check for validity of OpenVPN configuration sections

This adds checks whether each OpenVPN configuration section exists exactly once
and whether its begin comes before its end.

Signed-off-by: Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>

src/update-eduvpn-credentials

@@ -19,6 +19,25 @@ extract_and_print_section()
 {
 	local section_name="$1"
 	
+	#check whether the section exists exactly once in the OpenVPN configuration
+	line_numbers_of_section_begin_matches="$( printf '%s' "${ovpn_configuration}"  |  grep -n "^<${section_name}>$"  |  cut -d ':' -f1 )"
+	line_numbers_of_section_end_matches="$( printf '%s' "${ovpn_configuration}"  |  grep -n "^</${section_name}>$"  |  cut -d ':' -f1 )"
+	if [ -z "${line_numbers_of_section_begin_matches}" ]   ||   [ "$( printf '%s' "${line_numbers_of_section_begin_matches}"  |  wc -l )" -ne 0 ]   ||   \
+	   [ -z "${line_numbers_of_section_end_matches}" ]   ||   [ "$( printf '%s' "${line_numbers_of_section_end_matches}"  |  wc -l )" -ne 0 ]   ||   \
+	   [ "${line_numbers_of_section_begin_matches}" -ge "${line_numbers_of_section_end_matches}" ]; then
+		case "${section_name}" in
+		(ca|cert)
+			section_type='-certificate'
+			;;
+		(key|tls-crypt)
+			section_type='-key'
+			;;
+		esac
+		
+		printf 'Error: Not exactly one `<%s>`%s-section in the OpenVPN configuration.\n' "${section_name}" "${section_type}" >&2
+		return 1
+	fi
+	
 	#extract and print the section
 	printf '%s' "${ovpn_configuration}"  |  sed -n "\%^<${section_name}>$%,\%^</${section_name}>$%{\%%!p;}"
 }