diff options
author | Ermal Luçi <eri@pfsense.org> | 2014-01-03 01:39:36 -0800 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2014-01-03 01:39:36 -0800 |
commit | a2073ee9c35e1a82412852ff78d0b3a37eea2d5c (patch) | |
tree | 1134cb3c94ab989462739491f2c669f3c188188b | |
parent | c651d4bea6c81d610008a01cb9d7793bfbf0dff6 (diff) | |
parent | c8cabf98fba7193189234850f42cfc6257837d99 (diff) | |
download | pfsense-packages-a2073ee9c35e1a82412852ff78d0b3a37eea2d5c.tar.gz pfsense-packages-a2073ee9c35e1a82412852ff78d0b3a37eea2d5c.tar.bz2 pfsense-packages-a2073ee9c35e1a82412852ff78d0b3a37eea2d5c.zip |
Merge pull request #568 from kantlivelong/master
tinc - Added RSA key generation.
-rw-r--r-- | config/tinc/tinc.inc | 17 | ||||
-rw-r--r-- | config/tinc/tinc_config.xml | 6 |
2 files changed, 23 insertions, 0 deletions
diff --git a/config/tinc/tinc.inc b/config/tinc/tinc.inc index cdfb23e5..944cb846 100644 --- a/config/tinc/tinc.inc +++ b/config/tinc/tinc.inc @@ -42,6 +42,22 @@ function tinc_save() { } fwrite($fout, base64_decode($tincconf['extra'])."\n"); fclose($fout); + + // Check if we need to generate a new RSA key pair. + if ($tincconf['gen_rsa']) + { + safe_mkdir("/usr/local/etc/tinc/tmp"); + exec("/usr/local/sbin/tincd -c /usr/local/etc/tinc/tmp -K"); + $tincconf['cert_pub'] = base64_encode(file_get_contents('/usr/local/etc/tinc/tmp/rsa_key.pub')); + $tincconf['cert_key'] = base64_encode(file_get_contents('/usr/local/etc/tinc/tmp/rsa_key.priv')); + $tincconf['gen_rsa'] = false; + $config['installedpackages']['tinc']['config'][0]['cert_pub'] = $tincconf['cert_pub']; + $config['installedpackages']['tinc']['config'][0]['cert_key'] = $tincconf['cert_key']; + $config['installedpackages']['tinc']['config'][0]['gen_rsa'] = $tincconf['gen_rsa']; + rmdir_recursive("/usr/local/etc/tinc/tmp"); + write_config(); + } + $_output = "Subnet=" . $tincconf['localsubnet'] . "\n"; $_output .= base64_decode($tincconf['host_extra']) . "\n"; $_output .= base64_decode($tincconf['cert_pub']) . "\n"; @@ -86,6 +102,7 @@ function tinc_save() { } system("/usr/local/etc/rc.d/tinc.sh restart 2>/dev/null"); rmdir_recursive("/usr/local/etc/tinc.old"); + conf_mount_ro(); config_unlock(); } diff --git a/config/tinc/tinc_config.xml b/config/tinc/tinc_config.xml index 3878450f..d6ee9c26 100644 --- a/config/tinc/tinc_config.xml +++ b/config/tinc/tinc_config.xml @@ -122,6 +122,12 @@ <cols>65</cols> </field> <field> + <fielddescr>Generate RSA key pair</fielddescr> + <fieldname>gen_rsa</fieldname> + <description>This will generate a new RSA key pair in the fields above.</description> + <type>checkbox</type> + </field> + <field> <fielddescr>Extra Tinc Parameters</fielddescr> <fieldname>extra</fieldname> <description>Anything entered here will be added at the end of the tinc.conf configuration file. <br></description> |