#!/bin/sh -e
-getrand()
-{
- local size=$1
- dd if=/dev/random bs=$size count=1 2>/dev/null | hexdump -ve '"%02x"'
-}
+PATH=$PATH:.
[ -n "$1" ] || {
cat <<EOF
Example script for creating new user peer for GoVPN.
-It just creates directory with random peer ID, random key,
-saves username in it and creates dummy up.sh executable script.
+It asks for passphrase, generates verifier and shows you example
+JSON entry for server configuration.
Usage: $0 <username>
EOF
}
username=$1
-peerid=$(getrand 16)
umask 077
-mkdir -p peers/$peerid
-getrand 32 > peers/$peerid/key
-echo $username > peers/$peerid/name
-echo '#!/bin/sh' > peers/$peerid/up.sh
-chmod 700 peers/$peerid/up.sh
-echo $peerid
+passphrase=$(mktemp)
+$(dirname $0)/storekey.sh $passphrase
+verifier=$(govpn-verifier -key $passphrase)
+rm -f $passphrase
+verifierS=$(echo $verifier | sed 's/^\(.*\) .*$/\1/')
+verifierC=$(echo $verifier | sed 's/^.* \(.*\)$/\1/')
+echo
+
+cat <<EOF
+Your client verifier is: $verifierC
+
+Place the following JSON configuration entry on the server's side:
+
+ "$username": {
+ "up": "/path/to/up.sh",
+ "iface": "or TAP interface name",
+ "verifier": "$verifierS"
+ }
+
+Verifier was generated with:
+
+ $(dirname $0)/storekey.sh /tmp/passphrase
+ govpn-verifier -key /tmp/passphrase
+
+Create up.sh script that will output on the first line TAP interface
+name that must be used for the peer. For example:
+
+ % umask 077
+ % ed /path/to/up.sh
+ a
+ #!/bin/sh
+ echo tap0
+ .
+ wq
+ 20
+ % chmod +x /path/to/up.sh
+EOF