/[smeserver]/rpms/e-smith-base/sme10/e-smith-base-5.8.0-bz11374-pptp2vpn.patch
ViewVC logotype

Contents of /rpms/e-smith-base/sme10/e-smith-base-5.8.0-bz11374-pptp2vpn.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (show annotations) (download)
Wed Mar 3 20:21:28 2021 UTC (3 years, 8 months ago) by jpp
Branch: MAIN
CVS Tags: e-smith-base-5_8_0-99_el7_sme, e-smith-base-5_8_0-94_el7_sme, e-smith-base-5_8_0-98_el7_sme, e-smith-base-5_8_0-97_el7_sme, e-smith-base-5_8_0-92_el7_sme, e-smith-base-5_8_0-91_el7_sme, e-smith-base-5_8_0-96_el7_sme, e-smith-base-5_8_0-95_el7_sme, e-smith-base-5_8_0-90_el7_sme, e-smith-base-5_8_0-86_el7_sme, e-smith-base-5_8_0-93_el7_sme, e-smith-base-5_8_0-87_el7_sme, e-smith-base-5_8_0-88_el7_sme, e-smith-base-5_8_0-89_el7_sme
Changes since 1.1: +0 -156 lines
* Wed Mar 03 2021 Jean-Philipe Pialasse <tests@pialasse.com> 5.8.0-86.sme
- remove klogd references [SME: 11363]
- restore part of pptp code and move to generik vpn entry [SME: 11374]

1 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access
2 --- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access 1969-12-31 19:00:00.000000000 -0500
3 +++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access 2021-03-03 13:28:59.005000000 -0500
4 @@ -0,0 +1 @@
5 +public
6 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault
7 --- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault 1969-12-31 19:00:00.000000000 -0500
8 +++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault 2021-03-03 13:29:19.905000000 -0500
9 @@ -0,0 +1 @@
10 +no
11 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions
12 --- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions 1969-12-31 19:00:00.000000000 -0500
13 +++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions 2021-03-03 13:26:20.122000000 -0500
14 @@ -0,0 +1 @@
15 +0
16 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status
17 --- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status 1969-12-31 19:00:00.000000000 -0500
18 +++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status 2021-03-03 13:25:24.290000000 -0500
19 @@ -0,0 +1 @@
20 +disabled
21 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type
22 --- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type 1969-12-31 19:00:00.000000000 -0500
23 +++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type 2021-03-03 13:25:50.502000000 -0500
24 @@ -0,0 +1 @@
25 +configuration
26 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess
27 --- e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess 2016-02-04 18:14:13.000000000 -0500
28 +++ e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess 2021-03-03 15:12:34.138000000 -0500
29 @@ -48,8 +48,8 @@
30 <trans>Number of PPTP clients</trans>
31 </entry>
32 <entry>
33 - <base>NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
34 - <trans>The number of pptp clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
35 + <base>NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
36 + <trans>The number of VPN clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
37 </entry>
38 <entry>
39 <base>LABEL_SSH_PORT</base>
40 @@ -124,6 +124,15 @@
41 </trans>
42 </entry>
43 <entry>
44 + <base>DESC_VPN</base>
45 + <trans><![CDATA[ <hr class="sectionbar" /><h2>VPN Settings</h2>
46 + You can allow VPN access to your server.
47 + You should leave this feature disabled by setting the value
48 + to the number 0 unless you require VPN access.
