From c432d69551503d606cd8e14d619f11f20827a151 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sun, 24 Sep 2017 23:12:53 +0100
Subject: [PATCH] Remove vpn client keys

---
 src/freedombone-app-vpn | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/freedombone-app-vpn b/src/freedombone-app-vpn
index 2c68c08b..323242fb 100755
--- a/src/freedombone-app-vpn
+++ b/src/freedombone-app-vpn
@@ -36,6 +36,7 @@ IN_DEFAULT_INSTALL=0
 SHOW_ON_ABOUT=0
 
 OPENVPN_SERVER_NAME="${PROJECT_NAME}-vpn"
+OPENVPN_KEY_FILENAME='vpn.ovpn'
 
 vpn_variables=(MY_EMAIL_ADDRESS
                LOCAL_NETWORK_STATIC_IP_ADDRESS
@@ -85,6 +86,14 @@ function remove_vpn {
     fi
     firewall_deny_forwarding
     remove_completion_param install_vpn
+
+    # remove any client keys
+    for d in /home/*/ ; do
+        USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
+        if [ -f /home/$USERNAME/$OPENVPN_KEY_FILENAME ]; then
+            shred -zu /home/$USERNAME/$OPENVPN_KEY_FILENAME
+        fi
+    done
 }
 
 function create_user_vpn_key {
@@ -112,7 +121,7 @@ y
         exit 682523
     fi
 
-    user_vpn_cert_file=/home/$username/vpn.ovpn
+    user_vpn_cert_file=/home/$username/$OPENVPN_KEY_FILENAME
 
     cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf $user_vpn_cert_file
     sed -i "s|remote .*|remote $DEFAULT_DOMAIN_NAME 1194|g" $user_vpn_cert_file