Browse files

importing ovconf from file more robust: up and down hooks removed

  • Loading branch information...
pulpofred committed Mar 10, 2016
1 parent 0943c29 commit 28dbd5c3faf372fa898ef46155749f6c602e7ec6
Showing with 27 additions and 7 deletions.
  1. +20 −7 fruho/add_from_file.tcl
  2. +7 −0 fruho/main.tcl
@@ -88,10 +88,11 @@ proc ::from_file::ImportClicked {tab name} {
set profileid [name2id $newprofilename]
if {[are-selected-files-correct $::model::Gui_selected_files]} {
set tempdir [copy2temp $::model::Gui_selected_files]
puts stderr "tempdir: $tempdir"
puts stderr [log "tempdir: $tempdir"]
# find ovpn file in the bundle, if many take first
set ovpn [convert-config $tempdir]
puts stderr "\n$ovpn\n"
#puts stderr "\n$ovpn\n"
if {$ovpn eq ""} {
importline-update $pconf "No openvpn config in selected files" normal empty
@@ -102,7 +103,7 @@ proc ::from_file::ImportClicked {tab name} {
::ovconf::parse $ovpnfile
set slist [extract-servers $tempdir]
puts stderr "slist: $slist"
puts stderr [log "slist: $slist"]
if {$slist eq ""} {
importline-update $pconf "No server candidates in selected files" normal empty
@@ -182,6 +183,7 @@ proc ::from_file::find-ovpn-in {dir pattern {find_all 0}} {
# Convert 3rd party config into Fruho config
# take directory with the unzipped config files
# return ovpn config with inline certs
# If many ovpn configs found take the first one
proc ::from_file::convert-config {tempdir} {
set ovpnfile [find-ovpn-in $tempdir *]
if {$ovpnfile eq ""} {
@@ -193,18 +195,23 @@ proc ::from_file::convert-config {tempdir} {
if {$ovpnfile eq ""} {
return ""
# take the first found ovpn file
set ovpnfile [lindex $ovpnfile 0]
set ovpn [slurp $ovpnfile]
append ovpn \n
if {[ovconf inline-section-coords $ovpn ca] eq ""} {
set cafile [ovconf raw-get $ovpn ca]
set cafile [file normalize [file join [file dir $ovpnfile] $cafile]]
if {[file isfile $cafile]} {
set ovpn [ovconf raw-del $ovpn ca]
set ca [slurp $cafile]
append ovpn "\n<ca>\n"
append ovpn $ca
append ovpn "\n</ca>\n"
set certfile [ovconf raw-get $ovpn cert]
set certfile [file normalize [file join [file dir $ovpnfile] $certfile]]
if {[file isfile $certfile]} {
@@ -238,17 +245,23 @@ proc ::from_file::extract-servers {tempdir} {
set files [concat $files [find-ovpn-in $tempdir */*/* 1]]
# list of triples {host proto port}
set endpoints {}
puts stderr "extract-servers files: $files"
puts stderr [log "extract-servers files: $files"]
foreach f $files {
puts stderr [log "Processing $f"]
set ovpn [slurp $f]
puts stderr "slurp ovpn: $ovpn"
puts stderr [log "slurp ovpn: $ovpn"]
set remotes [ovconf raw-get $ovpn remote]
set remotes [concat $remotes [ovconf raw-get $ovpn #remote]]
set remotes [concat $remotes [ovconf raw-get $ovpn "# remote"]]
puts stderr "remotes: $remotes"
puts stderr [log "remotes: $remotes"]
set proto [ovconf raw-get $ovpn proto]
foreach r $remotes {
lassign $r host port
# if proto not given in a separate line in config try to get proto from the remote line (ibVPN provides such config)
if {$proto eq ""} {
lassign $r host port proto
} else {
lassign $r host port
if {[is-valid-host $host] && [is-valid-port $port] && [is-valid-proto $proto]} {
set triple [list $host $proto $port]
lappend endpoints $triple
@@ -2955,9 +2955,16 @@ proc ClickConnect {} {
set localconf [ovconf cset $localconf --ca [ovpndir $profile ca.crt]]
# Some ovpn config adjustments here although daemon also modifies ovconf
# remove tls-cipher constraint since ciphers are openvpn version dependent
set localconf [ovconf del $localconf --tls-cipher]
# remove up and down script hooks
set localconf [ovconf del $localconf --up]
set localconf [ovconf del $localconf --down]
set localconf [ovconf cset $localconf --proto $proto]
set localconf [ovconf cset $localconf --remote "$ip $port"]
set localconf [ovconf cset $localconf --meta $::model::Current_sitem]

0 comments on commit 28dbd5c

Please sign in to comment.