49 + ]]>
50 + </trans>
51 + </entry>
52 + <entry>
53 <base>VALUE_ZERO_OR_POSITIVE</base>
54 <trans>Value must be zero or a positive integer</trans>
55 </entry>
56 @@ -243,4 +252,8 @@
57 <base>LABEL_IPSECRW_RESET</base>
58 <trans>Reset digital certificates</trans>
59 </entry>
60 + <entry>
61 + <base>DESC_IPSEC_VPN_UNAVAILABLE</base>
62 + <trans>IPSEC VPN is not installed. Please install the contrib if you need VPN access.</trans>
63 + </entry>
64 </lexicon>
65 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf
66 --- e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf 2021-03-03 13:00:51.018000000 -0500
67 +++ e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf 2021-03-03 15:12:44.565000000 -0500
68 @@ -84,7 +84,6 @@
69 pop3s=service|access|private|status|enabled
70 popd=service|access|private|status|enabled
71 pppoe=service|DemandIdleTime|no|InitscriptOrder|57|SynchronousPPP|no|status|disabled
72 -pptpd=service|sessions|10|status|disabled
73 qmail=service|InitscriptOrder|80|status|enabled
74 random=service|InitscriptOrder|20|status|enabled
75 scanner=service|ScannerFns|iscan|UpdateTime|1:14|scanMail|yes|status|enabled
76 @@ -96,4 +95,5 @@
77 sync=service|Host|service.e-smith.com|LastId|0|SuccessId|0|SyncFrequency|1|SyncMinute|57|status|disabled
78 rsyslog=service|InitscriptOrder|05|status|enabled
79 telnet=service|access|private|status|disabled
80 +vpn=configuration|sessions|10|status|disabled
81 wibble=42
82 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess
83 --- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess 2021-03-03 13:00:51.242000000 -0500
84 +++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess 2021-03-03 15:12:09.789000000 -0500
85 @@ -60,6 +60,7 @@
86 ok ($ua->{form}->find_input('sshAccess'), 'Finding the sshAccess field');
87 ok ($ua->{form}->find_input('sshPermitRootLogin'), 'Finding the sshPermitRootLogin field');
88 ok ($ua->{form}->find_input('sshTCPPort'), 'Finding the sshTCPPort field');
89 +ok ($ua->{form}->find_input('vpnSessions'), 'Finding the vpnSessions field');
90 ok ($ua->{form}->find_input('sshPasswordAuthentication'), 'Finding the sshPasswordAuthentication field');
91 ok ($ua->{form}->find_input('FTPLimits'), 'Finding the FTPLimits field');
92 ok ($ua->{form}->find_input('TelnetAccess'), 'Finding the TelnetAccess field');
93 @@ -69,6 +70,7 @@
94 $ua->field('sshAccess' => 'public');
95 $ua->field('sshPermitRootLogin' => 'yes');
96 $ua->field('sshTCPPort' => '22');
97 + $ua->field('vpnSessions' => '10');
98 $ua->field('sshPasswordAuthentication' => 'yes');
99 $ua->field('FTPLimits' => 'normal');
100 $ua->field('TelnetAccess' => 'private');
101 @@ -94,6 +96,8 @@
102
103 is ($db->get('ftp')->prop('access'), 'private', "ftp access is private");
104 is ($db->get('ftp')->prop('accessLimits'), 'normal', "ftp access limits are normal");
105 + is ($db->get('vpn')->prop('sessions') ,'10', "Got the right session count for vpn");
106 + is ($db->get('vpn')->prop('status') ,'enabled', "vpn is enabled");
107 is ($db->get('telnet')->prop('access'), 'private', "Private telnet turned on");
108 }
109
110 @@ -107,6 +111,12 @@
111 <page name="First" post-event="change_settings()"
112 pre-event="print_status_message()">
113
114 + <field type="text" id="vpnSessions" size="3" validation="zero_or_positive(), vpn_and_dhcp_range()"
115 + value="get_vpn_sessions()">
116 + <label>LABEL_PPTP</label>
117 + <description>DESC_VPN</description>
118 + </field>
119 +
120 <subroutine src="show_ipsecrw_section()"/>
121
122 <subroutine src="show_valid_from_list()"/>
123 diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts
124 --- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts 2021-03-03 13:00:51.243000000 -0500
125 +++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts 2021-03-03 15:11:52.696000000 -0500
126 @@ -211,6 +211,10 @@
127 >
128 <label>FORWARDING_ADDRESS</label>
129 </field>
130 + <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
131 + 'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
132 + <label>VPN_CLIENT_ACCESS</label>
