luci-app-openvpn: remove obsolete config options

* remove obsolete config options according to
  openwrt/openwrt@89b8ba9, fix for #2135
* whitespace/intendation fixes
* replace fieldset leftover with div
* fix finally recipe options transfer to regular config with "Add"

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit c2656a7220)

applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua

@@ -204,10 +204,6 @@ local knownParams = {
 			"dev_node",
 			"/dev/net/tun",
 			translate("Use tun/tap device node") },
-		{ Flag,
-			"tun_ipv6",
-			0,
-			translate("Make tun device IPv6 capable") },
 		{ Value,
 			"ifconfig",
 			"10.200.200.3 10.200.200.1",
@@ -248,15 +244,6 @@ local knownParams = {
 			"mtu_test",
 			0,
 			translate("Empirically measure MTU") },
-		{ ListValue,
-			"comp_lzo",
-			{ "yes", "no", "adaptive" },
-			translate("Use fast LZO compression") },
-		{ Flag,
-			"comp_noadapt",
-			0,
-			translate("Don't use adaptive lzo compression"),
-			{ comp_lzo=1 } },
 		{ Value,
 			"link_mtu",
 			1500,
@@ -375,7 +362,7 @@ local knownParams = {
 			{ client="0" }, { client="" } },
 		{ DynamicList,
 			"push",
-			{ "redirect-gateway", "comp-lzo" },
+			{ "redirect-gateway" },
 			translate("Push options to peer"),
 			{ client="0" }, { client="" } },
 		{ Flag,
@@ -398,12 +385,6 @@ local knownParams = {
 			"/etc/openvpn/ipp.txt 600",
 			translate("Persist/unpersist ifconfig-pool"),
 			{ client="0" }, { client="" } },
-	-- deprecated and replaced by --topology p2p
-	--	{ Flag,
-	--		"ifconfig_pool_linear",
-	--		0,
-	--		translate("Use individual addresses rather than /30 subnets"),
-	--		{ client="0" }, { client="" } },
 		{ Value,
 			"ifconfig_push",
 			"10.200.200.1 255.255.255.255",
@@ -469,11 +450,6 @@ local knownParams = {
 			"3 10",
 			translate("Allowed maximum of new connections"),
 			{ client="0" }, { client="" } },
-		{ Flag,
-			"client_cert_not_required",
-			0,
-			translate("Don't require client certificate"),
-			{ client="0" }, { client="" } },
 		{ Flag,
 			"username_as_common_name",
 			0,
@@ -591,10 +567,6 @@ local knownParams = {
 			"engine",
 			"dynamic",
 			translate("Enable OpenSSL hardware crypto engines") },
-		{ Flag,
-			"no_replay",
-			0,
-			translate("Disable replay protection") },
 		{ Value,
 			"replay_window",
 			"64 15",
@@ -607,10 +579,6 @@ local knownParams = {
 			"replay_persist",
 			"/var/run/openvpn-replay-state",
 			translate("Persist replay-protection state") },
-		{ Flag,
-			"no_iv",
-			0,
-			translate("Disable cipher initialisation vector") },
 		{ Flag,
 			"tls_server",
 			0,

applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua

@@ -4,7 +4,6 @@
 require("luci.ip")
 require("luci.model.uci")
 
-
 local basicParams = {
 	--								
 	-- Widget, Name, Default(s), Description
@@ -14,14 +13,12 @@ local basicParams = {
 	{ Value, "nice",0, translate("Change process priority") },
 	{ Value,"port",1194, translate("TCP/UDP port # for both local and remote") },
 	{ ListValue,"dev_type",{ "tun", "tap" }, translate("Type of used device") },
-	{ Flag,"tun_ipv6",0, translate("Make tun device IPv6 capable") },
 
 	{ Value,"ifconfig","10.200.200.3 10.200.200.1", translate("Set tun/tap adapter parameters") },
 	{ Value,"server","10.200.200.0 255.255.255.0", translate("Configure server mode") },
 	{ Value,"server_bridge","192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254", translate("Configure server bridge") },
 	{ Flag,"nobind",0, translate("Do not bind to local address and port") },
 
