Age | Commit message (Expand) | Author | Files | Lines |
2024-10-30 | global-functions: $CertificateAvailable: fail without CommonName | Christian Hesse | 1 | -0/+5 |
2024-09-26 | global-functions: $CertificateDownload: add another check...•••... that the certificate is really available.
Turns out that mkcert.org ships certificates where OU or whatever
matches - that's not what we want.
| Christian Hesse | 1 | -0/+6 |
2024-09-13 | global-functions: $VersionToNum: support "zero"...•••... to have a clean way to generate bitmasks.
[admin@mikrotik] > :put [ $VersionToNum 0.255zero0 ]
16711680
[admin@mikrotik] > :put 0x00ff0000
16711680
Once implemented everywhere the internal calculation could be
changed easily.
| Christian Hesse | 1 | -1/+2 |
2024-07-22 | global-functions: $EitherOr: revert...•••... but leave a comment.
| Christian Hesse | 1 | -3/+1 |
2024-07-22 | global-functions: $EitherOr: pass boolean value•••Note that literal "true" or "false" (even without quotes) is converted
to string. So you may have to enclose it in parentheses for a boolean
value:
> :put [ :typeof [ $EitherOr true false ] ];
str
> :put [ :typeof [ $EitherOr (true) (false) ] ];
bool
| Christian Hesse | 1 | -0/+3 |
2024-07-16 | global-functions: $Unix2Dos: use :tocrlf | Christian Hesse | 1 | -6/+1 |
2024-07-16 | global-functions: $PrettyPrint: use :tocrlf | Christian Hesse | 1 | -5/+1 |
2024-07-16 | global-functions: $Dos2Unix: use :tolf | Christian Hesse | 1 | -5/+1 |
2024-07-16 | global-functions: $ScriptInstallUpdate: support storing with CRLF•••Adding this in `global-config-overlay` make the scripts being stored
with CRLF line breaks:
:global ScriptUpdatesCRLF true;
Handle with care, I do not recommend it. Thus it's just a hidden
setting.
| Christian Hesse | 1 | -1/+3 |
2024-07-16 | global-functions: $ScriptInstallUpdate: allow CRLF on device | Christian Hesse | 1 | -1/+2 |
2024-07-16 | global-functions: $ScriptInstallUpdate: forcibly convert to LF...•••... to make sure we do not have unintended CRLF line breaks.
| Christian Hesse | 1 | -2/+2 |
2024-07-04 | global-functions: $MkDir: enable tmpfs if disabled | Christian Hesse | 1 | -1/+6 |
2024-07-02 | global-functions: $GetMacVendor: cert 'GTS Root R4' | Christian Hesse | 1 | -1/+1 |
2024-06-21 | global-functions: $CertificateDownload: try fallback to mkcert.org•••There's a nice API that allows to download certificate by exact common
name. Let's use that, as a fallback at least.
https://mkcert.org/
change-131 | Christian Hesse | 1 | -11/+30 |
2024-06-21 | notify on changes regarding certificateschange-130 | Christian Hesse | 1 | -1/+1 |
2024-06-21 | certs: GTS CA 1C3 / GTS CA 1P5 -> GTS Root R1 | Christian Hesse | 1 | -1/+1 |
2024-06-21 | certs: R3 / R10 -> ISRG Root X1 | Christian Hesse | 1 | -1/+1 |
2024-06-21 | certs: E1 / E5 -> ISRG Root X2•••In the beginning of Let's Encrypt their root certificate ISRG Root X1
was not widely trusted, at least some older and/or mobile platforms were
missing that certificate in their root certificate store.
At that time Let's Encrypt was using an alternative chain of trust,
where a certificate was cross-signed with DST Root CA X3.
To make sure a valid chain of trust is available under all circumstances
a set of all certificates had to be supplied: both root vertificates
ISRG Root X1 & DST Root CA X3, and an intermediate certificate.
This was still true after DST Root CA X3 expired, as it could still be
used as a root anchor and was shipped by Let's Encrypt when requested. 🤪
This time is finally over, and we have a clean chain for trust ending in
ISRG Root X1 (or ISRG Root X2).
