aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/widentd/widentd.xml189
1 files changed, 119 insertions, 70 deletions
diff --git a/config/widentd/widentd.xml b/config/widentd/widentd.xml
index ca73d436..27a8ffe8 100644
--- a/config/widentd/widentd.xml
+++ b/config/widentd/widentd.xml
@@ -1,58 +1,54 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+ <![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- authng.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007 to whom it may belong
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ widentd.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Bill Marquette
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>widentd</name>
- <version>1.03_1</version>
+ <version>1.0.4</version>
<title>Services: widentd</title>
<menu>
<name>widentd</name>
<tooltiptext>Modify widentd settings.</tooltiptext>
<section>Services</section>
- <url>pkg_edit.php?xml=widentd.xml&amp;id=0</url>
+ <url>pkg_edit.php?xml=widentd.xml&amp;id=0</url>
</menu>
<service>
<name>widentd</name>
@@ -62,61 +58,114 @@
<configpath>installedpackages->package->$packagename->configuration->settings</configpath>
<fields>
<field>
- <fielddescr>Listening interface</fielddescr>
- <fieldname>interface</fieldname>
- <description>Enter the desired listening interface here.</description>
- <type>interfaces_selection</type>
+ <fielddescr>Enable widentd daemon</fielddescr>
+ <fieldname>enable</fieldname>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fielddescr>Listening interface</fielddescr>
+ <fieldname>interface</fieldname>
+ <description>
+ <![CDATA[
+ Enter the desired listening interface here.<br />
+ (Default: WAN)
+ ]]>
+ </description>
+ <type>interfaces_selection</type>
+ <default_value>wan</default_value>
+ <required/>
</field>
<field>
- <fielddescr>Username</fielddescr>
- <fieldname>username</fieldname>
- <description>Enter the username you'd like displayed via widentd.</description>
- <type>input</type>
+ <fielddescr>Username</fielddescr>
+ <fieldname>username</fieldname>
+ <description>
+ <![CDATA[
+ Enter the username you'd like displayed via widentd. Allowed characters: [a-zA-Z] and "." only.<br />
+ (Defaults to 'user' if left empty.)
+ ]]>
+ </description>
+ <type>input</type>
</field>
<field>
- <fielddescr>System name</fielddescr>
- <fieldname>sysname</fieldname>
- <description>Enter the system name you'd like displayed via widentd</description>
- <type>input</type>
- <value>pfSense</value>
+ <fielddescr>System name</fielddescr>
+ <fieldname>sysname</fieldname>
+ <description>
+ <![CDATA[
+ Enter the system name you'd like displayed via widentd. Allowed characters: [a-zA-Z] only.<br />
+ (Defaults to 'UNIX' if left empty.)
+ ]]>
+ </description>
+ <type>input</type>
</field>
- </fields>
+ </fields>
<custom_php_global_functions>
+ <![CDATA[
function sync_package_widentd() {
conf_mount_rw();
config_lock();
global $config;
- if (!isset($config['installedpackages']['widentd']['config'][0]['interface'])) {
- $config['installedpackages']['widentd']['config'][0]['interface'] = 'WAN';
- }
- if (!isset($config['installedpackages']['widentd']['config'][0]['username'])) {
- $config['installedpackages']['widentd']['config'][0]['username'] = 'user';
- }
- if (!isset($config['installedpackages']['widentd']['config'][0]['sysname'])) {
- $config['installedpackages']['widentd']['config'][0]['sysname'] = 'UNIX';
- }
+
+ /* Write widentd.sh */
$int = convert_friendly_interface_to_real_interface_name($config['installedpackages']['widentd']['config'][0]['interface']);
$ip = find_interface_ip($int);
- $user = $config['installedpackages']['widentd']['config'][0]['username'];
- $system = $config['installedpackages']['widentd']['config'][0]['sysname'];
+ $user = $config['installedpackages']['widentd']['config'][0]['username'] ?: 'user';
+ $system = $config['installedpackages']['widentd']['config'][0]['sysname'] ?: 'UNIX';
$start = "/usr/local/sbin/widentd -u {$user} -o {$system} -i {$ip}";
$stop = "/usr/bin/killall widentd";
write_rcfile(array(
"file" => "widentd.sh",
"start" => $start,
- "stop" => $stop
+ "stop" => $stop
)
);
- restart_service("widentd");
- conf_mount_ro();
+
+ /* If the service is (being) disabled, stop it (if running) and do nothing else */
+ if (!($config['installedpackages']['widentd']['config'][0][enable])) {
+ if (is_process_running("widentd")) {
+ stop_service("widentd");
+ }
+ return;
+ } else {
+ restart_service("widentd");
+ }
config_unlock();
+ conf_mount_ro();
}
+
+
+ function validate_input_widentd($post, &$input_errors) {
+ /* Only allow ^[a-zA-Z\.]+$ otherwise the daemon will not start; see widentd manpage */
+ if (($post['username'] != "") && !preg_match("/^[a-zA-Z\.]+$/", $post['username'])) {
+ $input_errors[] = 'Username may only contain uppercase and lowercase letters [a-zA-Z] and "." character.';
+ }
+
+ /* Technically, ^[A-Z][A-Z0-9\-.\/]+[A-Z0-9]$ should be valid characters here
+ https://www.iana.org/assignments/operating-system-names/operating-system-names.xhtml
+ However this is not supported by widentd; the service will not start.
+ */
+ if (($post['sysname'] != "") && !preg_match("/^[a-zA-Z]+$/", $post['sysname'])) {
+ $input_errors[] .= 'System name may only contain uppercase and lowercase letters [a-zA-Z].';
+ }
+
+ /* Check for IPv6-only interfaces */
+ $int = convert_friendly_interface_to_real_interface_name($post['interface']);
+ $ip = find_interface_ip($int);
+ if (!is_ipaddrv4($ip)) {
+ $input_errors[] .= 'The selected interface has no IPv4 configured. Widentd does not support IPv6.';
+ }
+ }
+ ]]>
</custom_php_global_functions>
<custom_add_php_command>
sync_package_widentd();
</custom_add_php_command>
+ <custom_php_resync_config_command>
+ sync_package_widentd();
+ </custom_php_resync_config_command>
<custom_php_install_command>
unlink_if_exists("/usr/local/etc/rc.d/widentd.sh");
</custom_php_install_command>
+ <custom_php_validation_command>
+ validate_input_widentd($_POST, $input_errors);
+ </custom_php_validation_command>
</packagegui>
-