diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/widentd/widentd.xml | 189 |
1 files changed, 119 insertions, 70 deletions
diff --git a/config/widentd/widentd.xml b/config/widentd/widentd.xml index ca73d436..27a8ffe8 100644 --- a/config/widentd/widentd.xml +++ b/config/widentd/widentd.xml @@ -1,58 +1,54 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + widentd.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009 Bill Marquette + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>widentd</name> - <version>1.03_1</version> + <version>1.0.4</version> <title>Services: widentd</title> <menu> <name>widentd</name> <tooltiptext>Modify widentd settings.</tooltiptext> <section>Services</section> - <url>pkg_edit.php?xml=widentd.xml&id=0</url> + <url>pkg_edit.php?xml=widentd.xml&id=0</url> </menu> <service> <name>widentd</name> @@ -62,61 +58,114 @@ <configpath>installedpackages->package->$packagename->configuration->settings</configpath> <fields> <field> - <fielddescr>Listening interface</fielddescr> - <fieldname>interface</fieldname> - <description>Enter the desired listening interface here.</description> - <type>interfaces_selection</type> + <fielddescr>Enable widentd daemon</fielddescr> + <fieldname>enable</fieldname> + <type>checkbox</type> + </field> + <field> + <fielddescr>Listening interface</fielddescr> + <fieldname>interface</fieldname> + <description> + <![CDATA[ + Enter the desired listening interface here.<br /> + (Default: WAN) + ]]> + </description> + <type>interfaces_selection</type> + <default_value>wan</default_value> + <required/> </field> <field> - <fielddescr>Username</fielddescr> - <fieldname>username</fieldname> - <description>Enter the username you'd like displayed via widentd.</description> - <type>input</type> + <fielddescr>Username</fielddescr> + <fieldname>username</fieldname> + <description> + <![CDATA[ + Enter the username you'd like displayed via widentd. Allowed characters: [a-zA-Z] and "." only.<br /> + (Defaults to 'user' if left empty.) + ]]> + </description> + <type>input</type> </field> <field> - <fielddescr>System name</fielddescr> - <fieldname>sysname</fieldname> - <description>Enter the system name you'd like displayed via widentd</description> - <type>input</type> - <value>pfSense</value> + <fielddescr>System name</fielddescr> + <fieldname>sysname</fieldname> + <description> + <![CDATA[ + Enter the system name you'd like displayed via widentd. Allowed characters: [a-zA-Z] only.<br /> + (Defaults to 'UNIX' if left empty.) + ]]> + </description> + <type>input</type> </field> - </fields> + </fields> <custom_php_global_functions> + <![CDATA[ function sync_package_widentd() { conf_mount_rw(); config_lock(); global $config; - if (!isset($config['installedpackages']['widentd']['config'][0]['interface'])) { - $config['installedpackages']['widentd']['config'][0]['interface'] = 'WAN'; - } - if (!isset($config['installedpackages']['widentd']['config'][0]['username'])) { - $config['installedpackages']['widentd']['config'][0]['username'] = 'user'; - } - if (!isset($config['installedpackages']['widentd']['config'][0]['sysname'])) { - $config['installedpackages']['widentd']['config'][0]['sysname'] = 'UNIX'; - } + + /* Write widentd.sh */ $int = convert_friendly_interface_to_real_interface_name($config['installedpackages']['widentd']['config'][0]['interface']); $ip = find_interface_ip($int); - $user = $config['installedpackages']['widentd']['config'][0]['username']; - $system = $config['installedpackages']['widentd']['config'][0]['sysname']; + $user = $config['installedpackages']['widentd']['config'][0]['username'] ?: 'user'; + $system = $config['installedpackages']['widentd']['config'][0]['sysname'] ?: 'UNIX'; $start = "/usr/local/sbin/widentd -u {$user} -o {$system} -i {$ip}"; $stop = "/usr/bin/killall widentd"; write_rcfile(array( "file" => "widentd.sh", "start" => $start, - "stop" => $stop + "stop" => $stop ) ); - restart_service("widentd"); - conf_mount_ro(); + + /* If the service is (being) disabled, stop it (if running) and do nothing else */ + if (!($config['installedpackages']['widentd']['config'][0][enable])) { + if (is_process_running("widentd")) { + stop_service("widentd"); + } + return; + } else { + restart_service("widentd"); + } config_unlock(); + conf_mount_ro(); } + + + function validate_input_widentd($post, &$input_errors) { + /* Only allow ^[a-zA-Z\.]+$ otherwise the daemon will not start; see widentd manpage */ + if (($post['username'] != "") && !preg_match("/^[a-zA-Z\.]+$/", $post['username'])) { + $input_errors[] = 'Username may only contain uppercase and lowercase letters [a-zA-Z] and "." character.'; + } + + /* Technically, ^[A-Z][A-Z0-9\-.\/]+[A-Z0-9]$ should be valid characters here + https://www.iana.org/assignments/operating-system-names/operating-system-names.xhtml + However this is not supported by widentd; the service will not start. + */ + if (($post['sysname'] != "") && !preg_match("/^[a-zA-Z]+$/", $post['sysname'])) { + $input_errors[] .= 'System name may only contain uppercase and lowercase letters [a-zA-Z].'; + } + + /* Check for IPv6-only interfaces */ + $int = convert_friendly_interface_to_real_interface_name($post['interface']); + $ip = find_interface_ip($int); + if (!is_ipaddrv4($ip)) { + $input_errors[] .= 'The selected interface has no IPv4 configured. Widentd does not support IPv6.'; + } + } + ]]> </custom_php_global_functions> <custom_add_php_command> sync_package_widentd(); </custom_add_php_command> + <custom_php_resync_config_command> + sync_package_widentd(); + </custom_php_resync_config_command> <custom_php_install_command> unlink_if_exists("/usr/local/etc/rc.d/widentd.sh"); </custom_php_install_command> + <custom_php_validation_command> + validate_input_widentd($_POST, $input_errors); + </custom_php_validation_command> </packagegui> - |