summaryrefslogtreecommitdiff
path: root/src/conf_mode/vpn_sstp.py
AgeCommit message (Collapse)Author
2024-01-04configdict: T5894: add get_config_dict() flag with_pkiChristian Breunig
VyOS has several services relaying on the PKI CLI tree to retrieve certificates. Consuming services like ethernet, openvpn or ipsec all re-implemented the same code to retrieve the certificates from the CLI. This commit extends the signature of get_config_dict() with a new option with_pki that defaults to false. If this option is set, the PKI CLI tree will be blended into the resulting dictionary. (cherry picked from commit b152b52023ba0cf0d4919eae39e92de28a458917)
2023-12-28accel-ppp: T5688: Standardized pool configuration in accel-pppaapostoliuk
Standardized pool configuration for all accel-ppp services. 1. Only named pools are used now. 2. Allows all services to use range in x.x.x.x/mask and x.x.x.x-x.x.x.y format 3. next-pool can be used in all services 2. Allows to use in ipoe gw-ip-address without pool configuration which allows to use Fraimed-IP-Address attribute by radius. 3. Default pool name should be explicidly configured with default-pool. 4. In ipoe netmask and range subnet can be different. (cherry picked from commit 422eb463d413da812eabc28706e507a9910d7b53)
2023-07-15T5195: vyos.util -> vyos.utils package refactoring part #2Christian Breunig
2023-07-14T5195: vyos.util -> vyos.utils package refactoring (#2093)Christian Breunig
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process * T5195: use read_file and write_file implementation from vyos.utils.file Changed code automatically using: find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} + find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} + * T5195: move chmod* helpers to vyos.utils.permission * T5195: use colon_separated_to_dict from vyos.utils.dict * T5195: move is_systemd_service_* to vyos.utils.process * T5195: fix boot issues with missing imports * T5195: move dict_search_* helpers to vyos.utils.dict * T5195: move network helpers to vyos.utils.network * T5195: move commit_* helpers to vyos.utils.commit * T5195: move user I/O helpers to vyos.utils.io
2022-08-25sstp: T4644: Check SSTP bind port before commitViacheslav Hletenko
By default SSTP bind port '443' and this port can be used by another service like 'service https' or 'vpn openconnect' Check if port bound to another service
2022-06-09sstp: T4444: merge of defaultValue already done in get_accel_dict()Christian Poessinger
2022-05-26sstp: T4444. Port number changing supportgoodNETnick
2022-05-01accel-ppp: T4353: fix Jinja2 linting errorsChristian Poessinger
2021-11-03sstp: T3931: Fixes PKI integration with SSTPsarthurdev
2021-10-22sstp: T2566: Fix verify section for pool ipv6 onlyViacheslav
(cherry picked from commit 3af310cb76d96d08151e4cdc83abcfe15484a556)
2021-07-20pki: sstp: T3642: Migrate SSTP to PKI configurationsarthurdev
2020-11-27vyos.template: T2720: always enable Jinja2 trim_blocks featureChristian Poessinger
2020-10-28vyos.util: T2995: rename vyos_dict_search() -> dict_search()Christian Poessinger
Renamed using snippet below: ---------------------------- for file in $(find . -name "*.py") do sed -i "s/vyos_dict_search/dict_search/" $file done
2020-10-04sstp: T2960: migrate to get_config_dict() and reusable templatesChristian Poessinger
2020-10-04sstp: T2953: migrate gateway-address, client-ip-settings to common levelChristian Poessinger
* move "network-settings gateway-address" to "gateway-address" * move "network-settings client-ip-settings" to "client-ip-pool"
2020-10-03sstp: T2953: migrate mtu to common levelChristian Poessinger
Preparation before using get_config_dict() and common Jinja2 templates.
2020-10-03vpn: sstp: T2008: set DA/CoA default port 1700Christian Poessinger
2020-10-03sstp: T2953: migrate name-server settions to common levelChristian Poessinger
In order to reuse as much as possible before migrationg to get_config_dict() and re-use Jinja2 snippets the name-server node must be moved one level up to 'set vpn sstp name-server'.
