kris/piawg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

testing

Browse Source
This commit is contained in:
Kris Lamoureux
2026-03-01 22:25:40 -05:00
parent 2955b980a5
commit e88f28b0de
2 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
ca.rsa.4096.crt
.ca.rsa.4096.crt

15
piawg.sh
View File

@@ -70,7 +70,7 @@ renew_token() {
} }
# Check for required external commands # Check for required external commands
for rbin in curl jq; do for rbin in curl jq openssl; do
command -v "$rbin" >/dev/null 2>&1 || command -v "$rbin" >/dev/null 2>&1 ||
err "Required binary '$rbin' not found" err "Required binary '$rbin' not found"
done done
@@ -100,6 +100,8 @@ fi
# Overridable defaults # Overridable defaults
: "${PIA_API:=https://www.privateinternetaccess.com/api/client/v2/token}" : "${PIA_API:=https://www.privateinternetaccess.com/api/client/v2/token}"
: "${PIA_CRT:=https://www.privateinternetaccess.com/openvpn/ca.rsa.4096.crt}"
: "${PIA_HASH:=1fd25658456eab3041fba77ccd398ab8124edcc1b8b2fc1d55fdf6b1bbfc9d70}"
: "${BAO_AUTH_PATH:=approle}" : "${BAO_AUTH_PATH:=approle}"
: "${BAO_KV_MOUNT:=kv}" : "${BAO_KV_MOUNT:=kv}"
: "${BAO_PATH_LOGIN:=piawg/creds/login}" : "${BAO_PATH_LOGIN:=piawg/creds/login}"
@@ -144,4 +146,13 @@ elif ! check_http "$http_code"; then
fi fi
printf '%s\n' "$get_token_reply" printf '%s\n' "$get_token_reply"
exit 0
# Download PIA RSA CA certificate
if [ ! -f ./ca.rsa.4096.crt ]; then
[ -f ./.ca.rsa.4096.crt ] && rm ./.ca.rsa.4096.crt
curl -sS -o ./.ca.rsa.4096.crt "$PIA_CRT"
pia_file_hash="$(openssl x509 -in ./.ca.rsa.4096.crt -outform DER |
openssl dgst -sha256 -r | awk '{print $1}')"
[ "$pia_file_hash" != "$PIA_HASH" ] && err "PIA CA fingerprint mismatch"
mv ./.ca.rsa.4096.crt ./ca.rsa.4096.crt
fi