133 + </field>
134 <subroutine src="print_ipsec_client_section()" />
135 <subroutine src="print_groupMemberships_field()" />
136 <subroutine src="print_save_or_add_button()" />
137 @@ -237,7 +241,7 @@
138 <label>FORWARDING_ADDRESS</label>
139 </field>
140 <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
141 - 'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
142 + 'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
143 <label>VPN_CLIENT_ACCESS</label>
144 </field>
145 <subroutine src="print_ipsec_client_section()" />
146 diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm
147 --- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm 2021-03-03 13:00:51.290000000 -0500
148 +++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm 2021-03-03 15:12:22.456000000 -0500
149 @@ -1682,7 +1682,7 @@
150 (
151 title => gettext("Select end of DHCP host number range"),
152 text =>
153 - gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for pptp sessions."),
154 + gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for vpn sessions."),
155 value => $serverEnd
156 );
157
158 @@ -1692,11 +1692,11 @@
159 {
160 if ( isValidIP($choice) )
161 {
162 - # retrieve values to verifiy if ip_count > pptp_sessions
163 + # retrieve values to verifiy if ip_count > vpn_sessions
164 my $ip_start = unpack 'N', inet_aton($serverStart);
165 my $ip_end = unpack 'N', inet_aton($choice);
166 my $ip_count = $ip_end - $ip_start;
167 - my $pptp_sessions = $db->get_prop('pptpd','sessions');
168 + my $vpn_sessions = $db->get_prop('vpn','sessions');
169
170 my $dhcp_net = ipv4_network($choice, $priv_mask);
171 if ($dhcp_net eq $priv_net)
172 @@ -1709,7 +1709,7 @@
173 if (cmpIP($serverStart, $choice) < 0)
174 {
175 if (((cmpIP($priv_ip, $serverStart) < 0) ||
176 - (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $pptp_sessions))
177 + (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $vpn_sessions))
178 {
179 # need to check for valid range as well.
180 unless ($choice eq $serverEnd)
181 @@ -1718,12 +1718,12 @@
182 }
183 goto DNS_FORWARDER;
184 }
185 - # We want to verify that the number of pptp_IP reserved is not superior
186 + # We want to verify that the number of vpn_IP reserved is not superior
187 # than the number of dhcp_IP set in the range
188 - elsif ($ip_count <= $pptp_sessions)
189 + elsif ($ip_count <= $vpn_sessions)
190 {
191 - $errmsg = gettext("There is not enough IP in the range to include all your pptp sessions");
192 - $choice = $pptp_sessions . ' allowed pptp clients';
193 + $errmsg = gettext("There is not enough IP in the range to include all your vpn sessions");
194 + $choice = $vpn_sessions . ' allowed vpn clients';
195 }
196 else
197 {
198 diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm
199 --- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm 2021-03-03 13:00:51.243000000 -0500
200 +++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm 2021-03-03 15:11:40.938000000 -0500
201 @@ -43,6 +43,7 @@
202 validate_network_and_mask ip_number_or_blank subnet_mask_or_blank
203 show_telnet_section get_serial_console show_ftp_section
204 get_ipsecrw_sessions show_ipsecrw_section
205 + get_vpn_sessions
206 );
207
208
209 @@ -143,6 +144,23 @@
210 return ($access eq 'public') ? 'normal' : 'private';
211 }
212
213 +=head2 get_vpn_sessions
214 +
215 +Get the # of vpn sessions defined in the sessions property of the generik vpn config file variable
216 +
217 +=cut
218 +
219 + sub get_vpn_sessions {
220 + my $status = get_prop('','vpn','status');
221 + if (defined($status) && ($status eq 'enabled')) {
222 +
223 + return(get_prop('','vpn','sessions') || '0');
224 + }
225 + else {
226 + return('0');
227 + }
228 +}
229 +
230 =head2 get_ssh_permit_root_login
231
232 returns 'yes' or 'no' depending on whether ssh permit root login is enabled
233 @@ -355,13 +373,13 @@
234
235 =pod
236
237 -=head2 pptp_and_dhcp_range
238 +=head2 vpn_and_dhcp_range
239
240 -Validate the input of pptp session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
