diff --git a/contrib/telegram.md b/contrib/telegram.md index 192fd6cb..f84d6dc3 100644 --- a/contrib/telegram.md +++ b/contrib/telegram.md @@ -95,10 +95,6 @@ Notes /save dhcpv4-server-lease Run other scripts on IPv4 DHCP server lease with [dhcpv4-server-lease](https://rsc.eworm.de/doc/dhcpv4-server-lease.md). -#### dhcpv6-client-lease - - /save dhcpv6-client-lease Run other scripts on IPv6 DHCP client lease with [dhcpv6-client-lease](https://rsc.eworm.de/doc/dhcpv6-client-lease.md). - #### firmware-upgrade-reboot /save firmware-upgrade-reboot Automatically upgrade firmware and reboot with [firmware-upgrade-reboot](https://rsc.eworm.de/doc/firmware-upgrade-reboot.md). diff --git a/doc/mod/notification-email.md b/doc/mod/notification-email.md index cae7c94b..c45e917c 100644 --- a/doc/mod/notification-email.md +++ b/doc/mod/notification-email.md @@ -37,9 +37,7 @@ Also make sure the device has correct time configured, best is to set up the ntp client. Then edit `global-config-overlay`, add `EmailGeneralTo` with a valid -recipient address. Optionally add `EmailServerCertificate` and add the CA -certificate name if you have certificate verification enabled. Finally -reload the configuration. +recipient address. Finally reload the configuration. > ℹ️ **Info**: Copy relevant configuration from > [`global-config`](../../global-config.rsc) (the one without `-overlay`) to diff --git a/global-config.rsc b/global-config.rsc index 12c85916..1425764c 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -31,8 +31,6 @@ :global EmailGeneralCc ""; #:global EmailGeneralTo "mail@example.com"; #:global EmailGeneralCc "another@example.com,third@example.com"; -# Add the CA certificate name here for verification. -:global EmailServerCertificate ""; # You can send Telegram notifications. Register a bot # and add the token and chat ids here, then install the module: diff --git a/global-functions.rsc b/global-functions.rsc index 413517f3..dab203d0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -15,7 +15,7 @@ # Git commit id & info, expected configuration version :global CommitId "unknown"; :global CommitInfo "unknown"; -:global ExpectedConfigVersion 142; +:global ExpectedConfigVersion 141; # global variables not to be changed by user :global GlobalFunctionsReady false; @@ -111,13 +111,11 @@ :local UseFor [ :tostr $2 ]; :global CertificateDownload; + :global EitherOr; :global LogPrint; :global ParseKeyValueStore; - :if ([ :len $UseFor ] = 0) do={ - $LogPrint warning $0 ("The intended use is undefined!"); - :set UseFor "undefined"; - } + :set UseFor [ $EitherOr $UseFor "undefined" ]; :if ([ /system/resource/get free-hdd-space ] < 8388608 && \ [ /certificate/settings/get crl-download ] = true && \ @@ -191,12 +189,7 @@ $LogPrint warning $0 ("Failed downloading certificate with CommonName '" . $CommonName . \ "' from repository! Trying fallback to mkcert.org..."); :do { - :local CertSettings [ /certificate/settings/get ]; - :if ([ :len [ /certificate/find where common-name="ISRG Root X1" ] ] = 0 && \ - !((($CertSettings->"builtin-trust-anchors") = "trusted" || \ - ($CertSettings->"builtin-trust-store") ~ "fetch" || \ - ($CertSettings->"builtin-trust-store") = "all") && \ - [ :len [ /certificate/builtin/find where common-name="ISRG Root X1" ] ] > 0)) do={ + :if ([ :len [ /certificate/find where common-name="ISRG Root X1" ] ] = 0) do={ $LogPrint error $0 ("Required certificate is not available."); :return false; } diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index b6288821..b0ac77ac 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -37,9 +37,7 @@ # flush e-mail queue :set FlushEmailQueue do={ :onerror Err { :global EmailQueue; - :global EmailServerCertificate; - :global CertificateAvailable; :global EitherOr; :global EMailGenerateFrom; :global FileExists; @@ -92,14 +90,6 @@ :return false; } - :if (([ /tool/e-mail/get ]->"certificate-verification") ~ "^yes" && \ - [ :len $EmailServerCertificate ] > 0) do={ - :if ([ $CertificateAvailable $EmailServerCertificate "email" ] = false) do={ - $LogPrint warning $0 ("Downloading required certificate failed."); - :return false; - } - } - /system/scheduler/set interval=($QueueLen . "m") comment="Sending..." \ [ find where name="_FlushEmailQueue" ]; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 2c1a0272..109244ea 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -66,7 +66,6 @@ 139="Certificate Authorities will reduce the leaf certificate validity times soon. Thus the defaults for renewal and warning in 'check-certificates' were decreased."; 140="The scripts 'lease-script' was renamed to 'dhcpv4-server-lease', configuration was updated automatically."; 141="Introduced script 'dhcpv6-client-lease' to run several scripts on IPv6 DHCP client lease."; - 142="Added a setting for 'mod/notification-email' to check availability of certificate chain."; }; # Migration steps to be applied on script updates