-	{ ListValue,"comp_lzo",{"yes","no","adaptive"}, translate("Use fast LZO compression") },
 	{ Value,"keepalive","10 60", translate("Helper directive to simplify the expression of --ping and --ping-restart in server mode configurations") },
 
 	{ ListValue,"proto",{ "udp", "tcp-client", "tcp-server" }, translate("Use protocol") },

applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua

@@ -52,21 +52,22 @@ function s.create(self, name)
 		luci.cbi.CREATE_PREFIX .. self.config .. "." ..
 		self.sectiontype .. ".select"
 	)
-	name = luci.http.formvalue(
+	local name = luci.http.formvalue(
 		luci.cbi.CREATE_PREFIX .. self.config .. "." ..
 		self.sectiontype .. ".text"
 	)
 	if #name > 3 and not name:match("[^a-zA-Z0-9_]") then
-		uci:section(
+		local s = uci:section("openvpn", "openvpn", name)
-			"openvpn", "openvpn", name,
+		if s then
-			{ uci:get_all( "openvpn_recipes", recipe ) }
+			local options = uci:get_all("openvpn_recipes", recipe)
-		)
+			for k, v in pairs(options) do
-
+				uci:set("openvpn", name, k, v)
+			end
 			uci:delete("openvpn", name, "_role")
 			uci:delete("openvpn", name, "_description")
 			uci:save("openvpn")
-
 			luci.http.redirect( self.extedit:format(name) )
+		end
 	elseif #name > 0 then
 		self.invalid_cts = true
 	end

applications/luci-app-openvpn/luasrc/view/openvpn/pageswitch.htm

@@ -4,11 +4,11 @@
  Licensed to the public under the Apache License 2.0.
 -%>
 
-<fieldset class="cbi-section">
+<div class="cbi-section">
-	<legend>
+	<h3>
 		<a href="<%=url('admin/services/openvpn')%>"><%:Overview%></a> &raquo;
 		<%=luci.i18n.translatef("Instance \"%s\"", self.instance)%>
-	</legend>
+	</h3>
 
 	<% if self.mode == "basic" then %>
 		<a href="<%=url('admin/services/openvpn/advanced', self.instance, "Service")%>"><%:Switch to advanced configuration »%></a>
@@ -27,4 +27,4 @@
 			<% if next(self.categories, i) then %>|<% end %>
 		<% end %>
 	<% end %>
-</fieldset>
+</div>

applications/luci-app-openvpn/root/etc/config/openvpn_recipes

@@ -2,101 +2,94 @@
 # Routed point-to-point server
 #
 config openvpn_recipe server_tun_ptp
-	option _description		"Simple server configuration for a routed point-to-point VPN"
+	option _description	'Simple server configuration for a routed point-to-point VPN'
-	option _role			"server"
+	option _role		'server'
-	option dev			"tun"
+	option dev		'tun'
-	option ifconfig			"10.0.0.1 10.0.0.2"
+	option ifconfig		'10.0.0.1 10.0.0.2'
-	option secret			"shared-secret.key"
+	option secret		'shared-secret.key'
-	option keepalive		"10 60"
+	option keepalive	'10 60'
-	option comp_lzo			"yes"
+	option verb		'3'
-	option verb			"3"
+	option mssfix		'1420'
-        option mssfix			"1420"
 
 #
 # Routed point-to-point client
 #
 config openvpn_recipe client_tun_ptp
-	option _description		"Simple client configuration for a routed point-to-point VPN"
+	option _description	'Simple client configuration for a routed point-to-point VPN'
-	option _role			"client"
+	option _role		'client'
-	option dev			"tun"
+	option dev		'tun'
-	list   remote			"vpnserver.example.org"
+	list remote		'vpnserver.example.org'
-	option ifconfig			"10.0.0.2 10.0.0.1"
+	option ifconfig		'10.0.0.2 10.0.0.1'
-	option secret			"shared-secret.key"
+	option secret		'shared-secret.key'
-	option nobind			"1"
+	option nobind		'1'
-	option comp_lzo			"yes"
+	option verb		'3'
-	option verb			"3"
 
