Merge test #929
Merged
Merge test #929
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… script, removed redundant code
- Add curl as a dependency for those who run the script without 'curl URL | bash'.
- Use POSIX 'command -v' instead of 'hash'.
- Check if packages have actually been installed and abort execution if they have not.
- Fixed issue with getStaticIPv4Settings() that prevented existing network settings
to be used as static IP settings when running the script unattended with empty
$IPv4addr and $IPv4gw variables.
- Exit if processing wireguard-linux-compat fails.
- Exit if 50unattended-upgrades fails to extract.
- Exit clientSTAT.sh if the wg0 interface is not available.
- Moved the Self Check to a single script since dedicated versions were very similar.
- Add 'pivpn -wg' to update WireGuard for users running Raspbian with armv6l kernel.
- Default to 'No' when asking if the RPi has DHCP reservation, considered
that the user may not be fully aware, furthermore, setting a static IP
anyways doesn't do harm.
- Validate existing IPv4 settings (address, gateway, DNS) to avoid filling
'/etc/dhcpcd.conf' with invalid data.
- Validate public DNS name of the server inside askPublicIPOrDNS() function
…xternal repositories
- Added a basic sanity check to downloaded DH paramenters, which doubles as a
check for missing .pem file.
- Fix 'pivpn -c' showing the month number instead of the day of the month when
using WireGuard.
- Removing APT keys is risky, it would break APT update/upgrade if the user
already was already using the unstable repo.
- Replaced 'Checking for $i... installed' in favor of a more clear 'Checking for
$i... already installed'.
- Check whether the OpenVPN repo and the Debian unstable repo are already used.
- Use a regular expression to extract IPs from the 'ip' command. With this,
there is a little need to validate output. Even though the regex will match
invalid IPs like 192.168.23.444, 'ip' can't return them, and even if it did,
the script would not have reached this function due to previous functions
using the network with broken routes and addresses.
- Get the IP address from the selected interface rather then from the 'ip route'
command as it's not guaranteed that such IP is the same of the interface the
user decided to use (though on a Raspberry Pi inside a home LAN, most likely
it is, but it also maskes easier to get the IP in the CIDR notation with a
single 'ip | grep' pipe).
… execution
- Moved $availableInterfaces and $CurrentIPv4gw from the script header to
their relevant function, considered that if the OS is not Raspbian a static
IP is not set, so those variables are not used.
…s from 2ton.com.au to RFC 7919
- Now using DH parameters suggested by the RFC 7919 for use by TLS servers (the user can
still generate his own if he wishes).
https://wiki.mozilla.org/Security/Archive/Server_Side_TLS_4.0#Pre-defined_DHE_groups
coolapso
approved these changes
Jan 31, 2020
|
Done! =) |
|
Mmmmh, how did you merge the pull request? I don't see the commit history originally from test. |
|
@orazioedoardo .... I squashed some commits .. that might be why. |
|
I think having commits is more useful, I would revert and merge normally. Now test is out of date too. |
|
Yeah .. that squash was bit unintentional ... lets revert and make it again i won't squash this time =p |
|
check this one: https://github.com/pivpn/pivpn/tree/revert-929-test if it looks good .. if so let me know and i merge it |
|
@4s3ti Looks good, all commits are there and if I compare with master there are no differences as expected. |
|
Done .. hope its ok now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Main changes:
@4s3ti do you approve this merge?