Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

luci-app-openvpn: remove obsolete config options

Browse source 
* remove obsolete config options according to
  openwrt/openwrt@89b8ba9, fix for #2135
* whitespace/intendation fixes
* replace fieldset leftover with div
* fix finally recipe options transfer to regular config with "Add"

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit c2656a7220)
This commit is contained in:
Dirk Brenken 2018-09-16 18:58:26 +02:00
parent b3cbe89b29
commit 55ebe88f4c
No known key found for this signature in database
GPG key ID: 9D71CD547BFAE684
5 changed files with 83 additions and 124 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
View file

@ -204,10 +204,6 @@ local knownParams = {
"dev_node",
"/dev/net/tun",
translate("Use tun/tap device node") },
{ Flag,
"tun_ipv6",
0,
translate("Make tun device IPv6 capable") },
{ Value,
"ifconfig",
"10.200.200.3 10.200.200.1",
@ -248,15 +244,6 @@ local knownParams = {
"mtu_test",
0,
translate("Empirically measure MTU") },
{ ListValue,
"comp_lzo",
{ "yes", "no", "adaptive" },
translate("Use fast LZO compression") },
{ Flag,
"comp_noadapt",
0,
translate("Don't use adaptive lzo compression"),
{ comp_lzo=1 } },
{ Value,
"link_mtu",
1500,
@ -375,7 +362,7 @@ local knownParams = {
{ client="0" }, { client="" } },
{ DynamicList,
"push",
{ "redirect-gateway", "comp-lzo" },
{ "redirect-gateway" },
translate("Push options to peer"),
{ client="0" }, { client="" } },
{ Flag,
@ -398,12 +385,6 @@ local knownParams = {
"/etc/openvpn/ipp.txt 600",
translate("Persist/unpersist ifconfig-pool"),
{ client="0" }, { client="" } },
-- deprecated and replaced by --topology p2p
-- { Flag,
-- "ifconfig_pool_linear",
-- 0,
-- translate("Use individual addresses rather than /30 subnets"),
-- { client="0" }, { client="" } },
{ Value,
"ifconfig_push",
"10.200.200.1 255.255.255.255",
@ -469,11 +450,6 @@ local knownParams = {
"3 10",
translate("Allowed maximum of new connections"),
{ client="0" }, { client="" } },
{ Flag,
"client_cert_not_required",
0,
translate("Don't require client certificate"),
{ client="0" }, { client="" } },
{ Flag,
"username_as_common_name",
0,
@ -591,10 +567,6 @@ local knownParams = {
"engine",
"dynamic",
translate("Enable OpenSSL hardware crypto engines") },
{ Flag,
"no_replay",
0,
translate("Disable replay protection") },
{ Value,
"replay_window",
"64 15",
@ -607,10 +579,6 @@ local knownParams = {
"replay_persist",
"/var/run/openvpn-replay-state",
translate("Persist replay-protection state") },
{ Flag,
"no_iv",
0,
translate("Disable cipher initialisation vector") },
{ Flag,
"tls_server",
0,

3
applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua
View file

@ -4,7 +4,6 @@
require("luci.ip")
require("luci.model.uci")
local basicParams = {
--
-- Widget, Name, Default(s), Description
@ -14,14 +13,12 @@ local basicParams = {
{ Value, "nice",0, translate("Change process priority") },
{ Value,"port",1194, translate("TCP/UDP port # for both local and remote") },
{ ListValue,"dev_type",{ "tun", "tap" }, translate("Type of used device") },
{ Flag,"tun_ipv6",0, translate("Make tun device IPv6 capable") },
{ Value,"ifconfig","10.200.200.3 10.200.200.1", translate("Set tun/tap adapter parameters") },
{ Value,"server","10.200.200.0 255.255.255.0", translate("Configure server mode") },
{ Value,"server_bridge","192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254", translate("Configure server bridge") },
{ Flag,"nobind",0, translate("Do not bind to local address and port") },
{ ListValue,"comp_lzo",{"yes","no","adaptive"}, translate("Use fast LZO compression") },
{ Value,"keepalive","10 60", translate("Helper directive to simplify the expression of --ping and --ping-restart in server mode configurations") },
{ ListValue,"proto",{ "udp", "tcp-client", "tcp-server" }, translate("Use protocol") },

23
applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua
View file

@ -52,21 +52,22 @@ function s.create(self, name)
luci.cbi.CREATE_PREFIX .. self.config .. "." ..
self.sectiontype .. ".select"
)
name = luci.http.formvalue(
local name = luci.http.formvalue(
luci.cbi.CREATE_PREFIX .. self.config .. "." ..
self.sectiontype .. ".text"
)
if #name > 3 and not name:match("[^a-zA-Z0-9_]") then
uci:section(
"openvpn", "openvpn", name,
{ uci:get_all( "openvpn_recipes", recipe ) }
)
uci:delete("openvpn", name, "_role")
uci:delete("openvpn", name, "_description")
uci:save("openvpn")
luci.http.redirect( self.extedit:format(name) )
local s = uci:section("openvpn", "openvpn", name)
if s then
local options = uci:get_all("openvpn_recipes", recipe)
for k, v in pairs(options) do
uci:set("openvpn", name, k, v)
end
uci:delete("openvpn", name, "_role")
uci:delete("openvpn", name, "_description")
uci:save("openvpn")
luci.http.redirect( self.extedit:format(name) )
end
elseif #name > 0 then
self.invalid_cts = true
end

