ -102,11 +102,11 @@
end
if options[:generate_dh]
exe "#{OPENSSL} dhparam -out dh.pem #{KEY_SIZE}"
end
if options[:generate_static]
- exe "#{OPENVPN} --genkey --secret '#{options[:generate_static]}.key'"
+ exe "#{OPENVPN} --genkey --secret ta.key"
end
if options[:generate_server]
gen_and_sign('server', options[:generate_server], options[:no_password])
end
if options[:generate_client]
@@ -134,10 +134,10 @@
f.write "cert #{options[:generate_zip]}.crt\nkey #{options[:generate_zip]}.key\n"
}
[ 'ca.crt', "#{options[:generate_zip]}.crt", "#{options[:generate_zip]}.key"].each {|i|
zip.add(i, i)
}
- # TODO: include TLS key if specified in config with tls-auth/tls-crypt
+ zip.add('ta.key', 'ta.key') if File.exist? 'ta.key'
end
end
if options[:revoke]
exe "#{OPENSSL} ca -revoke '#{options[:revoke]}.crt' -config #{SSL_CONF}"
gen_crl