diff options
| author | Oldřich Jedlička <oldium.pro@gmail.com> | 2020-10-05 09:50:01 +0200 |
|---|---|---|
| committer | Oldřich Jedlička <oldium.pro@gmail.com> | 2020-10-31 09:40:38 +0100 |
| commit | e24415ac12dd485a6ae5a79fc440089227eed222 (patch) | |
| tree | 2ce0c40a560b48b64e3ee531e785b6d8fff9bc08 /applications/luci-app-fwknopd/root/etc/uci-defaults | |
| parent | 5a485f8c686cdc918c008e75bbf96bc51515d6aa (diff) | |
luci-app-fwknopd: Client-side rendering and improvements/fixes.
* Use client-side rendering.
* Asynchronous QR code generation and on-the-fly updates.
* Added button to generate keys.
* Added keys validation (empty, __CHANGEME__ and CHANGEME values are not
valid).
* Added SOURCE option non-empty validation (SOURCE is mandatory field).
* Added network and DESTINATION options.
* Use checkboxes for Y/N options instead of text fields.
* Fix the qrencode tool, which currently has only `--inline` option, not
`-I`. Use `--inline` instead.
* Improve configuration handling by removing the key type from the config
file. The key type is deduced from the actual values (normal/base64).
* Provide migration script (clean-up of stale keytype/hkeytype values in
config).
* Fixed usage of translations.
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
Diffstat (limited to 'applications/luci-app-fwknopd/root/etc/uci-defaults')
| -rw-r--r-- | applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd b/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd index 7cecf27461..00d721e067 100644 --- a/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd +++ b/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd @@ -3,16 +3,24 @@ #-- Licensed to the public under the GNU General Public License v2. . /lib/functions/network.sh -[ "$(uci -q get fwknopd.@access[0].KEY)" != "CHANGEME" ] && exit 0 +# Clean-up - keytype/hkeytype is unnecessary now +if uci -q show fwknopd | grep \\.h\\?keytype > /dev/null; then + for keytype in $(uci -q show fwknopd | grep \\.h\\?keytype= | cut -d= -f1); do + uci delete $keytype + done + uci commit fwknopd +fi -uci delete fwknopd.@access[0].KEY -uci delete fwknopd.@access[0].HMAC_KEY -uci set fwknopd.@access[0].keytype='Base64 key' -uci set fwknopd.@access[0].hkeytype='Base64 key' -uci set fwknopd.@access[0].KEY_BASE64=`fwknopd --key-gen | awk '/^KEY/ {print $2;}'` -uci set fwknopd.@access[0].HMAC_KEY_BASE64=`fwknopd --key-gen | awk '/^HMAC/ {print $2;}'` -uci set fwknopd.@config[0].ENABLE_IPT_FORWARDING='y' -uci set fwknopd.@config[0].ENABLE_NAT_DNS='y' +# Generate valid keys +if [ "$(uci -q get fwknopd.@access[0].KEY)" = "CHANGEME" ]; then + uci delete fwknopd.@access[0].KEY + uci delete fwknopd.@access[0].HMAC_KEY + uci set fwknopd.@access[0].KEY_BASE64=`fwknopd --key-gen | awk '/^KEY/ {print $2;}'` + uci set fwknopd.@access[0].HMAC_KEY_BASE64=`fwknopd --key-gen | awk '/^HMAC/ {print $2;}'` + uci set fwknopd.@config[0].ENABLE_IPT_FORWARDING='y' + uci set fwknopd.@config[0].ENABLE_NAT_DNS='y' + + uci commit fwknopd +fi -uci commit fwknopd exit 0 |