luci-app-openvpn: more changes & fixes
authorDirk Brenken <dev@brenken.org>
Mon, 19 Nov 2018 20:20:22 +0000 (21:20 +0100)
committerDirk Brenken <dev@brenken.org>
Wed, 21 Nov 2018 14:21:37 +0000 (15:21 +0100)
* fix possible exception in template based ovpn creation
* remove needless shellquote function in controller,
  the filename will be checked on client side with JS
* enhance FileUpload behaviour in basic/advanced mode:
  - change "auth_user_pass" to FileUpload
  - cfg entries (even with default values) will be shown
  - existing entries are now removable (incl. file unlink),
    simply clear the appropriate textbox
* change "key_direction" option to boolean ListValue
* add "config" option to basic/advanced edit,
  to make it possible to change the upload path in LuCI

Signed-off-by: Dirk Brenken <dev@brenken.org>
applications/luci-app-openvpn/luasrc/controller/openvpn.lua
applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua
applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua

index 61592d0fac8472705256a94eec40e2a60d0895f1..c9a932d870e1443819463ef071dcb2cafa81b331 100644 (file)
@@ -18,7 +18,7 @@ function ovpn_upload()
        local util   = require("luci.util")
        local uci    = require("luci.model.uci").cursor()
        local upload = http.formvalue("ovpn_file")
-       local name   = string.gsub(util.shellquote(http.formvalue("instance_name2")), "'", "")
+       local name   = http.formvalue("instance_name2")
        local file   = "/etc/openvpn/" ..name.. ".ovpn"
 
        if name and upload then
index 6dc43bec2414f7859b336cc3ae73a95f1fa5a5d5..3fb734aeb0ee160c0e3441356a6453dbd629e051 100644 (file)
@@ -1,9 +1,7 @@
 -- Copyright 2008 Steven Barth <steven@midlink.org>
 -- Licensed to the public under the Apache License 2.0.
 
-require("luci.ip")
-require("luci.model.uci")
-
+local fs = require("nixio.fs")
 
 local knownParams = {
        --
@@ -160,6 +158,10 @@ local knownParams = {
                        "script_security",
                        { 0, 1, 2, 3 },
                        translate("Policy level over usage of external programs and scripts") },
+               { Value,
+                       "config",
+                       "/etc/openvpn/ovpn-file.ovpn",
+                       translate("Local OVPN configuration file") },
        } },
 
        { "Networking", {
@@ -464,7 +466,7 @@ local knownParams = {
                        0,
                        translate("Accept options pushed from server"),
                        { client="1" } },
-               { Value,
+               { FileUpload,
                        "auth_user_pass",
                        "/etc/openvpn/userpass.txt",
                        translate("Authenticate using username/password"),
@@ -689,9 +691,9 @@ local knownParams = {
                        "tls_version_max",
                        "1.2",
                        translate("The highest supported TLS version") },
-               { Value,
+               { ListValue,
                        "key_direction",
-                       "1",
+                       { 0, 1 },
                        translate("The key direction for 'tls-auth' and 'secret' options") },
        } }
 }
@@ -703,6 +705,8 @@ local params = { }
 local m = Map("openvpn")
 local p = m:section( SimpleSection )
 
+m.apply_on_parse = true
+
 p.template = "openvpn/pageswitch"
 p.mode     = "advanced"
 p.instance = arg[1]
@@ -732,8 +736,42 @@ for _, option in ipairs(params) do
                option[2], option[4]
        )
 
+       o.optional = true
+
        if option[1] == DummyValue then
                o.value = option[3]
+       elseif option[1] == FileUpload then
+
+               function o.cfgvalue(self, section)
+                       local cfg_val = AbstractValue.cfgvalue(self, section)
+
+                       if cfg_val then
+                               return cfg_val
+                       end
+               end
+
+               function o.formvalue(self, section)
+                       local sel_val = AbstractValue.formvalue(self, section)
+                       local txt_val = luci.http.formvalue("cbid."..self.map.config.."."..section.."."..self.option..".textbox")
+
+                       if sel_val and sel_val ~= "" then
+                               return sel_val
+                       end
+
+                       if txt_val and txt_val ~= "" then
+                               return txt_val
+                       end
+               end
+
+               function o.remove(self, section)
+                       local cfg_val = AbstractValue.cfgvalue(self, section)
+                       local txt_val = luci.http.formvalue("cbid."..self.map.config.."."..section.."."..self.option..".textbox")
+                       
+                       if cfg_val and fs.access(cfg_val) and txt_val == "" then
+                               fs.unlink(cfg_val)
+                       end
+                       return AbstractValue.remove(self, section)
+               end
        else
                if option[1] == DynamicList then
                        function o.cfgvalue(...)
@@ -742,8 +780,6 @@ for _, option in ipairs(params) do
                        end
                end
 
-               o.optional = true
-
                if type(option[3]) == "table" then
                        if o.optional then o:value("", "-- remove --") end
                        for _, v in ipairs(option[3]) do
index 6b6323e078878abc411de7a222a7d05aac2dc59d..47b1799918a11ec3f169ecad9e55fa9531023989 100644 (file)
@@ -1,14 +1,12 @@
 -- Copyright 2008 Steven Barth <steven@midlink.org>
 -- Licensed to the public under the Apache License 2.0.
 
