diff options
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | certs/Go Daddy Secure Certificate Authority - G2.pem (renamed from certs/godaddy.pem) | 0 | ||||
| -rw-r--r-- | certs/Let's Encrypt Authority X3.pem (renamed from certs/letsencrypt.pem) | 0 | ||||
| -rw-r--r-- | certs/Starfield Secure Certificate Authority - G2.pem (renamed from certs/starfield.pem) | 0 | ||||
| -rw-r--r-- | global-functions | 19 | ||||
| -rw-r--r-- | initial-commands | 3 | ||||
| -rw-r--r-- | update-tunnelbroker | 2 |
7 files changed, 15 insertions, 11 deletions
@@ -43,7 +43,7 @@ download the certificates. If you intend to download the scripts from a different location (for example from github.com) install the corresponding certificate chain. - [admin@MikroTik] > / tool fetch "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/certs/letsencrypt.pem" dst-path="letsencrypt.pem" + [admin@MikroTik] > / tool fetch "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/certs/Let%27s%20Encrypt%20Authority%20X3.pem" dst-path="letsencrypt.pem" status: finished downloaded: 3KiBC-z pause] total: 3KiB diff --git a/certs/godaddy.pem b/certs/Go Daddy Secure Certificate Authority - G2.pem index 72e5054..72e5054 100644 --- a/certs/godaddy.pem +++ b/certs/Go Daddy Secure Certificate Authority - G2.pem diff --git a/certs/letsencrypt.pem b/certs/Let's Encrypt Authority X3.pem index 7df773f..7df773f 100644 --- a/certs/letsencrypt.pem +++ b/certs/Let's Encrypt Authority X3.pem diff --git a/certs/starfield.pem b/certs/Starfield Secure Certificate Authority - G2.pem index 9c17e74..9c17e74 100644 --- a/certs/starfield.pem +++ b/certs/Starfield Secure Certificate Authority - G2.pem diff --git a/global-functions b/global-functions index 356a570..a629ca6 100644 --- a/global-functions +++ b/global-functions @@ -63,23 +63,26 @@ # check and import required certificates :global CertificateAvailable do={ :local CommonName [ :tostr $1 ]; - :local FileName ([ :tostr $2 ] . ".pem"); :global ScriptUpdatesBaseUrl; :global ScriptUpdatesUrlSuffix; + :global UrlEncode; :global WaitForFile; :if ([ / certificate print count-only where common-name=$CommonName ] = 0) do={ :log info ("Certificate with CommonName " . $CommonName . \ " not available, downloading and importing."); :do { + :local LocalFileName ($CommonName . ".pem"); + :local UrlFileName ([ $UrlEncode $CommonName ] . ".pem"); / tool fetch check-certificate=yes-without-crl \ ($ScriptUpdatesBaseUrl . "certs/" . \ - $FileName . $ScriptUpdatesUrlSuffix) \ - dst-path=$FileName; - $WaitForFile $FileName; - / certificate import file-name=$FileName passphrase=""; + $UrlFileName . $ScriptUpdatesUrlSuffix) \ + dst-path=$LocalFileName; + $WaitForFile $LocalFileName; + / certificate import file-name=$LocalFileName passphrase=""; + / file remove $LocalFileName; } on-error={ :log warning "Failed imprting certificate!"; } @@ -112,7 +115,7 @@ } :if ([ :len $TelegramTokenId ] > 0 && [ :len $TelegramChatId ] > 0) do={ - $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" "godaddy"; + $CertificateAvailable "Go Daddy Secure Certificate Authority - G2"; :do { / tool fetch check-certificate=yes-without-crl keep-result=no http-method=post \ ("https://api.telegram.org/bot" . $TelegramTokenId . "/sendMessage") \ @@ -132,7 +135,7 @@ :do { :local Vendor; - $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; + $CertificateAvailable "Let's Encrypt Authority X3"; :set Vendor ([ / tool fetch check-certificate=yes-without-crl \ ("https://api.macvendors.com/" . [ :pick $Mac 0 8 ]) output=user as-value ]->"data"); :return $Vendor; @@ -178,7 +181,7 @@ :local PkgFile ($PkgName . "-" . $PkgVer . "-" . $PkgArch . ".npk"); :local PkgDest [ $CleanFilePath ($PkgDir . "/" . $PkgFile) ]; - $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; + $CertificateAvailable "Let's Encrypt Authority X3"; :do { / tool fetch check-certificate=yes-without-crl \ ("https://upgrade.mikrotik.com/routeros/" . $PkgVer . "/" . $PkgFile) \ diff --git a/initial-commands b/initial-commands index c42b001..cc15baf 100644 --- a/initial-commands +++ b/initial-commands @@ -3,7 +3,7 @@ # Copyright (c) 2018-2019 Christian Hesse <mail@eworm.de> { - / tool fetch "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/certs/letsencrypt.pem" dst-path="letsencrypt.pem"; + / tool fetch "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/certs/Let%27s%20Encrypt%20Authority%20X3.pem" dst-path="letsencrypt.pem"; :delay 1s; / certificate { import file-name=letsencrypt.pem passphrase=""; @@ -14,6 +14,7 @@ :if ([ / certificate print count-only where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" or fingerprint="731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568" or fingerprint="0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ] != 3) do={ :error "Anything is wrong with your certificates!"; } + / file remove "letsencrypt.pem"; :foreach Script in={ "global-config"; "global-functions"; "script-updates" } do={ / system script add name=$Script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $Script) output=user as-value]->"data"); } diff --git a/update-tunnelbroker b/update-tunnelbroker index f6674b6..7d0fc35 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -27,7 +27,7 @@ :local Pass [ :pick ($Comment->2) 5 99 ]; :local Id [ :pick ($Comment->3) 3 99 ]; - $CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield"; + $CertificateAvailable "Starfield Secure Certificate Authority - G2"; :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $PublicAddress); / tool fetch check-certificate=yes-without-crl \ ("https://ipv4.tunnelbroker.net/nic/update\?hostname=" . $Id) \ |