Created
February 1, 2023 17:59
-
-
Save ppetr/40bb946a24ae62c5295d5ef2fddde107 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Copyright 2023 Google LLC | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| """Combines OpenVPN client keys and configuration files into a single file. | |
| This allows to distribute a single file to clients. | |
| See https://forums.openvpn.net/viewtopic.php?t=23767 | |
| """ | |
| import argparse | |
| import re | |
| import sys | |
| import atomicwrites | |
| PARSER = argparse.ArgumentParser(description=__doc__) | |
| PARSER.add_argument( | |
| "--config", required=True, help="client configuration text file") | |
| PARSER.add_argument("--key", required=True, help="client private key file") | |
| PARSER.add_argument( | |
| "--cert", required=True, help="client public key certificate file") | |
| PARSER.add_argument( | |
| "--ca", required=True, help="server public key certificate file") | |
| PARSER.add_argument( | |
| "--output", help="output config file; this can be same as --config") | |
| def replace_or_append(text, replacement, tag): | |
| """Replaces <tag>...</tag> in 'text' with 'replacement'. | |
| If there is no such tag in the file, it appends it at the end. | |
| The transformation is done using regular expressions. This means in | |
| particular that it's not suited for general XML processing, only for | |
| simple, non-nested tags. | |
| Returns: | |
| The modified value of 'text'. | |
| """ | |
| escaped_tag = re.escape(tag) | |
| pattern = "(?sm)<" + escaped_tag + ">(.*)</" + escaped_tag + ">\\s*" | |
| replacement = "<{0}>\n{1}\n</{0}>\n".format(tag, replacement.rstrip()) | |
| new_text, count = re.subn(pattern, replacement, text, count=1) | |
| if count == 0: | |
| new_text = text + replacement | |
| return new_text | |
| def main(arguments): | |
| """Main function that parses and uses command line 'arguments'.""" | |
| args = PARSER.parse_args(arguments) | |
| with open(args.config, mode="rt") as config: | |
| content = config.read() | |
| tags = {"ca": args.ca, "cert": args.cert, "key": args.key} | |
| for tag, path in tags.items(): | |
| with open(path, mode="rt") as data: | |
| content = replace_or_append(content, data.read(), tag) | |
| if args.output: | |
| with atomicwrites.atomic_write( | |
| args.output, overwrite=True, mode="wt") as config: | |
| config.write(content) | |
| else: | |
| print(content) | |
| if __name__ == "__main__": | |
| main(sys.argv[1:]) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment