global-functions: $CertificateAvailable: drop the compatibility workaround...

... and make it depend in RouterOS 7.19 and its builtin certificates.

INITIAL-COMMANDS.md

@@ -4,7 +4,7 @@ Initial commands
 [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers)
 [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network)
 [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers)
-[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
+[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.19-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
 [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts)
 [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J)
 
@@ -26,7 +26,7 @@ Run the complete base installation:
       :if (!((($CertSettings->"builtin-trust-anchors") = "trusted" || \
               ($CertSettings->"builtin-trust-store") ~ "fetch" || \
               ($CertSettings->"builtin-trust-store") = "all") && \
-             [[ :parse (":return [ :len [ /certificate/builtin/find where common-name=\"" . $CertCommonName . "\" ] ]") ]] > 0)) do={
+             [ :len [ /certificate/builtin/find where common-name=$CertCommonName ] ] > 0)) do={
         :put "Importing certificate...";
         /tool/fetch ($BaseUrl . "certs/" . $CertFileName) dst-path=$CertFileName as-value;
         :delay 1s;
@@ -41,7 +41,7 @@ Run the complete base installation:
       :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={
         :put "Installing $Script...";
         /system/script/remove [ find where name=$Script ];
-        /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ($BaseUrl . $Script . ".rsc") output=user as-value]->"data");
+        /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ($BaseUrl . $Script . ".rsc") output=user as-value ]->"data");
       };
       :put "Loading configuration and functions...";
       /system/script { run global-config; run global-functions; };

README.md

@@ -4,7 +4,7 @@ RouterOS Scripts
 [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers)
 [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network)
 [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers)
-[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
+[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.19-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
 [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts)
 [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J)
 
@@ -128,7 +128,7 @@ date and time is set correctly!
 
 Now let's download the main scripts and add them in configuration on the fly.
 
-    :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://rsc.eworm.de/main/" . $Script . ".rsc") output=user as-value]->"data"); };
+    :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://rsc.eworm.de/main/" . $Script . ".rsc") output=user as-value ]->"data"); };
 
 ![screenshot: import scripts](README.d/04-import-scripts.avif)
 

check-perpetual-license.rsc

@@ -42,7 +42,7 @@
     $LogPrint warning $ScriptName ("Your license expired on " . ($License->"deadline-at") . "!");
     :if ($SentCertificateNotification != "expired") do={
       $SendNotification2 ({ origin=$ScriptName; \
-        subject=([ $SymbolForNotification "warning-sign" ] . "License expired!"); \
+        subject=([ $SymbolForNotification "scroll,cross-mark" ] . "License expired!"); \
         message=("Your license expired on " . ($License->"deadline-at") . \
           ", can no longer update RouterOS on " . $Identity . "...") });
       :set SentCertificateNotification "expired";
@@ -55,7 +55,7 @@
     $LogPrint warning $ScriptName ("Your license will expire on " . ($License->"deadline-at") . "!");
     :if ($SentCertificateNotification != "warning") do={
       $SendNotification2 ({ origin=$ScriptName; \
-        subject=([ $SymbolForNotification "warning-sign" ] . "License about to expire!"); \
+        subject=([ $SymbolForNotification "scroll,warning-sign" ] . "License about to expire!"); \
         message=("Your license failed to renew and is about to expire on " . \
           ($License->"deadline-at") . " on " . $Identity . "...") });
       :set SentCertificateNotification "warning";
@@ -68,7 +68,7 @@
        [ :totime ($License->"deadline-at") ] - 4w > [ :timestamp ]) do={
     $LogPrint info $ScriptName ("Your license was successfully renewed.");
     $SendNotification2 ({ origin=$ScriptName; \
-      subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "License renewed"); \
+      subject=([ $SymbolForNotification "scroll,white-heavy-check-mark" ] . "License renewed"); \
       message=("Your license was successfully renewed on " . $Identity . \
         ". It is now valid until " . ($License->"deadline-at") . ".") });
     :set SentCertificateNotification;

check-routeros-update.rsc

@@ -39,14 +39,11 @@
   :local DoUpdate do={
     :local ScriptName [ :tostr $1 ];
 
-    :global LogPrint;
-
     :if ([ :len [ /system/script/find where name="packages-update" ] ] > 0) do={
       /system/script/run packages-update;
     } else={
       /system/package/update/install without-paging;
     }
-    $LogPrint info $ScriptName ("Waiting for system to reboot.");
   }
 
   :if ([ $ScriptLock $ScriptName ] = false) do={

doc/mod/ssh-keys-import.md

@@ -38,7 +38,7 @@ import that key:
     $SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin;
 
