summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-fwknopd/root
diff options
context:
space:
mode:
Diffstat (limited to 'applications/luci-app-fwknopd/root')
-rw-r--r--applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd28
-rw-r--r--applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh26
-rw-r--r--applications/luci-app-fwknopd/root/usr/share/luci/menu.d/luci-app-fwknopd.json9
-rw-r--r--applications/luci-app-fwknopd/root/usr/share/rpcd/acl.d/luci-app-fwknopd.json6
4 files changed, 29 insertions, 40 deletions
diff --git a/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd b/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd
index 7cecf2746..00d721e06 100644
--- a/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd
+++ b/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd
@@ -3,16 +3,24 @@
#-- Licensed to the public under the GNU General Public License v2.
. /lib/functions/network.sh
-[ "$(uci -q get fwknopd.@access[0].KEY)" != "CHANGEME" ] && exit 0
+# Clean-up - keytype/hkeytype is unnecessary now
+if uci -q show fwknopd | grep \\.h\\?keytype > /dev/null; then
+ for keytype in $(uci -q show fwknopd | grep \\.h\\?keytype= | cut -d= -f1); do
+ uci delete $keytype
+ done
+ uci commit fwknopd
+fi
-uci delete fwknopd.@access[0].KEY
-uci delete fwknopd.@access[0].HMAC_KEY
-uci set fwknopd.@access[0].keytype='Base64 key'
-uci set fwknopd.@access[0].hkeytype='Base64 key'
-uci set fwknopd.@access[0].KEY_BASE64=`fwknopd --key-gen | awk '/^KEY/ {print $2;}'`
-uci set fwknopd.@access[0].HMAC_KEY_BASE64=`fwknopd --key-gen | awk '/^HMAC/ {print $2;}'`
-uci set fwknopd.@config[0].ENABLE_IPT_FORWARDING='y'
-uci set fwknopd.@config[0].ENABLE_NAT_DNS='y'
+# Generate valid keys
+if [ "$(uci -q get fwknopd.@access[0].KEY)" = "CHANGEME" ]; then
+ uci delete fwknopd.@access[0].KEY
+ uci delete fwknopd.@access[0].HMAC_KEY
+ uci set fwknopd.@access[0].KEY_BASE64=`fwknopd --key-gen | awk '/^KEY/ {print $2;}'`
+ uci set fwknopd.@access[0].HMAC_KEY_BASE64=`fwknopd --key-gen | awk '/^HMAC/ {print $2;}'`
+ uci set fwknopd.@config[0].ENABLE_IPT_FORWARDING='y'
+ uci set fwknopd.@config[0].ENABLE_NAT_DNS='y'
+
+ uci commit fwknopd
+fi
-uci commit fwknopd
exit 0
diff --git a/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh b/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh
deleted file mode 100644
index 48850bd36..000000000
--- a/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-entry_num=0
-if [ "$1" != "" ]; then
-entry_num=$1
-fi
-
-key_base64=$(uci -q get fwknopd.@access[$entry_num].KEY_BASE64)
-key=$(uci -q get fwknopd.@access[$entry_num].KEY)
-hmac_key_base64=$(uci -q get fwknopd.@access[$entry_num].HMAC_KEY_BASE64)
-hmac_key=$(uci -q get fwknopd.@access[$entry_num].HMAC_KEY)
-
-if [ "$key_base64" != "" ]; then
-qr="KEY_BASE64:$key_base64"
-fi
-if [ "$key" != "" ]; then
-qr="$qr KEY:$key"
-
-fi
-if [ "$hmac_key_base64" != "" ]; then
-qr="$qr HMAC_KEY_BASE64:$hmac_key_base64"
-fi
-if [ "$hmac_key" != "" ]; then
-qr="$qr HMAC_KEY:$hmac_key"
-fi
-
-qrencode -t svg -I -o - "$qr"
diff --git a/applications/luci-app-fwknopd/root/usr/share/luci/menu.d/luci-app-fwknopd.json b/applications/luci-app-fwknopd/root/usr/share/luci/menu.d/luci-app-fwknopd.json
index 85486b997..e3ada68d7 100644
--- a/applications/luci-app-fwknopd/root/usr/share/luci/menu.d/luci-app-fwknopd.json
+++ b/applications/luci-app-fwknopd/root/usr/share/luci/menu.d/luci-app-fwknopd.json
@@ -2,12 +2,15 @@
"admin/services/fwknopd": {
"title": "Firewall Knock Daemon",
"action": {
- "type": "cbi",
- "path": "fwknopd",
- "post": { "cbi.submit": true }
+ "type": "view",
+ "path": "fwknopd"
},
"depends": {
"acl": [ "luci-app-fwknopd" ],
+ "fs": {
+ "/usr/bin/qrencode": "executable",
+ "/usr/sbin/fwknopd": "executable"
+ },
"uci": { "fwknopd": true }
}
}
diff --git a/applications/luci-app-fwknopd/root/usr/share/rpcd/acl.d/luci-app-fwknopd.json b/applications/luci-app-fwknopd/root/usr/share/rpcd/acl.d/luci-app-fwknopd.json
index 3877f8752..15d7975bd 100644
--- a/applications/luci-app-fwknopd/root/usr/share/rpcd/acl.d/luci-app-fwknopd.json
+++ b/applications/luci-app-fwknopd/root/usr/share/rpcd/acl.d/luci-app-fwknopd.json
@@ -2,7 +2,11 @@
"luci-app-fwknopd": {
"description": "Grant UCI access for luci-app-fwknopd",
"read": {
- "uci": [ "fwknopd" ]
+ "uci": [ "fwknopd" ],
+ "file": {
+ "/usr/bin/qrencode": [ "exec" ],
+ "/usr/sbin/fwknopd --key-gen": [ "exec" ]
+ }
},
"write": {
"uci": [ "fwknopd" ]
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-27 03:49:38 +0000