summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--applications/luci-app-yggdrasil/po/templates/yggdrasil.pot280
-rw-r--r--libs/luci-lib-httpclient/luasrc/httpclient.lua4
-rw-r--r--libs/luci-lib-ip/src/ip.c64
-rw-r--r--libs/luci-lib-ip/src/ip.luadoc33
4 files changed, 363 insertions, 18 deletions
diff --git a/applications/luci-app-yggdrasil/po/templates/yggdrasil.pot b/applications/luci-app-yggdrasil/po/templates/yggdrasil.pot
new file mode 100644
index 000000000..380042f42
--- /dev/null
+++ b/applications/luci-app-yggdrasil/po/templates/yggdrasil.pot
@@ -0,0 +1,280 @@
+msgid ""
+msgstr "Content-Type: text/plain; charset=UTF-8"
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/status.js:32
+msgid "Active peers"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:57
+msgid "Address to listen for incoming connections"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:15
+msgid "Allow from direct"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:17
+msgid "Allow from remote"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:16
+msgid "Allow network traffic from directly connected peers"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:18
+msgid ""
+"Allow network traffic from remote nodes on the network that you are not "
+"directly peered with"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:20
+msgid ""
+"Allow outbound network traffic regardless of AllowFromDirect or "
+"AllowFromRemote"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:13
+msgid "Allow tunneling non-Yggdrasil traffic over Yggdrasil. This effectively"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:20
+msgid "Always allow outbound"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:30
+msgid "Blacklisted public keys"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:22
+msgid "By default, nodeinfo contains some defaults including the platform,"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:21
+msgid "Enable NodeInfo privacy"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:13
+msgid "Enable session firewall"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:36
+msgid "Enable tap mode"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:10
+#: applications/luci-app-yggdrasil/luasrc/controller/yggdrasil.lua:13
+msgid "Encryption keys"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:14
+msgid "Encryption private key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:13
+msgid "Encryption public key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:10
+msgid "General settings"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:25
+msgid "IPv4 local subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:18
+msgid "IPv4 remote subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:21
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:28
+msgid "IPv4 subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:19
+msgid "IPv4 subnets belonging to remote nodes, mapped to the node's public"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:26
+msgid "IPv4 subnets belonging to this node's end of the tunnels. Only traffic"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:39
+msgid "IPv6 local subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:32
+msgid "IPv6 remote subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:35
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:43
+msgid "IPv6 subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:33
+msgid "IPv6 subnets belonging to remote nodes, mapped to the node's public"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:40
+msgid "IPv6 subnets belonging to this node's end of the tunnels. Only traffic"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:14
+msgid ""
+"If disabled, network traffic from any node will be allowed. If enabled, the "
+"below rules apply"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/peers.js:24
+msgid "Interface"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:45
+msgid "Interface name"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/peers.js:19
+msgid "Interface peers"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:15
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:18
+msgid "Keep this private. When compromised, generate a new keypair and IPv6."
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:20
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:34
+msgid "Key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:14
+msgid "Link-local TCP port"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/peers.js:11
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/peers.js:20
+msgid "List of connection strings for outbound peer connections in URI format,"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:50
+msgid "Listen addresses"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:51
+msgid "Listen addresses for incoming connections. You will need to add"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:37