 The third part of the key (`user` in this example) is inherited as
-`key-owner` in RouterOS (or `info` starting with RouterOS 7.21beta2). Also
+`info` in RouterOS (or `key-owner` with RouterOS 7.20.x and before). Also
 the `MD5` fingerprint is recorded, this helps to audit and verify the
 available keys.
 

global-functions.rsc

@@ -4,7 +4,7 @@
 #                         Michael Gisbers <michael@gisbers.de>
 # https://rsc.eworm.de/COPYING.md
 #
-# requires RouterOS, version=7.15
+# requires RouterOS, version=7.19
 # requires device-mode, fetch, scheduler
 #
 # global functions
@@ -131,7 +131,7 @@
   :if ((($CertSettings->"builtin-trust-anchors") = "trusted" || \
         ($CertSettings->"builtin-trust-store") ~ $UseFor || \
         ($CertSettings->"builtin-trust-store") = "all") && \
-       [[ :parse (":return [ :len [ /certificate/builtin/find where common-name=\"" . $CommonName . "\" ] ]") ]] > 0) do={
+       [ :len [ /certificate/builtin/find where common-name=$CommonName ] ] > 0) do={
     :return true;
   }
 
@@ -1672,6 +1672,7 @@
 :set SymbolByUnicodeName do={
   :local Name [ :tostr $1 ];
 
+  :global EitherOr;
   :global LogPrintOnce;
 
   :global SymbolsExtra;
@@ -1703,6 +1704,7 @@
     "mobile-phone"="\F0\9F\93\B1";
     "pushpin"="\F0\9F\93\8C";
     "scissors"="\E2\9C\82";
+    "scroll"="\F0\9F\93\9C";
     "smiley-partying-face"="\F0\9F\A5\B3";
     "smiley-smiling-face"="\E2\98\BA";
     "smiley-winking-face-with-tongue"="\F0\9F\98\9C";
@@ -1713,12 +1715,19 @@
     "white-heavy-check-mark"="\E2\9C\85"
   }, $SymbolsExtra);
 
+  :local Magic [ :pick [ /system/clock/get date ] 4 10 ];
+  :local Special {
+    "information-04-01"="\F0\9F\9A\BB";
+    "large-orange-circle-04-01"="\F0\9F\8D\8A";
+    "large-orange-circle-10-31"="\F0\9F\8E\83";
+    "large-red-circle-04-01"="\F0\9F\8D\92" };
+
   :if ([ :len ($Symbols->$Name) ] = 0) do={
     $LogPrintOnce warning $0 ("No symbol available for name '" . $Name . "'!");
     :return "";
   }
 
-  :return (($Symbols->$Name) . "\EF\B8\8F");
+  :return ([ $EitherOr ($Special->($Name . $Magic)) ($Symbols->$Name) ] . "\EF\B8\8F");
 }
 
 # return symbol for notification

netwatch-dns.rsc

@@ -73,13 +73,6 @@
 
   :local DohCurrent [ /ip/dns/get use-doh-server ];
   :local DohServers ({});
-
-  :if ([ :len $DohCurrent ] > 0 && [ $IsDNSResolving ] = false && [ $IsTimeSync ] = false) do={
-    $LogPrint info $ScriptName ("Time is not sync, disabling DoH: " . $DohCurrent);
-    /ip/dns/set use-doh-server="";
-    :set DohCurrent "";
-  }
-
   :foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={
     :local HostVal [ /tool/netwatch/get $Host ];
     :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ];
@@ -94,8 +87,8 @@
         :set ($HostInfo->"doh-url") ("https://" . [ $EitherOr $HostName ($HostVal->"host") ] . "/dns-query");
       }
 
-      :if ($DohCurrent = $HostInfo->"doh-url") do={
-        $LogPrint debug $ScriptName ("Current DoH server is still up: " . $DohCurrent);
+      :if ($DohCurrent = $HostInfo->"doh-url" && [ $IsDNSResolving ] = true) do={
+        $LogPrint debug $ScriptName ("Current DoH server is still up and resolving: " . $DohCurrent);
         :set ExitOK true;
         :error true;
       }
@@ -105,7 +98,7 @@
   }
 
   :if ([ :len $DohCurrent ] > 0) do={
-    $LogPrint info $ScriptName ("Current DoH server is down, disabling: " . $DohCurrent);
+    $LogPrint info $ScriptName ("Current DoH server is down or not resolving, disabling: " . $DohCurrent);
     /ip/dns/set use-doh-server="";
     /ip/dns/cache/flush;
   }