From 003e83995cf19e44b3e7a15ca9c25a8697d7e8e5 Mon Sep 17 00:00:00 2001 From: Tomohiko Ozawa Date: Fri, 15 Sep 2023 22:35:42 +0900 Subject: [PATCH 1/3] add TLS-crypt config --- action.yml | 5 ++++- dist/index.js | 12 +++++++++++- src/main.js | 6 ++++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index ce3e8d7..a82408a 100644 --- a/action.yml +++ b/action.yml @@ -14,7 +14,10 @@ inputs: description: "Password" required: false tls_auth_key: - description: "Pre-shared secret for TLS-auth HMAC signature" + description: "TLS-auth pre-shared group key" + required: false + tls_crypt_key: + description: "TLS-crypt pre-shared group key" required: false client_key: description: "Local peer's private key" diff --git a/dist/index.js b/dist/index.js index 9bfb4c7..68998d1 100644 --- a/dist/index.js +++ b/dist/index.js @@ -2007,8 +2007,12 @@ class Tail extends events.EventEmitter { */ getPositionAtNthLine(nLines) { const { size } = fs.statSync(this.filename); - const fd = fs.openSync(this.filename, 'r'); + if (size === 0) { + return 0; + } + + const fd = fs.openSync(this.filename, 'r'); // Start from the end of the file and work backwards in specific chunks let currentReadPosition = size; const chunkSizeBytes = Math.min(1024, size); @@ -3172,6 +3176,7 @@ const run = (callback) => { const password = core.getInput("password"); const clientKey = core.getInput("client_key"); const tlsAuthKey = core.getInput("tls_auth_key"); + const tlsCryptKey = core.getInput("tls_crypt_key"); if (!fs.existsSync(configFile)) { throw new Error(`config file '${configFile}' not found`); @@ -3198,6 +3203,11 @@ const run = (callback) => { fs.writeFileSync("ta.key", tlsAuthKey, { mode: 0o600 }); } + if (tlsCryptKey) { + fs.appendFileSync(configFile, "tls-crypt ta.key 1\n"); + fs.writeFileSync("ta.key", tlsCryptKey, { mode: 0o600 }); + } + core.info("========== begin configuration =========="); core.info(fs.readFileSync(configFile, "utf8")); core.info("=========== end configuration ==========="); diff --git a/src/main.js b/src/main.js index c5c90dc..d3bfa93 100644 --- a/src/main.js +++ b/src/main.js @@ -9,6 +9,7 @@ const run = (callback) => { const password = core.getInput("password"); const clientKey = core.getInput("client_key"); const tlsAuthKey = core.getInput("tls_auth_key"); + const tlsCryptKey = core.getInput("tls_crypt_key"); if (!fs.existsSync(configFile)) { throw new Error(`config file '${configFile}' not found`); @@ -35,6 +36,11 @@ const run = (callback) => { fs.writeFileSync("ta.key", tlsAuthKey, { mode: 0o600 }); } + if (tlsCryptKey) { + fs.appendFileSync(configFile, "tls-crypt ta.key 1\n"); + fs.writeFileSync("ta.key", tlsCryptKey, { mode: 0o600 }); + } + core.info("========== begin configuration =========="); core.info(fs.readFileSync(configFile, "utf8")); core.info("=========== end configuration ==========="); From a7073908b1659fd8697b959c9a36bc256d504389 Mon Sep 17 00:00:00 2001 From: Tomohiko Ozawa Date: Fri, 15 Sep 2023 22:38:52 +0900 Subject: [PATCH 2/3] test --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7df46bc..699ac59 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,6 +35,6 @@ jobs: username: ${{ secrets.OVPN_USERNAME }} password: ${{ secrets.OVPN_PASSWORD }} client_key: ${{ secrets.OVPN_CLIENT_KEY }} - tls_auth_key: ${{ secrets.OVPN_TLS_AUTH_KEY }} + tls_crypt_key: ${{ secrets.OVPN_TLS_AUTH_KEY }} - name: Check if connected run: curl -v http://172.20.4.173:8080 From 8a07e05e4b258ac722af9cbbba4b2753a09d61ce Mon Sep 17 00:00:00 2001 From: Tomohiko Ozawa Date: Fri, 15 Sep 2023 23:14:45 +0900 Subject: [PATCH 3/3] fix doc --- action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/action.yml b/action.yml index 722e498..37dfe99 100644 --- a/action.yml +++ b/action.yml @@ -14,13 +14,13 @@ inputs: description: "Password" required: false tls_auth_key: - description: "TLS-auth pre-shared group key" + description: "Pre-shared group key for TLS Auth" required: false tls_crypt_key: - description: "TLS-crypt pre-shared group key" + description: "Pre-shared group key for TLS Crypt" required: false tls_crypt_v2_key: - description: "Pre-shared secret for tls-crypt-v2" + description: "Per-client key for TLS Crypt V2" required: false client_key: description: "Local peer's private key"