doc/mod/ssh-keys-import: reverse old and new

... and make it depend in RouterOS 7.19 and its builtin certificates.

INITIAL-COMMANDS.md

@@ -4,7 +4,7 @@ Initial commands
 [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers)
 [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network)
 [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers)
-[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
+[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.19-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
 [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts)
 [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J)
 
@@ -22,8 +22,8 @@ Run the complete base installation:
       :local CertFileName "ISRG-Root-X2.pem";
       :local CertFingerprint "69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470";
 
-      :if (!(([ /certificate/settings/get ]->"builtin-trust-anchors") = "trusted" && \
-           [[ :parse (":return [ :len [ /certificate/builtin/find where common-name=\"" . $CertCommonName . "\" ] ]") ]] > 0)) do={
+      :if (!([ /certificate/settings/get builtin-trust-anchors ] = "trusted" && \
+             [ :len [ /certificate/builtin/find where common-name=$CertCommonName ] ] > 0)) do={
         :put "Importing certificate...";
         /tool/fetch ($BaseUrl . "certs/" . $CertFileName) dst-path=$CertFileName as-value;
         :delay 1s;

README.md

@@ -4,7 +4,7 @@ RouterOS Scripts
 [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers)
 [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network)
 [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers)
-[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
+[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.19-yellow?style=flat)](https://mikrotik.com/download/changelogs/)
 [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts)
 [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J)
 

doc/mod/ssh-keys-import.md

@@ -38,8 +38,9 @@ import that key:
     $SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin;
 
 The third part of the key (`user` in this example) is inherited as
-`key-owner` in RouterOS. Also the `MD5` fingerprint is recorded, this helps
-to audit and verify the available keys.
+`info` in RouterOS (or `key-owner` with RouterOS 7.19.x and before). Also
+the `MD5` fingerprint is recorded, this helps to audit and verify the
+available keys.
 
 > ℹ️️ **Info**: Use `ssh-keygen` to show a fingerprint of an existing public
 > key file: `ssh-keygen -l -E md5 -f ~/.ssh/id_ed25519.pub`

fw-addr-lists.rsc

@@ -25,6 +25,7 @@
   :global LogPrint;
   :global LogPrintOnce;
   :global LogPrintVerbose;
+  :global MIN;
   :global ScriptLock;
   :global WaitFullyConnected;
 
@@ -111,22 +112,30 @@
           :set Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr"));
         }
         :do {
-          :local Branch [ $GetBranch $Address ];
+          :local Branch;
           :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={
             :if ($Address ~ "/32\$") do={
               :set Address [ :pick $Address 0 ([ :len $Address ] - 3) ];
             }
+            :set Branch [ $GetBranch $Address ];
             :set ($IPv4Addresses->$Branch->$Address) $TimeOut;
             :error true;
           }
           :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$") do={
-            :if ([ :typeof [ :find $Address "/" ] ] = "nil") do={
-              :set Address ($Address . "/128");
+            :local Net $Address;
+            :local Cidr 64;
+            :local Slash [ :find $Address "/" ];
+            :if ([ :typeof $Slash ] = "num") do={
+              :set Net [ :toip6 [ :pick $Address 0 $Slash ] ]
+              :set Cidr [ $MIN [ :pick $Address ($Slash + 1) [ :len $Address ] ] 64 ];
             }
+            :set Address (([ :toip6 $Net ] & ffff:ffff:ffff:ffff::) . "/" . $Cidr);
+            :set Branch [ $GetBranch $Address ];
             :set ($IPv6Addresses->$Branch->$Address) $TimeOut;
             :error true;
           }
           :if ($Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={
+            :set Branch [ $GetBranch $Address ];
             :set ($IPv4Addresses->$Branch->$Address) $TimeOut;
             :set ($IPv6Addresses->$Branch->$Address) $TimeOut;
             :error true;

global-functions.rsc

@@ -4,7 +4,7 @@
 #                         Michael Gisbers <michael@gisbers.de>
 # https://rsc.eworm.de/COPYING.md
 #
-# requires RouterOS, version=7.15
+# requires RouterOS, version=7.19
 # requires device-mode, fetch, scheduler
 #
 # global functions
@@ -121,8 +121,8 @@
     :return false;
   }
 
-  :if (([ /certificate/settings/get ]->"builtin-trust-anchors") = "trusted" && \
-       [[ :parse (":return [ :len [ /certificate/builtin/find where common-name=\"" . $CommonName . "\" ] ]") ]] > 0) do={
+  :if ([ /certificate/settings/get builtin-trust-anchors ] = "trusted" && \
+       [ :len [ /certificate/builtin/find where common-name=$CommonName ] ] > 0) do={
     :return true;
   }
 

log-forward.rsc

@@ -95,7 +95,7 @@
     :set LogForwardRateLimit ($LogForwardRateLimit + 10);
 
     $SendNotification2 ({ origin=$ScriptName; \
-      subject=([ $SymbolForNotification [ $IfThenElse ($Warning = true) "warning-sign" "memo" ] ] . \
+      subject=([ $SymbolForNotification ("memo" . [ $IfThenElse ($Warning = true) ",warning-sign" ]) ] . \
         "Log Forwarding"); \
       message=("The log on " . $Identity . " contains " . [ $IfThenElse ($Count = 1) "this message" \
         ("these " . $Count . " messages") ] . " after " . [ /system/resource/get uptime ] . " uptime." . \

mod/ssh-keys-import.rsc

@@ -40,7 +40,9 @@
 
   :local FingerPrintMD5 [ :convert from=base64 transform=md5 to=hex ($KeyVal->1) ];
 
-  :if ([ :len [ /user/ssh-keys/find where user=$User key-owner~("\\bmd5=" . $FingerPrintMD5 . "\\b") ] ] > 0) do={
+  :local RegEx ("\\bmd5=" . $FingerPrintMD5 . "\\b");
+  :if ([ :len [ /user/ssh-keys/find where user=$User \
+       (key-owner~$RegEx or info~$RegEx) ] ] > 0) do={
     $LogPrint warning $0 ("The ssh public key (MD5:" . $FingerPrintMD5 . \
       ") is already available for user '" . $User . "'.");
     :return false;