2020-10-02sstp: T2953: migrate ppp-settings to ppp-options nodeChristian Poessinger
2020-08-31configd: T2582: add scripts to include list for daemonJohn Estabrook
2020-08-02accel-ppp: T2756: make RADIUS accounting port configurableChristian Poessinger
Make the port used for RADIUS accounting user configurable. This is now valid for the following services which are based on Accel-PPP: * ipoe-server * pppoe-server * l2tp * pptp * sstp
2020-06-22vpn: sstp: T2008: fix improper use of fail-time dictionary keyChristian Poessinger
2020-05-29airbag: T2088: explicit enabling of the featureThomas Mangin
airbag must now be explicitly installed. the patch also allow to fully disables the installation of the logging code at setup (and not just installing and doing nothing)
2020-05-06sstp: T2392: add IPv6 DNS supportChristian Poessinger
New command added: * set vpn sstp network-settings name-server 2001:db8::1111
2020-05-06sstp: T2392: add initial IPv6 supportChristian Poessinger
New commands added: * set vpn sstp network-settings client-ipv6-pool prefix 2001:db8::/64 mask 112 * set vpn sstp network-settings client-ipv6-pool delegate 2001:db8:100::/48 delegation-prefix 64
2020-04-27template: T2388: move mkdir/chmod/chown within render()Thomas Mangin
2020-04-22accel-ppp: fix wrong reference in verify() on missing attributesChristian Poessinger
2020-04-21vyos.util: migrate all cpu_count() occurances to common get_half_cpus()Christian Poessinger
2020-04-18accel-ppp: T2314: use common tempplate for chap-secretsChristian Poessinger
2020-04-18vpn: l2tp: sstp: ease unlinking of configuration filesChristian Poessinger
2020-04-12template: T2230: use render to generate templatesThomas Mangin
convert all call to jinja to use template.render
2020-04-12vpn: sstp: T2185: move generated files to volatile /run/accel-ppp directoryChristian Poessinger
2020-04-12vpn: sstp: T2008: bugfix chap-secrets generationChristian Poessinger
Commit 13510cac5a4a ("vpn: sstp: T2008: migrate from SysVinit -> systemd") unfortunately wrote the filename into the chap-secrets file instead of the rendered secrets.
2020-04-11vpn: l2tp: sstp: T2264: create config dir on demandChristian Poessinger
2020-04-11vpn: sstp: T2008: migrate from SysVinit -> systemdChristian Poessinger
2020-04-11vpn: sstp: T2008: bugfix KeyError 'client_gateway'Christian Poessinger
2020-04-11vpn: sstp: T2008: set accell default values in config dictChristian Poessinger
This will remove the required if/else parts int he Jinja2 template.
2020-04-11vpn: sstp: T2008: improve error message for non existent local-usersChristian Poessinger
2020-04-11vpn: sstp: T2008: cleanup thread_cnt generationChristian Poessinger
2020-04-11vpn: sstp: T2008: adjust DNS error messageChristian Poessinger
2020-04-06util: T2226: remove all references to subprocess_cmdThomas Mangin
2020-04-06util: T2226: rewrite conf accel-ppp commands to use cmdThomas Mangin
2020-04-05sstp: T2230: add Jinja2 trim_blocks Environment optionChristian Poessinger
2020-04-05sstp: T2230: move inlined templates to dedicated filesChristian Poessinger
2020-03-29vyos.util: increase usage of process_running() and remove duplicated codeChristian Poessinger
OpenVPN, WIFI, SSTP all had the same boiler plate copied about checking if a process associated with a pidfile is running or not. This has been migrated to the common library function vyos.util.process_running().
2020-03-23ifconfig: T2154: fixing failure to start-stop-daemonThomas Mangin
2020-03-22sstp: T2150: use full file path on SSL certificatesChristian Poessinger
2020-03-21sstp: T2008: move ippool after radius and chap configurationChristian Poessinger
2020-03-20sstp: T2008: migrate SSL certificate nodesChristian Poessinger
2020-03-20sstp: T2008: remove req-limit config nodeChristian Poessinger
Limiting the amount of requests passed to a server seems to be the wrong way to tackle a problem.