From c3fcb81a4b73b12321703e75dd32e60a327c6b33 Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Mon, 30 Sep 2013 21:37:40 +0200 Subject: [PATCH] ssh keys --- .../lib/lua/luci/controller/admin/system.lua | 2 +- .../lib/lua/luci/model/cbi/admin/passwd.lua | 86 ++++++++++++++----- 2 files changed, 64 insertions(+), 24 deletions(-) diff --git a/package/gluon-luci-admin/files/usr/lib/lua/luci/controller/admin/system.lua b/package/gluon-luci-admin/files/usr/lib/lua/luci/controller/admin/system.lua index cb0152c2..457f1dde 100644 --- a/package/gluon-luci-admin/files/usr/lib/lua/luci/controller/admin/system.lua +++ b/package/gluon-luci-admin/files/usr/lib/lua/luci/controller/admin/system.lua @@ -16,7 +16,7 @@ $Id$ module("luci.controller.admin.system", package.seeall) function index() - entry({"admin", "passwd"}, form("admin/passwd"), _("Admin Password"), 10) + entry({"admin", "passwd"}, cbi("admin/passwd"), _("Admin Password"), 10) entry({"admin", "backup"}, call("action_backup"), _("Backup / Restore"), 80) entry({"admin", "upgrade"}, call("action_upgrade"), _("Flash Firmware"), 90) entry({"admin", "reboot"}, call("action_reboot"), _("Reboot"), 100) diff --git a/package/gluon-luci-admin/files/usr/lib/lua/luci/model/cbi/admin/passwd.lua b/package/gluon-luci-admin/files/usr/lib/lua/luci/model/cbi/admin/passwd.lua index 5b9efc4d..9f1ba873 100644 --- a/package/gluon-luci-admin/files/usr/lib/lua/luci/model/cbi/admin/passwd.lua +++ b/package/gluon-luci-admin/files/usr/lib/lua/luci/model/cbi/admin/passwd.lua @@ -2,7 +2,8 @@ LuCI - Lua Configuration Interface Copyright 2008 Steven Barth -Copyright 2008 Jo-Philipp Wich +Copyright 2011 Jo-Philipp Wich +Copyright 2013 Nils Schneider Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -12,34 +13,73 @@ You may obtain a copy of the License at $Id$ ]]-- -f = SimpleForm("password", translate("Admin Password"), translate("Change the password of the system administrator (User root)")) -pw1 = f:field(Value, "pw1", translate("Password")) +local fs = require "nixio.fs" + +local m, s, pw1, pw2 + +m = Map("system", "Passwort & SSH Keys") + +s = m:section(TypedSection, translate("Router Password"), + translate("Changes the administrator password for accessing the device")) + +s.addremove = false +s.anonymous = true + +pw1 = s:option(Value, "pw1", translate("Password")) pw1.password = true -pw1.rmempty = false -pw2 = f:field(Value, "pw2", translate("Confirmation")) +pw2 = s:option(Value, "pw2", translate("Confirmation")) pw2.password = true -pw2.rmempty = false -function pw2.validate(self, value, section) - return pw1:formvalue(section) == value and value +function s.cfgsections() + return { "_pass" } end -function f.handle(self, state, data) - if state == FORM_VALID then - local stat = luci.sys.user.setpasswd("root", data.pw1) == 0 - - if stat then - f.message = translate("Password successfully changed") - else - f.errmessage = translate("Unknown Error") - end - - data.pw1 = nil - data.pw2 = nil - end - return true +function m.on_commit(map) + local v1 = pw1:formvalue("_pass") + local v2 = pw2:formvalue("_pass") + + if v1 and v2 and #v1 > 0 and #v2 > 0 then + if v1 == v2 then + if luci.sys.user.setpasswd(luci.dispatcher.context.authuser, v1) == 0 then + m.message = translate("Password successfully changed!") + else + m.message = translate("Unknown Error, password not changed!") + end + else + m.message = translate("Given password confirmation did not match, password not changed!") + end + end end -return f +if fs.access("/etc/config/dropbear") then + s = m:section(TypedSection, "_keys", "SSH Keys", + translate("Here you can paste public SSH-Keys (one per line) for SSH public-key authentication.")) + + s.addremove = false + s.anonymous = true + + function s.cfgsections() + return { "_keys" } + end + + local keys + + keys = s:option(TextValue, "_data", "") + keys.wrap = "off" + keys.rows = 3 + keys.rmempty = false + + function keys.cfgvalue() + return fs.readfile("/etc/dropbear/authorized_keys") or "" + end + + function keys.write(self, section, value) + if value then + fs.writefile("/etc/dropbear/authorized_keys", value:gsub("\r\n", "\n")) + end + end +end + +return m