diff options
| author |  Christian Hesse <mail@eworm.de> | 2019-01-02 13:16:23 +0100 |
|---|---|---|
| committer | Christian Hesse <mail@eworm.de> | 2019-01-02 15:02:42 +0100 |
| commit | bc36fb74c38525084316b46633af971aa2ab0baf (patch) | |
| tree | 84a2b2f14a41ff019fcff918cc0e0ca23d883ac6 /update-tunnelbroker | |
| parent | ca16f286efd21a8c0d627a85679f6995af26889f (diff) | |
update-tunnelbroker: verify certificate
Diffstat (limited to 'update-tunnelbroker')
| -rw-r--r-- | update-tunnelbroker | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/update-tunnelbroker b/update-tunnelbroker index ee8e0e8..fccd41c 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -9,6 +9,8 @@ :global tunnelid; :global tunnelint; +:global CertificateAvailable; + :if ([ / ip cloud get ddns-enabled ] != true) do={ :error "IP cloud DDNS is not enabled."; } @@ -24,9 +26,11 @@ while ([ / ip cloud get status ] != "updated" ) do={ :local tunnelip [ / ip cloud get public-address ]; :if ($tunnelip != $tunnellastip) do={ + $CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield"; :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $tunnelip); - / tool fetch mode=https address=$tunnelurl user=$tunneluser password=$tunnelpass \ - src-path=("/nic/update\?hostname=" . $tunnelid) keep-result=no; + / tool fetch mode=https check-certificate=yes-without-crl \ + ("https://" . $tunnelurl . "/nic/update\?hostname=" . $tunnelid) \ + user=$tunneluser password=$tunnelpass keep-result=no; / interface 6to4 set [ / interface 6to4 find where name=$tunnelint ] local-address=$tunnelip; } else={ :log debug "All tunnelbroker configuration is up to date."; |