+msgid "MTU size for the interface"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:39
+msgid "Maximum size of all switch queues combined"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:41
+msgid "Multicast interfaces"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:24
+msgid ""
+"Network traffic is always accepted from those peers, regardless of "
+"AllowFromDirect or AllowFromRemote"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:31
+msgid ""
+"Network traffic is always rejected from those peers, regardless of "
+"AllowFromDirect or AllowFromRemote"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:28
+msgid "NodeInfo"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:29
+msgid "Optional node info. This must be a { \"key\": \"value\", ... } map"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/peers.js:10
+#: applications/luci-app-yggdrasil/luasrc/controller/yggdrasil.lua:11
+msgid "Peers"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:20
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:34
+msgid "Public encryption key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:25
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:32
+msgid "Public key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:42
+msgid "Regular expressions for which interfaces multicast peer discovery"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/luasrc/controller/yggdrasil.lua:14
+msgid "Session firewall"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:10
+msgid "Session firewall settings"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:46
+msgid "Set .* to multicast on all interfaces"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/luasrc/controller/yggdrasil.lua:12
+msgid "Settings"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:17
+msgid "Signing private key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/keys.js:16
+msgid "Signing public key"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/luasrc/controller/yggdrasil.lua:9
+msgid "Status"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:21
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:28
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:35
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:43
+msgid "Subnet"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:15
+msgid "The port number to be used for the link-local TCP listeners for the"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/tunnel_routing.js:10
+msgid "Tunnel Routing"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/luasrc/controller/yggdrasil.lua:15
+msgid "Tunnel routing"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/session_firewall.js:23
+msgid "Whitelisted public keys"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/status.js:29
+msgid "Yggdrasil node status"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:13
+msgid "Yggdrasil's network interface name"
+msgstr ""
+
+#: applications/luci-app-yggdrasil/htdocs/luci-static/resources/view/yggdrasil/settings.js:58
+msgid "e.g. tcp://0.0.0.0:0 or tcp://[::]:0"
+msgstr ""
diff --git a/libs/luci-lib-httpclient/luasrc/httpclient.lua b/libs/luci-lib-httpclient/luasrc/httpclient.lua
index 79ce41294..e9ec3ac29 100644
--- a/libs/luci-lib-httpclient/luasrc/httpclient.lua
+++ b/libs/luci-lib-httpclient/luasrc/httpclient.lua
@@ -105,10 +105,10 @@ function parse_url(uri)
rest = tmp
end
- url.host, tmp = rest:match("^%[([0-9a-fA-F:]+)%](.*)$")
+ url.host, tmp = rest:match("^%[(.+)%](.*)$")
if url.host and tmp then
url.ip6addr = ip.IPv6(url.host)
- if not url.ip6addr then
+ if not url.ip6addr or url.ip6addr:prefix() < 128 then
return nil
end
url.host = string.format("[%s]", url.ip6addr:string())
diff --git a/libs/luci-lib-ip/src/ip.c b/libs/luci-lib-ip/src/ip.c
index 188a70f14..34a120d1a 100644
--- a/libs/luci-lib-ip/src/ip.c
+++ b/libs/luci-lib-ip/src/ip.c
@@ -62,6 +62,7 @@ typedef struct {
struct ether_addr mac;
uint8_t u8[16];
} addr;
+ uint32_t scope;
uint16_t family;
int16_t bits;
} cidr_t;
@@ -177,7 +178,7 @@ static bool parse_mask(int family, const char *mask, int16_t *bits)
static bool parse_cidr(const char *dest, cidr_t *pp)
{
- char *p, buf[INET6_ADDRSTRLEN * 2 + 2];
+ char *p, *s, buf[INET6_ADDRSTRLEN * 2 + 2];
strncpy(buf, dest, sizeof(buf) - 1);
@@ -186,6 +187,11 @@ static bool parse_cidr(const char *dest, cidr_t *pp)
if (p)
*p++ = 0;
+ s = strchr(buf, '%');
+
+ if (s)
+ *s++ = 0;
+
if (inet_pton(AF_INET, buf, &pp->addr.v4))
pp->family = AF_INET;
else if (inet_pton(AF_INET6, buf, &pp->addr.v6))
@@ -195,6 +201,22 @@ static bool parse_cidr(const char *dest, cidr_t *pp)
else
return false;
+ if (s)
+ {
+ if (pp->family != AF_INET6)
+ return false;
+
+ if (!(pp->addr.v6.s6_addr[0] == 0xFE &&
+ pp->addr.v6.s6_addr[1] >= 0x80 &&
+ pp->addr.v6.s6_addr[2] <= 0xBF))
+ return false;
+
+ pp->scope = if_nametoindex(s);
+