-require("luci.ip")
-require("luci.model.uci")
+local fs = require("nixio.fs")
 
 local basicParams = {
        --                                                              
        -- Widget, Name, Default(s), Description
        --
-                                       
        { ListValue, "verb", { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 }, translate("Set output verbosity") },
        { Value, "nice",0, translate("Change process priority") },
        { Value,"port",1194, translate("TCP/UDP port # for both local and remote") },
@@ -28,18 +26,22 @@ local basicParams = {
        { DynamicList,"remote","vpnserver.example.org", translate("Remote host name or ip address") },
 
        { FileUpload,"secret","/etc/openvpn/secret.key", translate("Enable Static Key encryption mode (non-TLS)") },
-       { Value,"key_direction","1", translate("The key direction for 'tls-auth' and 'secret' options") },
+       { ListValue,"key_direction", { 0, 1 }, translate("The key direction for 'tls-auth' and 'secret' options") },
        { FileUpload,"pkcs12","/etc/easy-rsa/keys/some-client.pk12", translate("PKCS#12 file containing keys") },
        { FileUpload,"ca","/etc/easy-rsa/keys/ca.crt", translate("Certificate authority") },
        { FileUpload,"dh","/etc/easy-rsa/keys/dh1024.pem", translate("Diffie Hellman parameters") },
        { FileUpload,"cert","/etc/easy-rsa/keys/some-client.crt", translate("Local certificate") },
        { FileUpload,"key","/etc/easy-rsa/keys/some-client.key", translate("Local private key") },
+       { Value,"config","/etc/openvpn/ovpn-file.ovpn", translate("Local OVPN configuration file") },
 }
 
 
 local m = Map("openvpn")
 local p = m:section( SimpleSection )
 
+m.apply_on_parse = true
+
+
 p.template = "openvpn/pageswitch"
 p.mode     = "basic"
 p.instance = arg[1]
@@ -57,6 +59,38 @@ for _, option in ipairs(basicParams) do
 
        if option[1] == DummyValue then
                o.value = option[3]
+       elseif option[1] == FileUpload then
+
+               function o.cfgvalue(self, section)
+                       local cfg_val = AbstractValue.cfgvalue(self, section)
+
+                       if cfg_val then
+                               return cfg_val
+                       end
+               end
+
+               function o.formvalue(self, section)
+                       local sel_val = AbstractValue.formvalue(self, section)
+                       local txt_val = luci.http.formvalue("cbid."..self.map.config.."."..section.."."..self.option..".textbox")
+
+                       if sel_val and sel_val ~= "" then
+                               return sel_val
+                       end
+
+                       if txt_val and txt_val ~= "" then
+                               return txt_val
+                       end
+               end
+
+               function o.remove(self, section)
+                       local cfg_val = AbstractValue.cfgvalue(self, section)
+                       local txt_val = luci.http.formvalue("cbid."..self.map.config.."."..section.."."..self.option..".textbox")
+                       
+                       if cfg_val and fs.access(cfg_val) and txt_val == "" then
+                               fs.unlink(cfg_val)
+                       end
+                       return AbstractValue.remove(self, section)
+               end
        else
                if option[1] == DynamicList then
                        function o.cfgvalue(...)
index 8f4859c0e582149386774f838ef4021dd85615c3..ad607ae6c2183341f7b07f8daf9ae03b917d69fb 100644 (file)
@@ -14,8 +14,8 @@ s.template_addremove = "openvpn/cbi-select-input-add"
 s.addremove = true
 s.add_select_options = { }
 
-file_cfg = s:option(DummyValue, "config")
-function file_cfg.cfgvalue(self, section)
+local cfg = s:option(DummyValue, "config")
+function cfg.cfgvalue(self, section)
        local file_cfg = self.map:get(section, "config")
        if file_cfg then
                s.extedit = luci.dispatcher.build_url("admin", "services", "openvpn", "file", "%s")
@@ -73,7 +73,9 @@ function s.create(self, name)
                                end
                        end
                        uci:save("openvpn")
-                       luci.http.redirect( self.extedit:format(name) )
+                       if extedit then
+                               luci.http.redirect( self.extedit:format(name) )
+                       end
                end
        elseif #name > 0 then
                self.invalid_cts = true