Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-27 16:16:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update IKEv2 script

Browse Source 
- For the Ubuntu 18.04 NSS bug fix, use mirrors.kernel.org, which
  is an Ubuntu mirror that supports HTTPS, instead of HTTP-only
  security.ubuntu.com
- Minor fix: When uninstalling IKEv2, delete keys in addition to
  certificates from the IPsec database
This commit is contained in:
hwdsl2 2021-01-21 23:07:24 -06:00
parent 0199df0369
commit 47b5cd01c1
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
extras/ikev2setup.sh
View File

@ -837,8 +837,8 @@ apply_ubuntu1804_nss_fix() {
if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] && [ "$os_arch" = "x86_64" ]; then
bigecho "Applying fix for NSS bug on Ubuntu 18.04..."
nss_url1="http://security.ubuntu.com/ubuntu/pool/main/n/nss"
nss_url2="http://security.ubuntu.com/ubuntu/pool/universe/n/nss"
nss_url1="https://mirrors.kernel.org/ubuntu/pool/main/n/nss"
nss_url2="https://mirrors.kernel.org/ubuntu/pool/universe/n/nss"
nss_deb1="libnss3_3.49.1-1ubuntu1.5_amd64.deb"
nss_deb2="libnss3-dev_3.49.1-1ubuntu1.5_amd64.deb"
nss_deb3="libnss3-tools_3.49.1-1ubuntu1.5_amd64.deb"
@ -992,9 +992,11 @@ delete_ikev2_conf() {
delete_certificates() {
bigecho "Deleting certificates from the IPsec database..."
certutil -L -d sql:/etc/ipsec.d | grep -v -e '^$' -e 'IKEv2 VPN CA' | tail -n +3 | cut -f1 -d ' ' | while read -r line; do
certutil -D -d sql:/etc/ipsec.d -n "$line"
certutil -F -d sql:/etc/ipsec.d -n "$line"
certutil -D -d sql:/etc/ipsec.d -n "$line" 2>/dev/null
done
certutil -D -d sql:/etc/ipsec.d -n "IKEv2 VPN CA"
certutil -F -d sql:/etc/ipsec.d -n "IKEv2 VPN CA"
certutil -D -d sql:/etc/ipsec.d -n "IKEv2 VPN CA" 2>/dev/null
}
print_ikev2_removed_message() {