+ if (pp->scope == 0)
+ return false;
+ }
+
if (p)
{
if (!parse_mask(pp->family, p, &pp->bits))
@@ -210,7 +232,7 @@ static bool parse_cidr(const char *dest, cidr_t *pp)
static int format_cidr(lua_State *L, cidr_t *p)
{
- char buf[INET6_ADDRSTRLEN];
+ char *s, buf[INET6_ADDRSTRLEN + 1 + IF_NAMESIZE + 4];
if (p->family == AF_PACKET)
{
@@ -229,13 +251,19 @@ static int format_cidr(lua_State *L, cidr_t *p)
}
else
{
+ inet_ntop(p->family, &p->addr.v6, buf, sizeof(buf));
+
+ s = buf + strlen(buf);
+
+ if (p->scope != 0 && if_indextoname(p->scope, s + 1) != NULL) {
+ *s++ = '%';
+ s += strlen(s);
+ }
+
if (p->bits < AF_BITS(p->family))
- lua_pushfstring(L, "%s/%d",
- inet_ntop(p->family, &p->addr.v6, buf, sizeof(buf)),
- p->bits);
- else
- lua_pushstring(L,
- inet_ntop(p->family, &p->addr.v6, buf, sizeof(buf)));
+ s += sprintf(s, "/%d", p->bits);
+
+ lua_pushstring(L, buf);
}
return 1;
@@ -765,6 +793,25 @@ static int cidr_mapped4(lua_State *L)
return 1;
}
+static int cidr_unscoped(lua_State *L)
+{
+ cidr_t *p1 = L_checkcidr(L, 1, NULL);
+ cidr_t *p2;
+
+ if (p1->family != AF_INET6)
+ return 0;
+
+ if (!(p2 = lua_newuserdata(L, sizeof(*p2))))
+ return 0;
+
+ *p2 = *p1;
+ p2->scope = 0;
+
+ luaL_getmetatable(L, LUCI_IP_CIDR);
+ lua_setmetatable(L, -2);
+ return 1;
+}
+
static int cidr_tolinklocal(lua_State *L)
{
cidr_t *p1 = L_checkcidr(L, 1, NULL);
@@ -1601,6 +1648,7 @@ static const luaL_reg ip_cidr_methods[] = {
{ "mask", cidr_mask },
{ "broadcast", cidr_broadcast },
{ "mapped4", cidr_mapped4 },
+ { "unscoped", cidr_unscoped },
{ "tomac", cidr_tomac },
{ "tolinklocal", cidr_tolinklocal },
{ "contains", cidr_contains },
diff --git a/libs/luci-lib-ip/src/ip.luadoc b/libs/luci-lib-ip/src/ip.luadoc
index afd171beb..3e0396340 100644
--- a/libs/luci-lib-ip/src/ip.luadoc
+++ b/libs/luci-lib-ip/src/ip.luadoc
@@ -838,6 +838,23 @@ print(addr:mapped4()) -- "172.16.19.1"`
]]
---[[
+Derive unscoped IPv6 address of CIDR instance.
+
+Construct a copy of the given IPv6 CIDR instance and drop the associated
+address scope information.
+
+This function has no effect on IPv4 instances or MAC address instances,
+it will return nothing in this case.
+
+@class function
+@sort 19
+@name cidr.unscoped
+@return Return a new CIDR instance representing the unscoped IPv6 address.
+@usage `local addr = luci.ip.new("fe80::1234%eth0")
+print(addr:unscoped()) -- "fe80::1234"`
+]]
+
+---[[
Derive MAC address of IPv6 link local CIDR instance.
Constructs a CIDR instance representing the MAC address contained in the IPv6
@@ -848,7 +865,7 @@ instances which are not a link local address, it will return nothing in this
case.
@class function
-@sort 19
+@sort 20
@name cidr.tomac
@return Return a new CIDR instance representing the MAC address if this
instance is an IPv6 link local address, else return nothing.
@@ -866,7 +883,7 @@ This function has no effect on IPv4 instances or IPv6 instances, it will return
nothing in this case.
@class function
-@sort 20
+@sort 21
@name cidr.tolinklocal
@return Return a new CIDR instance representing the IPv6 link local address.
@usage `local mac = luci.ip.new("64:66:B3:47:E1:B9")
@@ -877,7 +894,7 @@ print(mac:tolinklocal()) -- "fe80::6666:b3ff:fe47:e1b9"`
Test whether CIDR contains given range.
@class function
-@sort 21
+@sort 22
@name cidr.contains
@param addr A `luci.ip.cidr` instance or a string convertible by
`luci.ip.new()` to test.
@@ -902,7 +919,7 @@ Add given amount to CIDR instance. If the result would overflow the maximum
address space, the result is set to the highest possible address.
@class function
-@sort 22
+@sort 23
@name cidr.add
@param amount A numeric value between 0 and 0xFFFFFFFF, a
`luci.ip.cidr` instance or a string convertible by
@@ -951,7 +968,7 @@ Subtract given amount from CIDR instance. If the result would under, the lowest
possible address is returned.
@class function
-@sort 23
+@sort 24
@name cidr.sub
@param amount A numeric value between 0 and 0xFFFFFFFF, a
`luci.ip.cidr` instance or a string convertible by
@@ -999,7 +1016,7 @@ print(mac) -- "00:00:00:00:00:00"`
Calculate the lowest possible host address within this CIDR instance.
@class function
-@sort 24
+@sort 25
@name cidr.minhost
@return Returns a new CIDR instance representing the lowest host address
within this range.
@@ -1017,7 +1034,7 @@ print(mac:minhost()) -- "00:14:22:01:00:01"`
Calculate the highest possible host address within this CIDR instance.
@class function
-@sort 25
+@sort 26
@name cidr.maxhost
@return Returns a new CIDR instance representing the highest host address
within this range.
@@ -1042,7 +1059,7 @@ It is usually not required to call this function directly as CIDR objects
define it as __tostring function in the associated metatable.
@class function
-@sort 26
+@sort 27
@name cidr.string
@return Returns a string representing the range or address of this CIDR instance
]]
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 17:29:37 +0000