Well, actually it is the other way round... Let's Encrypt signs with
different tantamount intermediate certificates. There is not only E5, but
also E6 - and we can not know beforehand which one is used on renew.
So let's jetzt drop the intermediate certificates now, and rely on root
certificates only. We are perfectly fine with this these days.
Follow-up commits will do the same for *all* certificates.
The certificate is downloaded with:
curl -d '["ISRG Root X2"]' https://mkcert.org/generate/ | grep -v '^$' > certs/ISRG-Root-X2.pem
| Christian Hesse | 1 | -1/+1 |
2024-06-19 | Let's Encrypt changed their intermediate certificates•••https://letsencrypt.org/2024/03/19/new-intermediate-certificates
https://letsencrypt.org/certificates/
But let's keep the old ones around for now, as some sites are still
using the old intermediate.
| Christian Hesse | 1 | -1/+1 |
2024-06-01 | global-functions: $CleanName: no exception for dash...•••... as we still want to deduplicate it when it is inside the input
string. This also unbreak certificate import for "Go Daddy Secure
Certificate Authority - G2" (and more)...
| Christian Hesse | 1 | -1/+1 |
2024-05-23 | backup-partition: news on support for copy-overchange-129 | Christian Hesse | 1 | -1/+1 |
2024-05-15 | global-functions: $IsTimeSync: initialize with uptime...•••... to make sure the warning is not issued too early.
| Christian Hesse | 1 | -2/+2 |
2024-05-14 | fw-addr-lists: add 'strongips' list from blocklist.dechange-128 | Christian Hesse | 1 | -1/+1 |
2024-05-08 | global-functions: $IsTimeSync: add (one time) warning on failed ntp sync | Christian Hesse | 1 | -0/+1 |
2024-05-08 | global-functions: $IsTimeSync: log just once | Christian Hesse | 1 | -3/+3 |
2024-04-29 | global-functions: $WaitForFile: drop extra conversion | Christian Hesse | 1 | -1/+1 |
2024-04-29 | global-functions: $WaitForFile: respect minimum delay | Christian Hesse | 1 | -1/+2 |
2024-04-29 | global-functions: $WaitForFile: use fewer steps | Christian Hesse | 1 | -2/+2 |
2024-04-29 | global-functions: $CleanName: do not start with a dash | Christian Hesse | 1 | -4/+12 |
2024-04-29 | global-functions: $FetchHuge: remove temporary directory | Christian Hesse | 1 | -4/+5 |
2024-04-19 | global-functions: $CertificateDownload: remove with find...•••... to make sure this does not break when the file does no longer
exist. Starting with RouterOS 7.15rc1 the file is automatically
removed on import.
routeros-7.15rc1-1 | Christian Hesse | 1 | -1/+1 |
2024-04-19 | global-functions: introduce $ProtocolStrip | Christian Hesse | 1 | -0/+12 |
2024-04-15 | global-functions: $CertificateDownload: use single quotes | Christian Hesse | 1 | -2/+2 |
2024-04-15 | global-functions: $CertificateAvailable: use single quotes | Christian Hesse | 1 | -3/+3 |
2024-04-15 | mod/notification-ntfy: support basic auth•••Closes #59
change-127 | Christian Hesse | 1 | -1/+1 |
2024-04-11 | global-functions: $ScriptFromTerminal: check multiple invocations...•••... and return false.
We can not tell which job is us... So better safe than sorry.
| Christian Hesse | 1 | -1/+6 |
2024-04-11 | global-functions: $ScriptLock: break long lines | Christian Hesse | 1 | -2/+5 |
2024-04-11 | global-functions: $ScriptLock: degrade message to debug | Christian Hesse | 1 | -2/+2 |
2024-04-10 | global-functions: $SendNotification: set origin | Christian Hesse | 1 | -1/+1 |
2024-04-07 | global-functions: $HumanReadableNum: indicate binary base...•••... and update scripts to match the change.
