github/openNDS
1
1
Fork 0
mirror of https://github.com/openNDS/openNDS.git synced 2026-01-09 11:57:55 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #718 from openNDS/11.0.0beta

Browse Source 
11.0.0beta
This commit is contained in:
Rob White
2025-11-29 22:37:21 +00:00
committed by GitHub
parent f7a4040a8c c67d2339df
commit f74d0a75a7
7 changed files with 34 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
community/testing/version-11.0.0beta/opennds-filogic-11.0.0~be7a-r42.apk Normal file
View File

Binary file not shown.

BIN
community/testing/version-11.0.0beta/opennds_11.0.0~be7a-r23_arm_cortex-a7_neon-vfpv4.ipk
View File

Binary file not shown.

5
forward_authentication_service/libs/libopennds.sh
View File

@@ -1353,7 +1353,6 @@ pre_setup () {
# add initial rules
nft insert rule inet nds_filter nds_allow_INP iifname "\"$gatewayinterface\"" counter accept comment "\"!opennds: allow input\""
nft insert rule inet nds_filter nds_allow_FWD iifname "\"$gatewayinterface\"" counter accept comment "\"!opennds: allow forward\""
nft insert rule inet nds_mangle ndsINC oifname "\"$gatewayinterface\"" counter jump nds_ft_INC
ret=$?
@@ -1785,7 +1784,7 @@ create_client_ruleset () {
# Check for user_to_router essentials and append if missing
if [ "$ruleset_name" = "users_to_router" ]; then
essentials="allow%20udp%20port%2053 allow%20udp%20port%2067 allow%20tcp%20port%2022 allow%20tcp%20port%20443"
essentials="allow%20udp%20port%2053 allow%20tcp%20port%2053 allow%20udp%20port%2067 allow%20tcp%20port%2022 allow%20tcp%20port%20443"
newrules=""
for rule in $ruleset; do
@@ -2591,7 +2590,7 @@ elif [ "$1" = "gatewayroute" ]; then
handle=$(nft -a list flowtables | grep -w "ndsftINC" | awk -F "handle " '{printf "%s", $2}')
if [ ! -z "$handle" ]; then
ftdevices=$(nft -a list flowtables | grep -w -A 4 "ndsftINC" | awk -F "devices = " 'NF>1 {printf "%s", $2}')
ftdevices=$(nft -a list flowtables | grep -w -A 4 "ndsftINC" | awk -F "devices = " 'NF>1 {printf "%s", $2}' | tr -d "\"")
if [ "$ftdevices" != "{ $wandevices }" ]; then

4
linux_openwrt/opennds/files/etc/init.d/opennds
View File

@@ -19,8 +19,8 @@ service_data() {
start_service() {
procd_open_instance
procd_set_param command /usr/bin/opennds $OPTIONS
procd_set_param respawn 150 10 10
procd_set_param term_timeout 60 # wait before sending SIGKILL
procd_set_param respawn 360 20 15
procd_set_param term_timeout 90 # wait before sending SIGKILL
procd_set_param stderr 1
procd_set_param stdout 0
procd_close_instance

