Pull request #1269: tls: hide saved private key

Merge in DNS/adguard-home from 1898-hide-private-key to master

Squashed commit of the following:

commit 542569bbc098541f8e191cc5c1e5509a65fe2c5f
Merge: a07d715f 756c7064
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Fri Aug 27 13:29:15 2021 +0300

    Merge branch 'master' into 1898-hide-private-key

commit a07d715f0f0932fdad4ec3f1e1a265b43809e21b
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 19:45:39 2021 +0300

    fix bug

commit 9f2b70719a24aab827c2dc300fc94bf2202527a7
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 19:07:17 2021 +0300

    fixes

commit e79f0e620844531a737fff5a88f5c2cffc403f51
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 18:35:32 2021 +0300

    more documentation to god of documentation

commit 47790964ed05f50c075f6b6497b1517b0d974bea
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 18:23:08 2021 +0300

    changed var named && fixed description

commit d35de5a34eafb3ffbd1148982dd31735a2000377
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 18:11:13 2021 +0300

    revert locales

commit 514ab1a5d90039bf9aad1389dd0ed966fd1a7e65
Merge: 5d9b992a 16092e8b
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 14:41:27 2021 +0300

    Merge branch 'master' into 1898-hide-private-key

commit 5d9b992a236dec276a46a035509da6938a7da7bf
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Thu Aug 26 14:41:13 2021 +0300

    here we go again

commit 2e7b30df5f19953f4e055394083be62b23028ad6
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Fri Aug 20 17:11:49 2021 +0300

    update deps

commit 5e58c3e22a77c42f321deb9707f34f031b345d75
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Fri Aug 20 17:10:19 2021 +0300

    small fix

commit c2096377de0a8ecf4f36567322ad9171c5fb5ab2
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Fri Aug 20 17:07:45 2021 +0300

    fixes && updated translations

commit ada2d4784e6288b1740b8564b6ffc1ef8f0dcf68
Merge: dc5ce072 550b1798
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Fri Aug 20 13:17:34 2021 +0300

    Merge branch 'master' into 1898-hide-private-key

commit dc5ce0721b5c095ed79f2a302ad90d9616785f93
Author: Dmitriy Seregin <d.seregin@adguard.com>
Date:   Fri Aug 13 20:12:18 2021 +0300

    tls: hide saved private key

    If private key saved as a string, then hide it from the answer to UI
This commit is contained in:
Dmitry Seregin
2021-08-27 13:42:31 +03:00
parent 756c70644d
commit 8454e65cd9
15 changed files with 476 additions and 309 deletions

View File

@@ -613,5 +613,6 @@
"port_53_faq_link": "Port 53 is often occupied by \"DNSStubListener\" or \"systemd-resolved\" services. Please read <0>this instruction</0> on how to resolve this.",
"adg_will_drop_dns_queries": "AdGuard Home will be dropping all DNS queries from this client.",
"client_not_in_allowed_clients": "The client is not allowed because it is not in the \"Allowed clients\" list.",
"experimental": "Experimental"
"experimental": "Experimental",
"use_saved_key": "Use the previously saved key"
}

View File

@@ -451,7 +451,6 @@ export const findActiveDhcp = (name) => async (dispatch, getState) => {
dispatch(addErrorToast({ error: 'dhcp_static_ip_error' }));
}
if (isError) {
dispatch(addErrorToast({ error: 'dhcp_error' }));
}

View File

@@ -39,7 +39,6 @@ import CustomRules from '../../containers/CustomRules';
import Services from '../Filters/Services';
import Logs from '../Logs';
const ROUTES = [
{
path: MENU_URLS.root,

View File

@@ -17,7 +17,6 @@ const renderLink = ({ url, name }) => <a
<strong>{name}</strong>
</a>;
const getTrackerInfo = (trackerData) => [{
key: 'name_table_header',
value: trackerData,

View File

@@ -20,7 +20,6 @@ const renderInterfaces = (interfaces) => Object.keys(interfaces)
return <option value={name} key={name}>{optionContent}</option>;
});
const getInterfaceValues = ({
gateway_ip,
hardware_address,

