From 1aeaedb06928ce72c9439802055770826b32b454 Mon Sep 17 00:00:00 2001 From: goodNETnick Date: Thu, 26 May 2022 02:10:26 -0400 Subject: sstp: T4444. Port number changing support --- data/templates/accel-ppp/sstp.config.j2 | 1 + interface-definitions/vpn_sstp.xml.in | 14 ++++++++++++++ src/conf_mode/vpn_sstp.py | 10 ++++++++-- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/data/templates/accel-ppp/sstp.config.j2 b/data/templates/accel-ppp/sstp.config.j2 index 5c6f19306..7ee28dd21 100644 --- a/data/templates/accel-ppp/sstp.config.j2 +++ b/data/templates/accel-ppp/sstp.config.j2 @@ -28,6 +28,7 @@ disable [sstp] verbose=1 ifname=sstp%d +port={{ port }} accept=ssl ssl-ca-file=/run/accel-pppd/sstp-ca.pem ssl-pemfile=/run/accel-pppd/sstp-cert.pem diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn_sstp.xml.in index fe2fea9f8..c85cab7dc 100644 --- a/interface-definitions/vpn_sstp.xml.in +++ b/interface-definitions/vpn_sstp.xml.in @@ -37,6 +37,20 @@ #include + + + SSTP server listening port + + u32:1-65535 + SSTP server listening port + + + + + SSTP server listening port must be between 1 and 65535 + + 443 + PPP (Point-to-Point Protocol) settings diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index db53463cf..c2dc97caf 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2020 VyOS maintainers and contributors +# Copyright (C) 2018-2022 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -20,6 +20,7 @@ from sys import exit from vyos.config import Config from vyos.configdict import get_accel_dict +from vyos.configdict import dict_merge from vyos.configverify import verify_accel_ppp_base_service from vyos.pki import wrap_certificate from vyos.pki import wrap_private_key @@ -27,6 +28,7 @@ from vyos.template import render from vyos.util import call from vyos.util import dict_search from vyos.util import write_file +from vyos.xml import defaults from vyos import ConfigError from vyos import airbag airbag.enable() @@ -51,6 +53,11 @@ def get_config(config=None): # retrieve common dictionary keys sstp = get_accel_dict(conf, base, sstp_chap_secrets) + default_values = defaults(base) + sstp = dict_merge(default_values, sstp) + # workaround a "know limitation" - https://phabricator.vyos.net/T2665 + del sstp['authentication']['local_users']['username']['static_ip'] + if sstp: sstp['pki'] = conf.get_config_dict(['pki'], key_mangling=('-', '_'), get_first_key=True, no_tag_node_value_mangle=True) @@ -121,7 +128,6 @@ def generate(sstp): ca_cert_name = sstp['ssl']['ca_certificate'] pki_ca = sstp['pki']['ca'][ca_cert_name] - write_file(cert_file_path, wrap_certificate(pki_cert['certificate'])) write_file(cert_key_path, wrap_private_key(pki_cert['private']['key'])) write_file(ca_cert_file_path, wrap_certificate(pki_ca['certificate'])) -- cgit v1.2.3