Shellpki is a very tiny and easy PKI in command lines.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

25 lines
670 B

  1. #!/bin/sh
  2. #
  3. # cn-filter.sh is a client-connect script for OpenVPN server
  4. # It allow clients to connect only if their CN is in $AUTH_FILE
  5. #
  6. # You need this parameters in your's server config :
  7. #
  8. # script-security 3
  9. # client-connect <path-to-cn-filter>/cn-filter.sh
  10. #
  11. set -u
  12. AUTH_FILE="/etc/openvpn/authorized_cns"
  13. grep -qE "^${common_name}$" "${AUTH_FILE}"
  14. if [ "$?" -eq 0 ]; then
  15. logger -i -t openvpn-cn-filter -p auth.info "Accepted login for ${common_name} from ${trusted_ip} port ${trusted_port}"
  16. exit 0
  17. else
  18. logger -i -t openvpn-cn-filter -p auth.notice "Failed login for ${common_name} from ${trusted_ip} port ${trusted_port}"
  19. fi
  20. exit 1