| Christian Hesse | 1 | -2/+6 |
2024-04-07 | global-functions: drop $LogPrintExit2 | Christian Hesse | 1 | -22/+0 |
2024-04-06 | global-functions: $FetchHuge: remove file on failed download | Christian Hesse | 1 | -0/+3 |
2024-04-06 | global-functions: $FetchHuge: make sure to work with clean file names | Christian Hesse | 1 | -3/+4 |
2024-04-06 | global-functions: $FetchHuge: control check-certificate with parameter | Christian Hesse | 1 | -3/+7 |
2024-04-06 | global-functions: $FetchHuge: use custom user agent string | Christian Hesse | 1 | -1/+3 |
2024-04-06 | global-functions: introduce $FetchHugerouteros-7.13-4 | Christian Hesse | 1 | -1/+38 |
2024-04-02 | global-functions: drop $ParseJson | Christian Hesse | 1 | -61/+0 |
2024-04-01 | telegram-chat: read file content...•••... instead of getting it. This lifts the size limit, though we are
still limited by Telegram message size.
This requires RouterOS 7.13.
routeros-7.13-2change-126 | Christian Hesse | 1 | -1/+1 |
2024-03-31 | news on charge and fees | Christian Hesse | 1 | -1/+1 |
2024-03-29 | global-functions: rename $FetchUserAgent -> $FetchUserAgentStr•••... to make sure the function does not clash with the variable we had before,
as this causes issue with news and changes notification.
| Christian Hesse | 1 | -7/+7 |
2024-03-27 | global-functions: $HumanReadableNum: set declared function only | Christian Hesse | 1 | -1/+1 |
2024-03-27 | global-functions: $AlignRight: set declared function only | Christian Hesse | 1 | -1/+1 |
2024-03-27 | global-functions: $FetchUserAgent: set declared function only | Christian Hesse | 1 | -1/+1 |
2024-03-27 | global-functions: $LogPrintOnce: detect and warn on possible crash | Christian Hesse | 1 | -0/+5 |
2024-03-26 | global-functions: $LogPrintOnce: indicate action via return | Christian Hesse | 1 | -1/+2 |
2024-03-21 | telegram-chat: improve readability with symbols | Christian Hesse | 1 | -0/+1 |
2024-03-16 | global-functions: $CertificateDownload: download via clean name...•••... and rename certificates in repository.
| Christian Hesse | 1 | -9/+8 |
2024-03-16 | global-functions: generate user agent string in function...•••... and add the caller and my shortened url.
| Christian Hesse | 1 | -11/+16 |
2024-03-15 | global-functions: $LogPrintExit2: add deprecation warning | Christian Hesse | 1 | -0/+4 |
2024-03-15 | global-functions: $ScriptInstallUpdate: use shorter url | Christian Hesse | 1 | -1/+1 |
2024-03-14 | global-functions: $SymbolByUnicodeName: add these for later use | Christian Hesse | 1 | -0/+3 |
2024-03-13 | netwatch-notify: pass link to notification•••This is pass verbatim below the notification text.
change-124 | Christian Hesse | 1 | -1/+1 |
2024-03-12 | global-functions: switch to $LogPrint | Christian Hesse | 1 | -80/+82 |
2024-03-12 | global-functions: introduce $LogPrint, deprecate $LogPrintExit2change-123 | Christian Hesse | 1 | -4/+17 |
2024-03-12 | global-functions: $LogPrintOnce: drop support for exit•••This is not widely adopted or used, so let's just drop it - no
compatibility.
| Christian Hesse | 1 | -5/+4 |
2024-03-12 | global-functions: add architecture in user-agent string | Christian Hesse | 1 | -1/+6 |
2024-03-12 | global-config: support loading snippets•••This adds support for loading snippets, which need a name starting with
"global-config-overlay.d/". This allows to split off configuration if
desired.
change-122 | Christian Hesse | 1 | -1/+1 |
2024-03-12 | news on wifiwave2 EOLchange-121 | Christian Hesse | 1 | -1/+1 |
2024-03-12 | backup-cloud: catch error with :execute workaround•••Catching a runtime error here fails... So let's try a workaround
with :execute...
change-120 | Christian Hesse | 1 | -1/+1 |
2024-03-12 | global-functions: $ScriptLock: fix wording...•••... as this does (no longer) abort.
