diff options
-rw-r--r-- | interface-definitions/vpn-sstp.xml.in (renamed from interface-definitions/sstp.xml.in) | 6 | ||||
-rwxr-xr-x | src/conf_mode/vpn_sstp.py (renamed from src/conf_mode/accel_sstp.py) | 23 | ||||
-rwxr-xr-x | src/migration-scripts/sstp/0-to-1 | 56 |
3 files changed, 70 insertions, 15 deletions
diff --git a/interface-definitions/sstp.xml.in b/interface-definitions/vpn-sstp.xml.in index 12a956bd9..c7c3c3ea5 100644 --- a/interface-definitions/sstp.xml.in +++ b/interface-definitions/vpn-sstp.xml.in @@ -1,10 +1,10 @@ <?xml version="1.0"?> <interfaceDefinition> - <node name="service"> + <node name="vpn"> <children> - <node name="sstp-server" owner="${vyos_conf_scripts_dir}/accel_sstp.py"> + <node name="sstp" owner="${vyos_conf_scripts_dir}/vpn_sstp.py"> <properties> - <help>Secure Socket Tunneling Protocol (SSTP) Server</help> + <help>Secure Socket Tunneling Protocol (SSTP) server</help> <priority>900</priority> </properties> <children> diff --git a/src/conf_mode/accel_sstp.py b/src/conf_mode/vpn_sstp.py index 1317a32db..12d62ad70 100755 --- a/src/conf_mode/accel_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018 VyOS maintainers and contributors +# Copyright (C) 2018-2020 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -13,8 +13,6 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -# -# import sys import os @@ -44,7 +42,7 @@ if not os.path.exists(ssl_cert_dir): sl.syslog(sl.LOG_NOTICE, ssl_cert_dir + " created") sstp_config = ''' -### generated by accel_sstp.py ### +### generated by vpn_sstp.py ### [modules] log_syslog sstp @@ -187,7 +185,7 @@ chap_secrets_conf = ''' ### # depending on hw and threads, daemon needs a little to start # if it takes longer than 100 * 0.5 secs, exception is being raised -# not sure if that's the best way to check it, but it worked so far quite well +# not sure if that's the best way to check it, but it worked so far quite well ### def chk_con(): cnt = 0 @@ -225,16 +223,17 @@ def accel_cmd(cmd=''): #### check ig local-ip is in client pool subnet -### +### # inline helper functions end ### def get_config(): + base_path = ['vpn', 'sstp'] c = Config() - if not c.exists('service sstp-server'): + if not c.exists(base_path): return None - c.set_level('service sstp-server') + c.set_level(base_path) config_data = { 'authentication' : { @@ -332,7 +331,7 @@ def get_config(): } } ) - if c.exists('authentication radius-settings rate-limit enable'): + if c.exists('authentication radius-settings rate-limit enable'): if not c.exists('authentication radius-settings rate-limit attribute'): config_data['authentication']['radiusopt']['shaper'] = { 'attr' : 'Filter-Id' } else: @@ -411,14 +410,14 @@ def verify(c): if c['authentication']['mode'] == 'local': if not c['ip_pool']: - print ("WARNING: service sstp-server network-settings client-ip-settings subnet requires a value") + print ("WARNING: service sstp-server network-settings client-ip-settings subnet requires a value") if not c['gw']: print ("WARNING: service sstp-server network-settings client-ip-settings gateway-address requires a value") - + def generate(c): if c == None: return None - + ### accel-cmd reload doesn't work so any change results in a restart of the daemon try: if os.cpu_count() == 1: diff --git a/src/migration-scripts/sstp/0-to-1 b/src/migration-scripts/sstp/0-to-1 new file mode 100755 index 000000000..0fe1a203f --- /dev/null +++ b/src/migration-scripts/sstp/0-to-1 @@ -0,0 +1,56 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# - migrate from "service sstp-server" to "vpn sstp" + +import os +import sys + +from vyos.configtree import ConfigTree + +if (len(sys.argv) < 1): + print("Must specify file name!") + sys.exit(1) + +file_name = sys.argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +config = ConfigTree(config_file) +old_base = ['service', 'sstp-server'] +if not config.exists(old_base): + # Nothing to do + sys.exit(0) +else: + # ensure new base path exists + if not config.exists(['vpn']): + config.set(['vpn']) + + new_base = ['vpn', 'sstp'] + # copy entire tree + config.copy(old_base, new_base) + config.delete(old_base) + + print(config.to_string()) + sys.exit(1) + + try: + with open(file_name, 'w') as f: + f.write(config.to_string()) + except OSError as e: + print("Failed to save the modified config: {}".format(e)) + sys.exit(1) |