 #
 # Routed multi-client server
 #
 config openvpn_recipe server_tun
-	option _description		"Server configuration for a routed multi-client VPN"
+	option _description	'Server configuration for a routed multi-client VPN'
-	option _role			"server"
+	option _role		'server'
-	option dev			"tun"
+	option dev		'tun'
-	option server			"10.0.100.0 255.255.255.0"
+	option server		'10.0.100.0 255.255.255.0'
-	option ca			"ca.crt"
+	option ca		'ca.crt'
-	option cert			"server.crt"
+	option cert		'server.crt'
-	option key 			"server.key"
+	option key 		'server.key'
-	option dh 			"dh1024.pem"
+	option dh 		'dh1024.pem'
-	option keepalive		"10 60"
+	option keepalive	'10 60'
-	option comp_lzo			"yes"
+	option verb		'3'
-	option verb			"3"
+	option mssfix		'1420'
-        option mssfix			"1420"
 
 #
 # Routed client
 #
 config openvpn_recipe client_tun
-	option _description		"Client configuration for a routed multi-client VPN"
+	option _description	'Client configuration for a routed multi-client VPN'
-	option _role			"client"
+	option _role		'client'
-	option client			"1"
+	option client		'1'
-	option dev			"tun"
+	option dev		'tun'
-	list   remote			"vpnserver.example.org"
+	list remote		'vpnserver.example.org'
-	option pkcs12			"my_client.p12"
+	option pkcs12		'my_client.p12'
-	option remote_cert_tls		"server"
+	option remote_cert_tls	'server'
-	option comp_lzo			"yes"
+	option nobind		'1'
-	option nobind			"1"
+	option persist_key	'1'
-	option persist_key		"1"
+	option persist_tun	'1'
-	option persist_tun		"1"
+	option verb		'3'
-	option verb			"3"
+	option reneg_sec	'0'
-	option reneg_sec		"0"
+	option float		'1'
-	option float			"1"
 
 #
 # Multi-client ethernet bridge server
 #
 config openvpn_recipe server_tap_bridge
-	option _description		"Server configuration for an ethernet bridge VPN"
+	option _description	'Server configuration for an ethernet bridge VPN'
-	option _role			"server"
+	option _role		'server'
-	option dev			"tap"
+	option dev		'tap'
-	option server_bridge		"192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
+	option server_bridge	'192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254'
-	option ca			"ca.crt"
+	option ca		'ca.crt'
-	option cert			"server.crt"
+	option cert		'server.crt'
-	option key 			"server.key"
+	option key 		'server.key'
-	option dh 			"dh1024.pem"
+	option dh 		'dh1024.pem'
-	option keepalive		"10 60"
+	option keepalive	'10 60'
-	option comp_lzo			"yes"
+	option verb		'3'
-	option verb			"3"
+	option mssfix		'1420'
-        option mssfix			"1420"
 
 #
 # Ethernet bridge client
 #
 config openvpn_recipe client_tap_bridge
-	option _description		"Client configuration for an ethernet bridge VPN"
+	option _description	'Client configuration for an ethernet bridge VPN'
-	option _role			"client"
+	option _role		'client'
-	option client			"1"
+	option client		'1'
-	option dev 			"tap"
+	option dev 		'tap'
-	list   remote			"vpnserver.example.org"
+	list remote		'vpnserver.example.org'
-	option ca 			"ca.crt"
+	option ca 		'ca.crt'
-	option cert			"my_client.crt"
+	option cert		'my_client.crt'
-	option key 			"my_client.key"
+	option key 		'my_client.key'
-	option dh 			"dh1024.pem"
+	option dh 		'dh1024.pem'
-	option remote_cert_tls		"server"
+	option remote_cert_tls	'server'
-	option comp_lzo			"yes"
+	option nobind		'1'
-	option nobind			"1"
+	option persist_key	'1'
-	option persist_key		"1"
+	option verb		'3'
-	option verb			"3"
+	option reneg_sec	'0'
-	option reneg_sec		"0"
+	option float		'1'
-	option float			"1"
-