View File

@@ -18,7 +18,7 @@ import i18n from '../../../i18n';
import KeyStatus from './KeyStatus';
import CertificateStatus from './CertificateStatus';
import {
DNS_OVER_QUIC_PORT, DNS_OVER_TLS_PORT, FORM_NAME, STANDARD_HTTPS_PORT,
DNS_OVER_QUIC_PORT, DNS_OVER_TLS_PORT, FORM_NAME, STANDARD_HTTPS_PORT, ENCRYPTION_SOURCE,
} from '../../../helpers/constants';
const validate = (values) => {
@@ -46,6 +46,7 @@ const clearFields = (change, setTlsConfig, t) => {
server_name: '',
force_https: false,
enabled: false,
private_key_saved: false,
};
// eslint-disable-next-line no-alert
if (window.confirm(t('encryption_reset'))) {
@@ -83,6 +84,7 @@ let Form = (props) => {
setTlsConfig,
certificateSource,
privateKeySource,
privateKeySaved,
} = props;
const isSavingDisabled = invalid
@@ -265,7 +267,7 @@ let Form = (props) => {
</div>
</div>
{certificateSource === 'content' && (
{certificateSource === ENCRYPTION_SOURCE.CONTENT && (
<Field
id="certificate_chain"
name="certificate_chain"
@@ -277,7 +279,7 @@ let Form = (props) => {
disabled={!isEnabled}
/>
)}
{certificateSource === 'path' && (
{certificateSource === ENCRYPTION_SOURCE.PATH && (
<Field
id="certificate_path"
name="certificate_path"
@@ -318,7 +320,7 @@ let Form = (props) => {
component={renderRadioField}
type="radio"
className="form-control mr-2"
value="path"
value={ENCRYPTION_SOURCE.PATH}
placeholder={t('encryption_key_source_path')}
disabled={!isEnabled}
/>
@@ -327,28 +329,15 @@ let Form = (props) => {
component={renderRadioField}
type="radio"
className="form-control mr-2"
value="content"
value={ENCRYPTION_SOURCE.CONTENT}
placeholder={t('encryption_key_source_content')}
disabled={!isEnabled}
/>
</div>
</div>
{privateKeySource === 'content' && (
{privateKeySource === ENCRYPTION_SOURCE.PATH && (
<Field
id="private_key"
name="private_key"
component="textarea"
type="text"
className="form-control form-control--textarea"
placeholder={t('encryption_key_input')}
onChange={handleChange}
disabled={!isEnabled}
/>
)}
{privateKeySource === 'path' && (
<Field
id="private_key_path"
name="private_key_path"
component={renderInputField}
type="text"
@@ -358,6 +347,36 @@ let Form = (props) => {
disabled={!isEnabled}
/>
)}
{privateKeySource === ENCRYPTION_SOURCE.CONTENT && [
<Field
key="private_key_saved"
name="private_key_saved"
type="checkbox"
className="form__group form__group--settings mb-2"
component={CheckboxField}
disabled={!isEnabled}
placeholder={t('use_saved_key')}
onChange={(event) => {
if (event.target.checked) {
change('private_key', '');
}
if (handleChange) {
handleChange(event);
}
}}
/>,
<Field
id="private_key"
key="private_key"
name="private_key"
component="textarea"
type="text"
className="form-control form-control--textarea"
placeholder={t('encryption_key_input')}
onChange={handleChange}
disabled={!isEnabled || privateKeySaved}
/>,
]}
</div>
<div className="form__status">
{(privateKey || privateKeyPath) && (
@@ -422,6 +441,7 @@ Form.propTypes = {
setTlsConfig: PropTypes.func.isRequired,
certificateSource: PropTypes.string,
privateKeySource: PropTypes.string,
privateKeySaved: PropTypes.bool,
};
const selector = formValueSelector(FORM_NAME.ENCRYPTION);
@@ -434,6 +454,7 @@ Form = connect((state) => {
const privateKeyPath = selector(state, 'private_key_path');
const certificateSource = selector(state, 'certificate_source');
const privateKeySource = selector(state, 'key_source');
const privateKeySaved = selector(state, 'private_key_saved');
return {
isEnabled,
certificateChain,
@@ -442,6 +463,7 @@ Form = connect((state) => {
privateKeyPath,
certificateSource,
privateKeySource,
privateKeySaved,
};
})(Form);

View File

@@ -29,9 +29,13 @@ class Encryption extends Component {
}, DEBOUNCE_TIMEOUT);
getInitialValues = (data) => {
const { certificate_chain, private_key } = data;
const certificate_source = certificate_chain ? 'content' : 'path';
const key_source = private_key ? 'content' : 'path';
const { certificate_chain, private_key, private_key_saved } = data;
const certificate_source = certificate_chain
? ENCRYPTION_SOURCE.CONTENT
: ENCRYPTION_SOURCE.PATH;
const key_source = private_key || private_key_saved
? ENCRYPTION_SOURCE.CONTENT
: ENCRYPTION_SOURCE.PATH;
return {
...data,
@@ -41,7 +45,9 @@ class Encryption extends Component {
};
getSubmitValues = (values) => {
const { certificate_source, key_source, ...config } = values;
const {
certificate_source, key_source, private_key_saved, ...config
} = values;
if (certificate_source === ENCRYPTION_SOURCE.PATH) {
config.certificate_chain = '';
@@ -49,10 +55,15 @@ class Encryption extends Component {
config.certificate_path = '';
}
if (values.key_source === ENCRYPTION_SOURCE.PATH) {
if (key_source === ENCRYPTION_SOURCE.PATH) {
config.private_key = '';
} else {
config.private_key_path = '';
if (private_key_saved) {
config.private_key = '';
config.private_key_saved = private_key_saved;
}
}
return config;
@@ -71,6 +82,7 @@ class Encryption extends Component {
private_key,
certificate_path,
private_key_path,
private_key_saved,
} = encryption;
const initialValues = this.getInitialValues({
@@ -84,6 +96,7 @@ class Encryption extends Component {
private_key,
certificate_path,
private_key_path,
private_key_saved,
});
return (

View File

@@ -1,3 +1,4 @@
// eslint-disable-next-line import/no-extraneous-dependencies
import twosky from 'MainRoot/.twosky.json';
export const {

View File

@@ -47,7 +47,6 @@ Submit = connect((state) => {
};
})(Submit);
export default flow([
withTranslation(),
reduxForm({