Skip to content

Commit

Permalink
fix: openvpn_server - generate
Browse files Browse the repository at this point in the history
  • Loading branch information
genofire committed Jan 2, 2024
1 parent 3cadeaf commit 2650898
Showing 1 changed file with 16 additions and 12 deletions.
28 changes: 16 additions & 12 deletions plugins/module_utils/openvpn_server.py
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,10 @@ def _validate_params(self):
for param in ['shared_key', 'tls']:
if params[param] is not None:
key = params[param]
if re.search('^-----BEGIN OpenVPN Static key V1-----.*-----END OpenVPN Static key V1-----$', key, flags=re.MULTILINE | re.DOTALL):
if key == 'generate':
# generate during _find_target (after _params_to_obj) - for just generate if not exists
pass
elif re.search('^-----BEGIN OpenVPN Static key V1-----.*-----END OpenVPN Static key V1-----$', key, flags=re.MULTILINE | re.DOTALL):
params[param] = base64.b64encode(key.encode()).decode()
else:
key_decoded = base64.b64decode(params[param].encode()).decode()
Expand Down Expand Up @@ -283,21 +286,15 @@ def _get_params_to_remove(self):

def _copy_and_update_target(self):
""" update the XML target_elt """
before = self.pfsense.element_to_dict(self.target_elt)
(before, changed) = super(PFSenseOpenVPNServerModule, self)._copy_and_update_target()

# Check if local port is used
self._openvpn_port_used(self.params['protocol'], self.params['interface'], self.params['local_port'], before['vpnid'])
changed = self.pfsense.copy_dict_to_element(self.obj, self.target_elt)
if self._remove_deleted_params():
changed = True

self.diff['before'] = before
if changed:
self.diff['after'] = self.pfsense.element_to_dict(self.target_elt)
self.result['changed'] = True
else:

if not changed:
self.diff['after'] = self.obj

self.result['vpnid'] = int(self.diff['before']['vpnid'])
self.result['vpnid'] = int(before['vpnid'])
return (before, changed)

def _create_target(self):
Expand All @@ -316,6 +313,13 @@ def _create_target(self):
def _find_target(self):
""" find the XML target_elt """
(target_elt, self.idx) = self._find_openvpn_server(self.obj['description'])
for param in ['shared_key', 'tls']:
before_value = self.pfsense.get_element(param, target_elt)
if before_value is None and self.params[param] == 'generate':
(unused, key, stderr) = self.module.run_command('/usr/local/sbin/openvpn --genkey secret /dev/stdout')
if stderr != "":
self.module.fail_json(msg='generate for "{0}" secret key: {1}'.format(param, stderr))
self.obj[param] = base64.b64encode(key.encode()).decode()
return target_elt

##############################
Expand Down

0 comments on commit 2650898

Please sign in to comment.