| Christian Hesse | 1 | -1/+1 |
2024-03-12 | global-functions: $ScriptLock: do not exit from global function | Christian Hesse | 1 | -5/+4 |
2024-03-12 | global-functions: $DownloadPackage: do not exit from global function | Christian Hesse | 1 | -1/+2 |
2024-03-12 | global-functions: use variable name $ScriptName | Christian Hesse | 1 | -2/+2 |
2024-02-29 | fw-addr-lists: add support for IPv6change-119 | Christian Hesse | 1 | -1/+1 |
2024-01-31 | global-functions: $CertificateNameByCN: use $CleanName | Christian Hesse | 1 | -3/+2 |
2024-01-31 | global-functions: introduce $CleanName | Christian Hesse | 1 | -0/+19 |
2024-01-31 | global-functions: $MkDir: drop declaration of unused functions | Christian Hesse | 1 | -2/+0 |
2024-01-31 | global-functions: $IsDNSResolving: drop declaration of unused function | Christian Hesse | 1 | -2/+0 |
2024-01-30 | global-functions: $ScriptInstallUpdate: warn just once...•••... for every script on required RouterOS version.
| Christian Hesse | 1 | -1/+2 |
2024-01-30 | global-functions: use :jobname to get script name | Christian Hesse | 1 | -1/+1 |
2024-01-30 | send a warning on storage sizechange-118 | Christian Hesse | 1 | -1/+1 |
2024-01-30 | packages-update: support deferred reboot on auto-update•••Closes #56
change-117 | Christian Hesse | 1 | -1/+1 |
2024-01-30 | global-functions: $RandomDelay: always scale to ms...•••... to randomize in friction of unit.
This requires :tonsec from RouterOS 7.12.
routeros-7.12-1 | Christian Hesse | 1 | -2/+3 |
2024-01-29 | global-functions: $RandomDelay: allow zero time, return immediately | Christian Hesse | 1 | -0/+4 |
2024-01-29 | global-functions: $RandomDelay: name the parameters | Christian Hesse | 1 | -1/+4 |
2024-01-20 | global-functions: $SymbolByUnicodeName: log warning on missing name | Christian Hesse | 1 | -0/+7 |
2024-01-20 | global-functions: $SymbolByUnicodeName: name the parameter | Christian Hesse | 1 | -1/+3 |
2024-01-18 | global-functions: log successful loading | Christian Hesse | 1 | -0/+5 |
2024-01-18 | global-functions: $LogPrintOnce: support exit | Christian Hesse | 1 | -1/+2 |
2024-01-16 | global-functions: $HexToNum: use :tonum | Christian Hesse | 1 | -7/+5 |
2024-01-08 | global-functions: $CertificateDownload: move delay up•••We still had cases where fetch misbehaves... But this was permanent.
Perhaps we should not touch the certificate too early...
| Christian Hesse | 1 | -1/+1 |
2024-01-01 | update copyright for 2024 | Christian Hesse | 1 | -1/+1 |
2023-12-22 | global-functions: $GetMacVendor: get new certificate•••The service now uses: GTS CA 1P5 -> GTS Root R1
| Christian Hesse | 1 | -1/+1 |
2023-12-05 | mention the donation hint...change-116 | Christian Hesse | 1 | -1/+3 |
2023-12-05 | celebrating ✨⭐ 1.000 stars ⭐✨ on Github!change-115 | Christian Hesse | 1 | -1/+2 |
2023-12-04 | global-functions: $FormatLine: use $CharacterMultiply | Christian Hesse | 1 | -1/+3 |
2023-12-04 | global-functions: $AlignRight: use $CharacterMultiply | Christian Hesse | 1 | -1/+2 |
2023-12-04 | global-functions: introduce $CharacterMultiply | Christian Hesse | 1 | -0/+10 |
2023-12-04 | global-functions: $DeviceInfo: add SNMP location and contact | Christian Hesse | 1 | -1/+6 |
2023-11-30 | global-functions: introduce $MIN | Christian Hesse | 1 | -0/+7 |