This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 6dac44d40c4e1e80c497959f7098158462b033cb (commit) via 4a0648243b991b00130aca4fcc615e717ddb1003 (commit) from 6ea7d8c67e0ea53188d6dc356b9cdbc5bf7b5d97 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 6dac44d40c4e1e80c497959f7098158462b033cb Author: Adolf Belka adolf.belka@ipfire.org Date: Thu Feb 22 13:43:39 2024 +0100
update.sh: Fixes bug#13548 - make key 41 contain no-pass for N2N connections
- This code ensures that all existing N2N connections have no-pass in key 41 in place of disabled for some of them. - Tested out and confirmed on my vm testbed.
Fixes: Bug#13548 Tested-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 4a0648243b991b00130aca4fcc615e717ddb1003 Author: Adolf Belka adolf.belka@ipfire.org Date: Thu Feb 22 13:43:38 2024 +0100
ovpnmain.cgi: Fixes bug#13548 - imported N2N client connections get disabled instead of no-pass
- When bug#11408 was fixed it was missed that key 41 has disabled inserted into it when uploading into the N2N client. This replaced the no-pass entry for all N2N connections resulting in the ovpnmain.cgi not being able to show the status correctly as the code looks for pass or no-pass. - The disabled entry has been present for a very long time and is not utilised anywhere in the code. - This fix ensures that key 41 in the uploaded N2N connection has no-pass entered - Tested out and confirmed in my vm testbed.
Fixes: Bug#13548 Tested-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/core/185/update.sh | 21 +++++++++++++++++++++ html/cgi-bin/ovpnmain.cgi | 2 +- 2 files changed, 22 insertions(+), 1 deletion(-)
Difference in files: diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh index 903fe1753..0a3fae638 100644 --- a/config/rootfiles/core/185/update.sh +++ b/config/rootfiles/core/185/update.sh @@ -88,6 +88,27 @@ telinit u /etc/init.d/unbound restart /etc/init.d/ntp start
+## Modify ovpnconfig according to bug 13548 for no-pass entry for N2N client connections +# Check if ovpnconfig exists and is not empty +if [ -s /var/ipfire/ovpn/ovpnconfig ]; then + # Add blank line at top of ovpnconfig otherwise the first roadwarrior entry is treated like a blank line and missed out from update + awk 'NR==1{print ""}1' /var/ipfire/ovpn/ovpnconfig > /var/ipfire/ovpn/tmp_file && mv /var/ipfire/ovpn/tmp_file /var/ipfire/ovpn/ovpnconfig + + # Make all N2N connections 'no-pass' since they do not use encryption + awk '{FS=OFS=","} {if($5=="net") {$43="no-pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new + + # Copy all RW connections unchanged to the new ovpnconfig file + for y in $(awk -F',' '/host/ { print $3 }' /var/ipfire/ovpn/ovpnconfig); do + awk -v var="$y" '{FS=OFS=","} {if($3==var) {print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new + + done +fi + +# Replace existing ovpnconfig with updated index +mv /var/ipfire/ovpn/ovpnconfig.new /var/ipfire/ovpn/ovpnconfig +# Set correct ownership +chown nobody:nobody /var/ipfire/ovpn/ovpnconfig + # This update needs a reboot... #touch /var/run/need_reboot
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 98900b277..c92d0237d 100755 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -3472,7 +3472,7 @@ foreach my $dkey (keys %confighash) { $confighash{$key}[31] = $n2ntunmtu[1]; $confighash{$key}[39] = $n2nauth[1]; $confighash{$key}[40] = $n2ncipher[1]; - $confighash{$key}[41] = 'disabled'; + $confighash{$key}[41] = 'no-pass';
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", %confighash);
hooks/post-receive -- IPFire 2.x development tree