aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorErmal Luçi <eri@pfsense.org>2014-01-03 01:39:36 -0800
committerErmal Luçi <eri@pfsense.org>2014-01-03 01:39:36 -0800
commita2073ee9c35e1a82412852ff78d0b3a37eea2d5c (patch)
tree1134cb3c94ab989462739491f2c669f3c188188b
parentc651d4bea6c81d610008a01cb9d7793bfbf0dff6 (diff)
parentc8cabf98fba7193189234850f42cfc6257837d99 (diff)
downloadpfsense-packages-a2073ee9c35e1a82412852ff78d0b3a37eea2d5c.tar.gz
pfsense-packages-a2073ee9c35e1a82412852ff78d0b3a37eea2d5c.tar.bz2
pfsense-packages-a2073ee9c35e1a82412852ff78d0b3a37eea2d5c.zip
Merge pull request #568 from kantlivelong/master
tinc - Added RSA key generation.
-rw-r--r--config/tinc/tinc.inc17
-rw-r--r--config/tinc/tinc_config.xml6
2 files changed, 23 insertions, 0 deletions
diff --git a/config/tinc/tinc.inc b/config/tinc/tinc.inc
index cdfb23e5..944cb846 100644
--- a/config/tinc/tinc.inc
+++ b/config/tinc/tinc.inc
@@ -42,6 +42,22 @@ function tinc_save() {
}
fwrite($fout, base64_decode($tincconf['extra'])."\n");
fclose($fout);
+
+ // Check if we need to generate a new RSA key pair.
+ if ($tincconf['gen_rsa'])
+ {
+ safe_mkdir("/usr/local/etc/tinc/tmp");
+ exec("/usr/local/sbin/tincd -c /usr/local/etc/tinc/tmp -K");
+ $tincconf['cert_pub'] = base64_encode(file_get_contents('/usr/local/etc/tinc/tmp/rsa_key.pub'));
+ $tincconf['cert_key'] = base64_encode(file_get_contents('/usr/local/etc/tinc/tmp/rsa_key.priv'));
+ $tincconf['gen_rsa'] = false;
+ $config['installedpackages']['tinc']['config'][0]['cert_pub'] = $tincconf['cert_pub'];
+ $config['installedpackages']['tinc']['config'][0]['cert_key'] = $tincconf['cert_key'];
+ $config['installedpackages']['tinc']['config'][0]['gen_rsa'] = $tincconf['gen_rsa'];
+ rmdir_recursive("/usr/local/etc/tinc/tmp");
+ write_config();
+ }
+
$_output = "Subnet=" . $tincconf['localsubnet'] . "\n";
$_output .= base64_decode($tincconf['host_extra']) . "\n";
$_output .= base64_decode($tincconf['cert_pub']) . "\n";
@@ -86,6 +102,7 @@ function tinc_save() {
}
system("/usr/local/etc/rc.d/tinc.sh restart 2>/dev/null");
rmdir_recursive("/usr/local/etc/tinc.old");
+
conf_mount_ro();
config_unlock();
}
diff --git a/config/tinc/tinc_config.xml b/config/tinc/tinc_config.xml
index 3878450f..d6ee9c26 100644
--- a/config/tinc/tinc_config.xml
+++ b/config/tinc/tinc_config.xml
@@ -122,6 +122,12 @@
<cols>65</cols>
</field>
<field>
+ <fielddescr>Generate RSA key pair</fielddescr>
+ <fieldname>gen_rsa</fieldname>
+ <description>This will generate a new RSA key pair in the fields above.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Extra Tinc Parameters</fielddescr>
<fieldname>extra</fieldname>
<description>Anything entered here will be added at the end of the tinc.conf configuration file. &lt;br&gt;</description>