8
applications/luci-app-openvpn/luasrc/view/openvpn/pageswitch.htm
View file

@ -4,11 +4,11 @@
Licensed to the public under the Apache License 2.0.
-%>
<fieldset class="cbi-section">
<legend>
<div class="cbi-section">
<h3>
<a href="<%=url('admin/services/openvpn')%>"><%:Overview%></a> &raquo;
<%=luci.i18n.translatef("Instance \"%s\"", self.instance)%>
</legend>
</h3>
<% if self.mode == "basic" then %>
<a href="<%=url('admin/services/openvpn/advanced', self.instance, "Service")%>"><%:Switch to advanced configuration »%></a>
@ -27,4 +27,4 @@
<% if next(self.categories, i) then %>|<% end %>
<% end %>
<% end %>
</fieldset>
</div>

139
applications/luci-app-openvpn/root/etc/config/openvpn_recipes
View file

@ -2,101 +2,94 @@
# Routed point-to-point server
#
config openvpn_recipe server_tun_ptp
option _description "Simple server configuration for a routed point-to-point VPN"
option _role "server"
option dev "tun"
option ifconfig "10.0.0.1 10.0.0.2"
option secret "shared-secret.key"
option keepalive "10 60"
option comp_lzo "yes"
option verb "3"
option mssfix "1420"
option _description 'Simple server configuration for a routed point-to-point VPN'
option _role 'server'
option dev 'tun'
option ifconfig '10.0.0.1 10.0.0.2'
option secret 'shared-secret.key'
option keepalive '10 60'
option verb '3'
option mssfix '1420'
#
# Routed point-to-point client
#
config openvpn_recipe client_tun_ptp
option _description "Simple client configuration for a routed point-to-point VPN"
option _role "client"
option dev "tun"
list remote "vpnserver.example.org"
option ifconfig "10.0.0.2 10.0.0.1"
option secret "shared-secret.key"
option nobind "1"
option comp_lzo "yes"
option verb "3"
option _description 'Simple client configuration for a routed point-to-point VPN'
option _role 'client'
option dev 'tun'
list remote 'vpnserver.example.org'
option ifconfig '10.0.0.2 10.0.0.1'
option secret 'shared-secret.key'
option nobind '1'
option verb '3'
#
# Routed multi-client server
#
config openvpn_recipe server_tun
option _description "Server configuration for a routed multi-client VPN"
option _role "server"
option dev "tun"
option server "10.0.100.0 255.255.255.0"
option ca "ca.crt"
option cert "server.crt"
option key "server.key"
option dh "dh1024.pem"
option keepalive "10 60"
option comp_lzo "yes"
option verb "3"
option mssfix "1420"
option _description 'Server configuration for a routed multi-client VPN'
option _role 'server'
option dev 'tun'
option server '10.0.100.0 255.255.255.0'
option ca 'ca.crt'
option cert 'server.crt'
option key 'server.key'
option dh 'dh1024.pem'
option keepalive '10 60'
option verb '3'
option mssfix '1420'
#
# Routed client
#
config openvpn_recipe client_tun
option _description "Client configuration for a routed multi-client VPN"
option _role "client"
option client "1"
option dev "tun"
list remote "vpnserver.example.org"
option pkcs12 "my_client.p12"
option remote_cert_tls "server"
option comp_lzo "yes"
option nobind "1"
option persist_key "1"
option persist_tun "1"
option verb "3"
option reneg_sec "0"
option float "1"
option _description 'Client configuration for a routed multi-client VPN'
option _role 'client'
option client '1'
option dev 'tun'
list remote 'vpnserver.example.org'
option pkcs12 'my_client.p12'
option remote_cert_tls 'server'
option nobind '1'
option persist_key '1'
option persist_tun '1'
option verb '3'
option reneg_sec '0'
option float '1'
#
# Multi-client ethernet bridge server
#
config openvpn_recipe server_tap_bridge
option _description "Server configuration for an ethernet bridge VPN"
option _role "server"
option dev "tap"
option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
option ca "ca.crt"
option cert "server.crt"
option key "server.key"
option dh "dh1024.pem"
option keepalive "10 60"
option comp_lzo "yes"
option verb "3"
option mssfix "1420"
option _description 'Server configuration for an ethernet bridge VPN'
option _role 'server'
option dev 'tap'
option server_bridge '192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254'
option ca 'ca.crt'
option cert 'server.crt'
option key 'server.key'
option dh 'dh1024.pem'
option keepalive '10 60'
option verb '3'
option mssfix '1420'
#
# Ethernet bridge client
#
config openvpn_recipe client_tap_bridge
option _description "Client configuration for an ethernet bridge VPN"
option _role "client"
option client "1"
option dev "tap"
list remote "vpnserver.example.org"
option ca "ca.crt"
option cert "my_client.crt"
option key "my_client.key"
option dh "dh1024.pem"
option remote_cert_tls "server"
option comp_lzo "yes"
option nobind "1"
option persist_key "1"
option verb "3"
option reneg_sec "0"
option float "1"
option _description 'Client configuration for an ethernet bridge VPN'
option _role 'client'
option client '1'
option dev 'tap'
list remote 'vpnserver.example.org'
option ca 'ca.crt'
option cert 'my_client.crt'
option key 'my_client.key'
option dh 'dh1024.pem'
option remote_cert_tls 'server'
option nobind '1'
option persist_key '1'
option verb '3'
option reneg_sec '0'
option float '1'