OpenVPN variables for script (tls-verify)

cm2702 · Post by **cm2702** » Mon Sep 09, 2013 11:18 am

Hi everyone. I try to write script for option tls-verify (my OS windows 7 64bit, script on vbs).
At first i get openvpn variables in temp file then read it and compare with my client certificates database.
The problem consists in that openvpn transfer variables of the client not always.
For example:
If i make small script like this

command = "cmd.exe /c " + "set"
t = Log_Vars(Run_Program_Set(command), 1)

Function Run_Program_Set(command)
Set objShell = WScript.CreateObject("WScript.Shell")
Set objExec = objShell.Exec(command)
Run_Program_Set = objExec.StdOut.ReadAll
End Function

Function Log_Vars(LineForWrite, MakeNextLine)
Const ForWriting = 2
fldr = "C:\Windows\Temp\Variables.txt"
Dim objFSO, objTxtStream
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTxtStream = objFSO.OpenTextFile(fldr, ForWriting, true)
If MakeNextLine = 1 Then
objTxtStream.Write LineForWrite & chr(13) & chr(10)
else
objTxtStream.Write LineForWrite
End If
objTxtStream.Close
Log_Vars = "Sucsess"
End Function

In the file variables.txt will be
COMSPEC=C:\Windows\SysWOW64\cmd.exe
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.JS;.WS;.MSC
PROMPT=$P$G
script_type=tls-verify
untrusted_port=64581
untrusted_ip=10.0.11.1
tls_serial_0=6
tls_digest_0=ff:2d:e5:9f:b2:af:73:a7:dc:00:21:60:73:60:8d:6d:12:f9:cb:cc
tls_id_0=/C=RU/ST=MSK/L=Moscow/O=NPB/OU=Headquarter/CN=Client6/name=ClientOpenVPN/emailAddress=***@mail.ru
X509_0_emailAddress=***@mail.ru
X509_0_name=ClientOpenVPN
X509_0_CN=Client6
X509_0_OU=Headquarter
X509_0_O=NPB
X509_0_L=Moscow
X509_0_ST=MSK
X509_0_C=RU
tls_serial_1=11536565143839473019
tls_digest_1=f9:f0:9f:e2:d7:63:c6:ff:5e:3c:ca:40:76:db:53:3b:67:ca:6e:d9
tls_id_1=/C=RU/ST=MSK/L=Moscow/O=NPB/OU=Headquarter/CN=ca_client/name=ClientOpenVPN/emailAddress=***@mail.ru
X509_1_emailAddress=***@mail.ru
X509_1_name=ClientOpenVPN
X509_1_CN=ca_client
X509_1_OU=Headquarter
X509_1_O=NPB
X509_1_L=Moscow
X509_1_ST=MSK
X509_1_C=RU
remote_port_1=1194
local_port_1=1194
local_1=10.0.11.2
proto_1=udp
daemon_pid=988
daemon_start_time=1377107789
daemon_log_redirect=1
daemon=0
verb=4
config=server.ovpn
SystemRoot=C:\Windows
ifconfig_local=10.10.100.1
ifconfig_remote=10.10.100.2
route_net_gateway=192.168.1.1
route_vpn_gateway=10.10.100.2
route_network_1=10.10.100.0
route_netmask_1=255.255.255.0
route_gateway_1=10.10.100.2
script_context=init
tun_mtu=1500
link_mtu=1602
dev=OpenVPN
dev_type=tun
redirect_gateway=0
PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem

If I add more commands in script no matter what, all variables with zero will be gone.
I know that by default variable tls_id_0 transfer like argument, but I want compare more variables

Sorry on my english