241 +Validate the input of vpn session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
242
243 =cut
244
245 -sub pptp_and_dhcp_range
246 +sub vpn_and_dhcp_range
247 {
248 my $self = shift;
249 my $val = shift || 0;
250 @@ -375,7 +393,7 @@
251 my $ip_end = unpack 'N', inet_aton($dhcp_end);
252 my $ip_count = $ip_end - $ip_start;
253 return 'OK' if( $val < $ip_count );
254 - return $self->localise('NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
255 + return $self->localise('NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
256 }
257 else
258 {
259 @@ -646,6 +664,7 @@
260 my $sshTCPPort = ($q->param ('sshTCPPort') || '22');
261 my $ftplogin = ($q->param ('FTPPasswordLogin') || 'private');
262 my $ftpaccess = ($q->param ('FTPAccess') || 'off');
263 + my $vpnSessions = ($q->param ('vpnSessions') || '0');
264 # my $serialConsole = ($q->param ('serialConsole') || 'disabled');
265
266 #------------------------------------------------------------
267 @@ -697,6 +716,17 @@
268 }
269 }
270
271 + if ($vpnSessions == 0)
272 + {
273 + $db->get('vpn')->set_prop('sessions', $vpnSessions);
274 + $db->get('vpn')->set_prop('status', 'disabled');
275 + }
276 + else
277 + {
278 + $db->get('vpn')->set_prop('status', 'enabled');
279 + $db->get('vpn')->set_prop('sessions', $vpnSessions);
280 + }
281 +
282
283 # REMOVED by markk, May 16 2005 - see DPAR MN00084537
284 # $rec = $db->get('serial-console');
285 @@ -761,7 +791,7 @@
286 my $q = $self->cgi;
287
288 # Don't show ipsecrw setting unless the status property exists
289 - return '' unless ($db->get('ipsec')
290 + return $self->localise('DESC_IPSEC_VPN_UNAVAILABLE') unless ($db->get('ipsec')
291 && $db->get('ipsec')->prop('RoadWarriorStatus'));
292
293 print $q->Tr(
294 diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm
295 --- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm 2021-03-03 13:00:51.244000000 -0500
296 +++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm 2021-03-03 15:10:48.081000000 -0500
297 @@ -51,6 +51,7 @@
298 reset_password
299 check_password
300 print_save_or_add_button
301 + get_vpn_value
302 print_ipsec_client_section
303 get_prop
304
305 @@ -285,7 +286,10 @@
306 ($rec ? ($rec->prop('EmailForward')) : 'local');
307 my $fwd = $cgi->param('ForwardAddress') ?
308 $cgi->param('ForwardAddress') :
309 - ($rec ? ($rec->prop('ForwardAddress')) : '');
310 + ($rec ? ($rec->prop('ForwardAddress')) : '');
311 + my $vpn = $cgi->param('VPNClientAccess') ?
312 + $cgi->param('VPNClientAccess') :
313 + ($rec ? ($rec->prop('VPNClientAccess')) : get_vpn_value() );
314 # now that we're down with the 411, let's set the values
315 $cgi->param(-name=>'FirstName', -value=>$fn);
316 $cgi->param(-name=>'LastName', -value=>$ln);
317 @@ -296,6 +300,7 @@
318 $cgi->param(-name=>'Phone', -value=>$phone);
319 $cgi->param(-name=>'EmailForward', -value=>$emf);
320 $cgi->param(-name=>'ForwardAddress', -value=>$fwd);
321 + $cgi->param(-name=>'VPNClientAccess', -value=>$vpn);
322 } else {
323 print qq(
324 <td><input type="text" name="acctName" value="$an">
325 @@ -461,6 +466,18 @@
326 return $configdb->get('ldap')->prop($CGIParam2DBfield{$field});
327 }
328
329 +=head2 get_vpn_value()
330 +
331 +Routine to display default value for VPN
332 +
333 +=cut
334 +
335 +sub get_vpn_value
336 +{
337 + my $vpn = $configdb->get('vpn') || return 'no';
338 + return $configdb->get('vpn')->prop('AccessDefault') || 'no';
339 +}
340 +
341 =head1 VALIDATION ROUTINES
342
343 =head2 pseudonym_clash
344 @@ -718,8 +735,9 @@
345 'Street' => $self->{cgi}->param('Street'),
346 'EmailForward' => $self->{cgi}->param('EmailForward'),
347 'ForwardAddress' => $self->{cgi}->param('ForwardAddress'),
348 - 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
349 + # 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
350 );
351 + $newProperties{'VPNClientAccess'} = $self->{cgi}->param('VPNClientAccess') if defined $self->{cgi}->param('VPNClientAccess');
352
353 $acct->merge_props(%newProperties);
354

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed