Changeset 48bf314 for npl

Timestamp:

09/28/17 17:29:01 (8 years ago)

Author:

Edwin Eefting <edwin@datux.nl>

Branches:

master, perl-5.22

Children:

10bd92c

Parents:

0b780b4

Message:

fixed libreswan public key support. status fix

Location:

npl

Files:

• internetserver/libreswan_conf/libreswan_conf.SlackBuild.log.gz (modified) (previous)
• internetserver/libreswan_conf/libreswan_conf.build (modified) (1 diff)
• internetserver/libreswan_conf/libreswan_conf.md5 (modified) (2 diffs)
• internetserver/libreswan_conf/libreswan_conf.pkg (modified) (previous)
• internetserver/libreswan_conf/root/etc/postinst.d/post.libreswan (modified) (1 diff)
• internetserver/libreswan_conf/root/sbin/syn3-ipsecpubkey (added)
• syn3/webint/src/vpn/lang_de.php (modified) (1 diff)
• syn3/webint/src/vpn/lang_deD.php (modified) (1 diff)
• syn3/webint/src/vpn/lang_en.php (modified) (2 diffs)
• syn3/webint/src/vpn/lang_enD.php (modified) (2 diffs)
• syn3/webint/src/vpn/lang_nl.php (modified) (2 diffs)
• syn3/webint/src/vpn/lang_nlD.php (modified) (2 diffs)
• syn3/webint/src/vpn/lang_pl.php (modified) (1 diff)
• syn3/webint/src/vpn/lang_plD.php (modified) (1 diff)
• syn3/webint/src/vpn/lang_pt.php (modified) (2 diffs)
• syn3/webint/src/vpn/lang_ptD.php (modified) (2 diffs)
• syn3/webint/src/vpn/openswan.php (modified) (5 diffs)

npl/internetserver/libreswan_conf/libreswan_conf.build

@@ -1 @@
-6552
+6554

npl/internetserver/libreswan_conf/libreswan_conf.md5

@@ -1 @@
-544cf91ec7a3987868055d7eeb063aed  ./libreswan_conf.pkg
+122e8f14e19c0ec39d7bcf9c22f5eeb2  ./libreswan_conf.pkg
 42016730303eef15aafe66cc3d793c8b  ./libreswan_conf.SlackBuild
-7dc0067eced4d98f26cb9b532dc61691  ./libreswan_conf.SlackBuild.log.gz
+edea22bb9108a04249d6e45135bba47a  ./libreswan_conf.SlackBuild.log.gz
 811bbe5f8db6bf1ffff4ed5b66fc05f2  ./root/etc/ipsec.conf
 53d9d2008956917a02c0c670100165f6  ./root/etc/ipsec.secrets
 f0188fc8f667dc97590f885fd1adfc7d  ./root/etc/pam.d/pluto
-c72a5d7a716724e4f8a2e4f28421f0ae  ./root/etc/postinst.d/post.libreswan
+1a5e15db17d1250abb2596361383d0d1  ./root/etc/postinst.d/post.libreswan
 60ae7c5340247d26161043df4e361722  ./root/home/system/ipsec.d/policies/block
 9e6cbaea66c6f14c9f8e7a6e6b4d720e  ./root/home/system/ipsec.d/policies/clear
@@ -13 +13 @@
 68b329da9893e34099c7d8ad5cb9c940  ./root/home/system/ipsec.d/tunnels/dummy.conf
 87a28e77aef254bdb8259f4388b40d45  ./root/sbin/syn3-ipseccheck
+a33b03980a28bb1ca9089298f0db1bcf  ./root/sbin/syn3-ipsecpubkey
 9d6f0923366b4e95a8a9fcd85dcaaf56  ./root/service/ipsec/run
 e458545ffca980b0a2d4d8106680f4b0  ./root/service/ipsec/start

npl/internetserver/libreswan_conf/root/etc/postinst.d/post.libreswan

@@ -9 +9 @@
 
 
-KEY=/etc/ipsec.d/ipsec.pub
-if ! egrep '(ckaid|CKA_ID)' $KEY >/dev/null; then
-    rm $KEY 2>/dev/null
+if ! syn3-ipsecpubkey; then
+    #obsolete
+    rm /etc/ipsec.d/ipsec.pub 2>/dev/null
+
     echo Generating ipsec key
-    ipsec newhostkey --bits 2192 --output $KEY || exit 1
-    #previous command can fail without proper exit code, so check it:
-    egrep '(ckaid|CKA_ID)' $KEY >/dev/null || exit 1
+    ipsec newhostkey --bits 2192 || exit 1
+    syn3-ipsecpubkey || exit 1
 fi
 depmod -a

npl/syn3/webint/src/vpn/lang_de.php

@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { return (
-        "Starten des VPN ist fehlgeschlagen. Linux Fehlerbericht: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { return (
-        "VPN Systeme neu gestartet"
-);}
-
 function _LogVPNTunnelDeleted($name) { return (
         "VPN Tunnel $Name gelöscht"

npl/syn3/webint/src/vpn/lang_deD.php

@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { LangDebug("Starten des VPN ist fehlgeschlagen. Linux Fehlerbericht: $a", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=3915");return (
-        "Starten des VPN ist fehlgeschlagen. Linux Fehlerbericht: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { LangDebug("VPN Systeme neu gestartet", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=4312");return (
-        "VPN Systeme neu gestartet"
-);}
-
 function _LogVPNTunnelDeleted($name) { LangDebug("VPN Tunnel $Name gelöscht", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=3888");return (
         "VPN Tunnel $Name gelöscht"

npl/syn3/webint/src/vpn/lang_en.php

@@ -65 +65 @@
 
 function _EnterValidKey($a='',$b='') { return (
-        "Enter the public key of the other server"
+        "Enter a valid public key."
 );}
 
@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { return (
-        "Starting of VPN failed.  Linux error report: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { return (
-        "VPN systems restarted"
-);}
-
 function _LogVPNTunnelDeleted($name) { return (
         "VPN tunnel $name removed"

npl/syn3/webint/src/vpn/lang_enD.php

@@ -64 +64 @@
 );}
 
-function _EnterValidKey($a='',$b='') { LangDebug("Enter the public key of the other server", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=1361");return (
-        "Enter the public key of the other server"
+function _EnterValidKey($a='',$b='') { LangDebug("Enter a valid public key.", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=8325");return (
+        "Enter a valid public key."
 );}
 
@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { LangDebug("Starting of VPN failed.  Linux error report: $a", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=1380");return (
-        "Starting of VPN failed.  Linux error report: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { LangDebug("VPN systems restarted", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=1382");return (
-        "VPN systems restarted"
-);}
-
 function _LogVPNTunnelDeleted($name) { LangDebug("VPN tunnel $name removed", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=1379");return (
         "VPN tunnel $name removed"

npl/syn3/webint/src/vpn/lang_nl.php

@@ -65 +65 @@
 
 function _EnterValidKey($a='',$b='') { return (
-        "Voer de publieke sleutel van de andere server in"
+        "Voer een geldige publieke sleutel in."
 );}
 
@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { return (
-        "Starten van VPN mislukt. Linux foutmelding: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { return (
-        "VPN systeem opnieuw starten"
-);}
-
 function _LogVPNTunnelDeleted($name) { return (
         "VPN tunnel $name verwijderd"

npl/syn3/webint/src/vpn/lang_nlD.php

@@ -64 +64 @@
 );}
 
-function _EnterValidKey($a='',$b='') { LangDebug("Voer de publieke sleutel van de andere server in", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=397");return (
-        "Voer de publieke sleutel van de andere server in"
+function _EnterValidKey($a='',$b='') { LangDebug("Voer een geldige publieke sleutel in.", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=8324");return (
+        "Voer een geldige publieke sleutel in."
 );}
 
@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { LangDebug("Starten van VPN mislukt. Linux foutmelding: $a", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=416");return (
-        "Starten van VPN mislukt. Linux foutmelding: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { LangDebug("VPN systeem opnieuw starten", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=418");return (
-        "VPN systeem opnieuw starten"
-);}
-
 function _LogVPNTunnelDeleted($name) { LangDebug("VPN tunnel $name verwijderd", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=415");return (
         "VPN tunnel $name verwijderd"

npl/syn3/webint/src/vpn/lang_pl.php

@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { return (
-        "Uruchamianie VPN niepowiodło się. System linux zgłosił bląd: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { return (
-        "System VPN(wirtualna sieÊ prywatna)zrestartowany"
-);}
-
 function _LogVPNTunnelDeleted($name) { return (
         "Tunel VPN $name usunięty"

npl/syn3/webint/src/vpn/lang_plD.php

@@ -126 +126 @@
 function _LogVPNSettingsChanged($name) { LangDebug("Zmiana nazwy tunelu VPN", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=4780");return (
         "Zmiana nazwy tunelu VPN"
-);}
-
-function _LogVPNstartErrors($a='',$b='') { LangDebug("Uruchamianie VPN niepowiodło się. System linux zgłosił bląd: $a", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=4706");return (
-        "Uruchamianie VPN niepowiodło się. System linux zgłosił bląd: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { LangDebug("System VPN(wirtualna sieÊ prywatna)zrestartowany", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?edit_ID=2506");return (
-        "System VPN(wirtualna sieÊ prywatna)zrestartowany"
 );}
 

npl/syn3/webint/src/vpn/lang_pt.php

@@ -65 +65 @@
 
 function _EnterValidKey($a='',$b='') { return (
-        "Enter the public key of the other server"
+        "Enter a valid public key."
 );}
 
@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { return (
-        "Starting of VPN failed.  Linux error report: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { return (
-        "VPN systems restarted"
-);}
-
 function _LogVPNTunnelDeleted($name) { return (
         "VPN tunnel $name removed"

npl/syn3/webint/src/vpn/lang_ptD.php

@@ -64 +64 @@
 );}
 
-function _EnterValidKey($a='',$b='') { LangDebug("Enter the public key of the other server", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?src_lang=en&add_langID=pt&add_labelID=_EnterValidKey");return (
-        "Enter the public key of the other server"
+function _EnterValidKey($a='',$b='') { LangDebug("Enter a valid public key.", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?src_lang=en&add_langID=pt&add_labelID=_EnterValidKey");return (
+        "Enter a valid public key."
 );}
 
@@ -128 +128 @@
 );}
 
-function _LogVPNstartErrors($a='',$b='') { LangDebug("Starting of VPN failed.  Linux error report: $a", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?src_lang=en&add_langID=pt&add_labelID=_LogVPNstartErrors");return (
-        "Starting of VPN failed.  Linux error report: $a"
-);}
-
-function _LogVPNStarting($a='',$b='') { LangDebug("VPN systems restarted", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?src_lang=en&add_langID=pt&add_labelID=_LogVPNStarting");return (
-        "VPN systems restarted"
-);}
-
 function _LogVPNTunnelDeleted($name) { LangDebug("VPN tunnel $name removed", "http://www.syn-3.nl/mosaddphp/translate/editlang.php?src_lang=en&add_langID=pt&add_labelID=_LogVPNTunnelDeleted");return (
         "VPN tunnel $name removed"

npl/syn3/webint/src/vpn/openswan.php

@@ -23 +23 @@
 
         $VPN_IPSEC_DIR="/etc/ipsec.d";
-        $VPN_PUB="$VPN_IPSEC_DIR/ipsec.pub";
         $VPN_TUNNEL_DIR="$VPN_IPSEC_DIR/tunnels";
         $VPN_LOG="/var/log/secure";
@@ -236 +235 @@
                 $key=vpn_ReadableToPub($key);
                 return (
-                        (strlen($key)==370) &&
+                        // (strlen($key)==370) && //varieert nu?
                         (substr($key,0,2)=='0s') &&
-                        (!preg_match("/[^A-Za-z0-9+\/]/",substr($key,2)))
+                        (!preg_match("/[^A-Za-z0-9+\/=]/",$key))
                 );
         }
@@ -252 +251 @@
         function vpn_ReadPubKey()
         {
-                global $VPN_PUB;
-                $raw=FileReadMatches($VPN_PUB,"/#pubkey=/");
-                preg_match("/.*pubkey=(.*)/",$raw[0],$matches);
-                return ($matches[1]);
+                return(safeExec("syn3-ipsecpubkey")[0]);
         }
 
@@ -348 +344 @@
 
                 //ike v2
+                'STATE_PARENT_I1'=>"Negotiating...",
                 'STATE_PARENT_I2'=>"Negotiating...",
 
@@ -442 +439 @@
                                         $ret[$name]['info'][]=$line;
                                         $state=vpn_LogToState($line);
-                                        if ($state['phase1'])
+                                        if ($state['phase1'] && !$ret[$name]['phase1_newest'])
+                                        {
                                                 $ret[$name]['phase1']=$state['phase1'];
-                                        if ($state['phase2'])
+                                                if (preg_match('/ newest /', $line))
+                                                        $ret[$name]['phase1_newest']=true;
+
+                                        }
+                                        if ($state['phase2'] && !$ret[$name]['phase2_newest'])
+                                        {
                                                 $ret[$name]['phase2']=$state['phase2'];
+                                                if (preg_match('/ newest /', $line))
+                                                        $ret[$name]['phase2_newest']=true;
+                                        }
 
                                 }