47
src/conf.c
View File

@@ -102,11 +102,8 @@ char *set_list_str(char *list, const char *default_list, char *debug_level)
char *set_option_str(char *option, const char *default_option, char *debug_level)
{
char msg[SMALL_BUF];
char debuglevel[STATUS_BUF];
memset(msg, 0, SMALL_BUF);
memset(debuglevel, 0, STATUS_BUF);
get_option_from_config(msg, SMALL_BUF, option);
if (strcmp(msg, "") == 0) {
@@ -150,7 +147,6 @@ config_init(int argc, char **argv)
safe_snprintf(libcmd, STATUS_BUF, "/usr/lib/opennds/libopennds.sh \"is_nodog\"");
if (execute_ret_url_encoded(msg, STATUS_BUF - 1, libcmd) == 0) {
debug(LOG_DEBUG, "NoDogSplash is installed, to continue please uninstall it and restart openNDS, exiting.....");
exit (1);
@@ -191,9 +187,8 @@ config_init(int argc, char **argv)
// Special handling for gatewayname as library call returns a url-encoded response
gatewayname_raw = safe_calloc(SMALL_BUF);
gatewayname = safe_strdup(set_option_str("gatewayname", DEFAULT_GATEWAYNAME, debug_level));
uh_urldecode(gatewayname_raw, SMALL_BUF, gatewayname, SMALL_BUF);
gatewayname = set_option_str("gatewayname", DEFAULT_GATEWAYNAME, debug_level);
uh_urldecode(gatewayname_raw, SMALL_BUF, gatewayname, strlen(gatewayname));
config.gw_name = safe_strdup(gatewayname_raw);
openlog ("opennds", LOG_CONS | LOG_PID | LOG_NDELAY, LOG_DAEMON);
@@ -203,26 +198,26 @@ config_init(int argc, char **argv)
free(gatewayname_raw);
//
config.gw_fqdn = safe_strdup(set_option_str("gatewayfqdn", DEFAULT_GATEWAYFQDN, debug_level));
config.status_path = safe_strdup(set_option_str("statuspath", DEFAULT_STATUSPATH, debug_level));
config.gw_interface = safe_strdup(set_option_str("gatewayinterface", DEFAULT_GATEWAYINTERFACE, debug_level));
config.gw_iprange = safe_strdup(set_option_str("gateway_iprange", DEFAULT_GATEWAY_IPRANGE, debug_level));
config.fas_key = safe_strdup(set_option_str("faskey", DEFAULT_FASKEY, debug_level));
config.log_mountpoint = safe_strdup(set_option_str("log_mountpoint", DEFAULT_LOG_MOUNTPOINT, debug_level));
config.webroot = safe_strdup(set_option_str("webroot", DEFAULT_WEBROOT, debug_level));
config.authdir = safe_strdup(set_option_str("authdir", DEFAULT_AUTHDIR, debug_level));
config.denydir = safe_strdup(set_option_str("denydir", DEFAULT_DENYDIR, debug_level));
config.preauthdir = safe_strdup(set_option_str("preauthdir", DEFAULT_PREAUTHDIR, debug_level));
config.ndsctl_sock = safe_strdup(set_option_str("ndsctl_sock", DEFAULT_NDSCTL_SOCK, debug_level));
config.authentication_mark = safe_strdup(set_option_str("authentication_mark", DEFAULT_AUTHENTICATION_MARK, debug_level));
config.gw_fqdn = set_option_str("gatewayfqdn", DEFAULT_GATEWAYFQDN, debug_level);
config.status_path = set_option_str("statuspath", DEFAULT_STATUSPATH, debug_level);
config.gw_interface = set_option_str("gatewayinterface", DEFAULT_GATEWAYINTERFACE, debug_level);
config.gw_iprange = set_option_str("gateway_iprange", DEFAULT_GATEWAY_IPRANGE, debug_level);
config.fas_key = set_option_str("faskey", DEFAULT_FASKEY, debug_level);
config.log_mountpoint = set_option_str("log_mountpoint", DEFAULT_LOG_MOUNTPOINT, debug_level);
config.webroot = set_option_str("webroot", DEFAULT_WEBROOT, debug_level);
config.authdir = set_option_str("authdir", DEFAULT_AUTHDIR, debug_level);
config.denydir = set_option_str("denydir", DEFAULT_DENYDIR, debug_level);
config.preauthdir = set_option_str("preauthdir", DEFAULT_PREAUTHDIR, debug_level);
config.ndsctl_sock = set_option_str("ndsctl_sock", DEFAULT_NDSCTL_SOCK, debug_level);
config.authentication_mark = set_option_str("authentication_mark", DEFAULT_AUTHENTICATION_MARK, debug_level);
// Setting binauth in config is deprecated. Use DEFAULT_BINAUTH only.
config.binauth = safe_strdup(set_option_str("binauth_deprecated", DEFAULT_BINAUTH, "0"));
config.custombinauth = safe_strdup(set_option_str("custombinauth", DEFAULT_CUSTOMBINAUTH, debug_level));
config.fas_path = safe_strdup(set_option_str("faspath", DEFAULT_FASPATH, debug_level));
config.themespec_path = safe_strdup(set_option_str("themespec_path", DEFAULT_THEMESPEC_PATH, debug_level));
config.fas_remoteip = safe_strdup(set_option_str("fasremoteip", DEFAULT_FAS_REMOTEIP, debug_level));
config.fas_remotefqdn = safe_strdup(set_option_str("fasremotefqdn", DEFAULT_FAS_REMOTEFQDN, debug_level));
config.fas_ssl = safe_strdup(set_option_str("fas_ssl", DEFAULT_FAS_SSL, debug_level));
config.binauth = set_option_str("binauth_deprecated", DEFAULT_BINAUTH, "0");
config.custombinauth = set_option_str("custombinauth", DEFAULT_CUSTOMBINAUTH, debug_level);
config.fas_path = set_option_str("faspath", DEFAULT_FASPATH, debug_level);
config.themespec_path = set_option_str("themespec_path", DEFAULT_THEMESPEC_PATH, debug_level);
config.fas_remoteip = set_option_str("fasremoteip", DEFAULT_FAS_REMOTEIP, debug_level);
config.fas_remotefqdn = set_option_str("fasremotefqdn", DEFAULT_FAS_REMOTEFQDN, debug_level);
config.fas_ssl = set_option_str("fas_ssl", DEFAULT_FAS_SSL, debug_level);
/*
********** Integer config parameters **********

