Home Explore Help
Sign In
Apq
/
MoeClub-Note
mirror of https://github.com/MoeClub/Note.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Add files via upload

MoeClub 3 years ago
parent
3f681f9b69
commit
365100cc80
2 changed files with 4 additions and 4 deletions
Split View Show Diff Stats
  1. 2 2
      AnyConnect/build/client.sh
  2. 2 2
      AnyConnect/build/ctl.sh

+ 2 - 2
AnyConnect/build/client.sh
View File 

@@ -43,7 +43,7 @@ done
 
 
 
 if [ ! -f ./ca.cert.pem -o ! -f ./ca.key.pem ]; then
 
-  openssl req -x509 -sha256 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -nodes -days 3650 -subj "/C=/ST=/L=/OU=/O=/CN=${OrgName} CA" -addext "keyUsage=critical, keyCertSign, cRLSign" -outform PEM -keyout ./ca.key.pem -out ./ca.cert.pem  >/dev/null 2>&1
 
+  openssl req -x509 -sha256 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -nodes -days 3650 -subj "/C=  /ST= /L= /O= /OU= /CN=${OrgName} CA" -addext "keyUsage=critical, keyCertSign, cRLSign" -outform PEM -keyout ./ca.key.pem -out ./ca.cert.pem  >/dev/null 2>&1
 
   [ $? -ne 0 ] && echo "Generating CA Fail" && exit 1
 
   cp -rf ./ca.cert.pem ../ca.cert.pem
 
 fi
 
@@ -52,7 +52,7 @@ if [ "$INIT" == "1" ]; then
 
   exit 0
 
 fi
 
 
-openssl req -x509 -sha256 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -nodes -days 3650 -subj "/C=/ST=/L=/OU=${GroupName}/O=/CN=${OrgName}.${GroupName}" -addext "keyUsage=critical, digitalSignature" -outform PEM -keyout ./user.key.pem -out ./user.cert.pem  >/dev/null 2>&1
 
+openssl req -x509 -sha256 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -nodes -days 3650 -subj "/C=  /ST= /L= /OU=${GroupName}/O= /CN=${OrgName}.${GroupName}" -addext "keyUsage=critical, digitalSignature" -outform PEM -keyout ./user.key.pem -out ./user.cert.pem  >/dev/null 2>&1
 
 [ $? -ne 0 ] && echo "Generating Cert Fail" && exit 1
 
 
 cat ./ca.cert.pem >>./user.cert.pem

+ 2 - 2
AnyConnect/build/ctl.sh
View File 

@@ -45,7 +45,7 @@ if [ "$ARG" == "CHECK" ]; then
 
   cat /proc/net/tcp |grep -q "^\s*[0-9]\+:\s*[0-9A-Za-z]\+:${TCPHEX}\s*[0-9A-Za-z]\+:[0-9A-Za-z]\+\s*0A\s*"
 
   [ "$?" -eq 0 ] && exit 0 || exit 1
 
 elif [ "$ARG" == "INIT" ]; then
 
-  openssl req -x509 -sha256 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -nodes -days 3650 -subj "/C=/ST=/L=/O=/OU=/CN=*" -addext "keyUsage=critical, digitalSignature" -outform PEM -keyout "${ConfigPath}/server.key.pem" -out "${ConfigPath}/server.cert.pem" >/dev/null 2>&1
 
+  openssl req -x509 -sha256 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -nodes -days 3650 -subj "/C=  /ST= /L= /O= /OU= /CN=0.0.0.0" -addext "keyUsage=critical, digitalSignature, keyEncipherment" -addext "extendedKeyUsage=serverAuth, clientAuth" -outform PEM -keyout "${ConfigPath}/server.key.pem" -out "${ConfigPath}/server.cert.pem" >/dev/null 2>&1
 
   [ $? -ne 0 ] && echo "Generating Server Cert Fail" && exit 1
 
   chown -R root:root "${ConfigPath}"
 
   chmod -R 755 "${ConfigPath}"
 
@@ -67,7 +67,7 @@ elif [ "$ARG" == "PASSWD" ]; then
 
   [ -n "$2" ] && GenPasswd "$2" && exit 0 || exit 1
 
 fi
 
 
-Ether=`ip route show default |sed 's/.*dev\s*\([0-9a-zA-Z]\+\).*/\1/g'`
 
+Ether=`ip route show default |head -n1 |sed 's/.*dev\s*\([0-9a-zA-Z]\+\).*/\1/g'`
 
 [ -n "$Ether" ] || exit 1
 
 
 [ -f "${ConfigPath}/group/NoRoute" ] && Address="$(GetAddress)" && [ -n "$Address" ] &&  sed -i "s/^no-route\s*=\s*.*\/255.255.255.255/no-route = ${Address}\/255.255.255.255/" "${ConfigPath}/group/NoRoute"