Merge pull request #53 from freifunk-gluon/fastd-key-generate

config-mode, mesh-vpn: refactor key generation

Merge pull request #53 from freifunk-gluon/fastd-key-generate
a7a8f373 · Nils Schneider · 8f6ec2fb · 2f5705b5 · a7a8f373 · a7a8f373
Commit a7a8f373 authored 10 years ago by Nils Schneider
--- a/package/gluon-config-mode/files/usr/lib/lua/luci/controller/gluon-config-mode/index.lua
+++ b/package/gluon-config-mode/files/usr/lib/lua/luci/controller/gluon-config-mode/index.lua
@@ -48,13 +48,13 @@ function index()
 end

 function action_reboot()
-  local configmode = require "luci.tools.gluon-config-mode"
+  local util = require "luci.util"
  local pubkey
  local uci = luci.model.uci.cursor()
  local meshvpn_enabled = uci:get("fastd", meshvpn_name, "enabled", "0")
  local sysconfig = require 'gluon.sysconfig'
  if meshvpn_enabled == "1" then
-    pubkey = configmode.get_fastd_pubkey(meshvpn_name)
+    pubkey = util.exec("/etc/init.d/fastd show_key " .. meshvpn_name)
  end

  uci:set("gluon-setup-mode", uci:get_first("gluon-setup-mode", "setup_mode"), "configured", "1")

--- a/package/gluon-config-mode/files/usr/lib/lua/luci/model/cbi/gluon-config-mode/wizard.lua
+++ b/package/gluon-config-mode/files/usr/lib/lua/luci/model/cbi/gluon-config-mode/wizard.lua
-local configmode = require "luci.tools.gluon-config-mode"
 local meshvpn_name = "mesh_vpn"
 local uci = luci.model.uci.cursor()
 local f, s, o

-- prepare fastd key as early as possible
-configmode.setup_fastd_secret(meshvpn_name)
-
 f = SimpleForm("wizard")
 f.reset = false
 f.template = "gluon-config-mode/cbi/wizard"

--- a/package/gluon-config-mode/files/usr/lib/lua/luci/tools/gluon-config-mode.lua
+++ b/package/gluon-config-mode/files/usr/lib/lua/luci/tools/gluon-config-mode.lua
-local luci = require "luci"
-local io = require "io"
-
-module "luci.tools.gluon-config-mode"
-
-function setup_fastd_secret(name)
-  local uci = luci.model.uci.cursor()
-  local secret = uci:get("fastd", name, "secret")
-
-  if not secret or not secret:match("%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x") then
-    local f = io.popen("fastd --generate-key --machine-readable", "r")
-    local secret = f:read("*a")
-    f:close()
-
-    uci:set("fastd", name, "secret", secret)
-    uci:save("fastd")
-    uci:commit("fastd")
-  end
-end
-
-function get_fastd_pubkey(name)
-  local f = io.popen("/etc/init.d/fastd show_key " .. name, "r")
-  local key = f:read("*a")
-  f:close()
-
-  return key
-end
-
-
--- a/package/gluon-luci-admin/files/usr/lib/lua/luci/view/admin/info.htm
+++ b/package/gluon-luci-admin/files/usr/lib/lua/luci/view/admin/info.htm
@@ -25,11 +25,15 @@
     version = util.trim(fs.readfile('/lib/gluon/gluon-version')),
     release = util.trim(fs.readfile('/lib/gluon/release')),
     site = site.site_name,
+     pubkey = 'n/a',
   }

-   local pubkey = util.trim(util.exec('/etc/init.d/fastd show_key mesh_vpn'))
-   if pubkey ~= '' then
-     values.pubkey = pubkey
+   local meshvpn_enabled = uci:get("fastd", "mesh_vpn", "enabled", "0")
+   if meshvpn_enabled == "1" then
+     local pubkey = util.trim(util.exec('/etc/init.d/fastd show_key mesh_vpn'))
+     if pubkey ~= '' then
+       values.pubkey = pubkey
+     end
   end
 -%>
 <h2>Info</h2>

--- a/package/gluon-mesh-vpn-fastd/files/lib/gluon/upgrade/mesh-vpn-fastd/invariant/020-secret-generate
+++ b/package/gluon-mesh-vpn-fastd/files/lib/gluon/upgrade/mesh-vpn-fastd/invariant/020-secret-generate
+#!/usr/bin/lua
+
+local uci = require 'luci.model.uci'
+
+local c = uci.cursor()
+
+local secret = c:get("fastd", "mesh_vpn", "secret")
+
+if not secret or not secret:match(("%x"):rep(64)) then
+  c:set("fastd", "mesh_vpn", "secret", "generate")
+  c:save("fastd")
+  c:commit("fastd")
+end