6
src/http_microhttpd.c
View File

@@ -787,7 +787,7 @@ static int authenticated(struct MHD_Connection *connection,
originurl_raw = safe_calloc(SMALL_BUF);
captive_json = safe_calloc(SMALL_BUF);
if (strcmp(config->gw_fqdn, "disable") == 0 || strcmp(config->gw_fqdn, "disabled") == 0) {
if (strcmp(config->gw_fqdn, "disable") == 0 || strcmp(config->gw_fqdn, "disabled") == 0 || strcmp(config->gw_fqdn, "status.client") == 0) {
safe_snprintf(originurl_raw, SMALL_BUF, "http://%s", config->gw_ip);
} else {
safe_snprintf(originurl_raw, SMALL_BUF, "http://%s", config->gw_fqdn);
@@ -1169,7 +1169,7 @@ static int preauthenticated(struct MHD_Connection *connection, const char *url,
originurl_raw = safe_calloc(REDIRECT_URL);
if (strcmp(config->gw_fqdn, "disable") == 0 || strcmp(config->gw_fqdn, "disabled") == 0) {
if (strcmp(config->gw_fqdn, "disable") == 0 || strcmp(config->gw_fqdn, "disabled") == 0 || strcmp(config->gw_fqdn, "status.client") == 0) {
safe_snprintf(originurl_raw, REDIRECT_URL, "http://%s", config->gw_ip);
} else {
safe_snprintf(originurl_raw, REDIRECT_URL, "http://%s", config->gw_fqdn);
@@ -1435,7 +1435,7 @@ static char *construct_querystring(struct MHD_Connection *connection, t_client *
gw_url_raw = safe_calloc(REDIRECT_URL);
if (strcmp(config->gw_fqdn, "disable") == 0 || strcmp(config->gw_fqdn, "disabled") == 0) {
if (strcmp(config->gw_fqdn, "disable") == 0 || strcmp(config->gw_fqdn, "disabled") == 0 || strcmp(config->gw_fqdn, "status.client") == 0) {
safe_snprintf(gw_url_raw, REDIRECT_URL, "http://%s", config->gw_ip);
} else {
safe_snprintf(gw_url_raw, REDIRECT_URL, "http://%s", config->gw_fqdn);

7
src/main.c
View File

@@ -465,11 +465,16 @@ setup_from_config(void)
free(msg);
}
if (strcmp(config->gw_fqdn, "status.client") == 0) {
free(config->gw_fqdn);
config->gw_fqdn = safe_strdup(config->gw_ip);
}
if (config->dhcp_default_url_enable == 1) {
debug(LOG_DEBUG, "Enabling RFC8910 support");
dnscmd = safe_calloc(STATUS_BUF);
if (strcmp(config->gw_fqdn, "disable") != 0 && strcmp(config->gw_fqdn, "disabled") != 0) {
if (strcmp(config->gw_fqdn, "disable") != 0 && strcmp(config->gw_fqdn, "disabled") != 0 && strcmp(config->gw_fqdn, "status.client") != 0) {
safe_snprintf(dnscmd, STATUS_BUF, "/usr/lib/opennds/dnsconfig.sh \"cpidconf\" \"%s\"", config->gw_fqdn);
} else {
safe_snprintf(dnscmd, STATUS_BUF, "/usr/lib/opennds/dnsconfig.sh \"cpidconf\" \"%s\"", config->gw_address);