Integrate automatic TLS Key use into inline files

Signed-off-by: Richard T Bonhomme <[email protected]>
OpenVPN · Jul 6, 2024 · 4348096 · 4348096
1 parent 588042b
commit 4348096
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
@@ -2952,6 +2952,7 @@ inline_creds() {
 	crt_source="${EASYRSA_PKI}/issued/${1}.crt"
 	key_source="${EASYRSA_PKI}/private/${1}.key"
 	ca_source="$EASYRSA_PKI/ca.crt"
+	tls_source="${EASYRSA_PKI}"/inline/easyrsa-tls.inline
 	incomplete=0
 
 	# Generate data
@@ -3036,6 +3037,20 @@ $(cat "$ca_source")
 		fi
 	fi
 
+	# TLS auth|crypt key
+	if [ "$EASYRSA_AUTO_TLS_CRYPT" ] || \
+		[ "$EASYRSA_AUTO_TLS_CRYPT" ]
+	then
+		if [ -f "$tls_source" ]; then
+			tls_data="$(cat "$tls_source")"
+		else
+			incomplete=1
+			tls_data="# Easy-RSA TLS Key not found!"
+		fi
+	else
+		tls_data="# Easy-RSA TLS Key not enabled!"
+	fi
+
 	# Print data
 	print "\
 # Easy-RSA Type: $type_data
@@ -3047,6 +3062,8 @@ $crt_data
 $key_data
 
 $ca_data
+
+$tls_data
 "
 	# If inline file is incomplete then return error
 	return "$incomplete"