summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Pouzenc <ludovic@pouzenc.fr>2016-03-12 15:33:23 +0100
committerLudovic Pouzenc <ludovic@pouzenc.fr>2016-03-12 15:33:23 +0100
commitff242e6e618ee53ebcd7251f9c26ff721c7a03b4 (patch)
tree9faf48236ebc78a8e0d0ff1646bc4f10ac54ce80
parentedeaebe6e41d383c45553f3aca8328141e258fb9 (diff)
downloadchd_openwrt-ff242e6e618ee53ebcd7251f9c26ff721c7a03b4.zip
chd_openwrt-ff242e6e618ee53ebcd7251f9c26ff721c7a03b4.tar.gz
chd_openwrt-ff242e6e618ee53ebcd7251f9c26ff721c7a03b4.tar.bz2
Initial import.
-rw-r--r--.gitignore1
-rw-r--r--TODO3
-rwxr-xr-xbuild-openwrt-dev.sh408
-rwxr-xr-xbuild-openwrt.sh426
-rw-r--r--maj/00-generer-le-fichier-de-mise-a-jour.pngbin0 -> 97552 bytes
-rw-r--r--maj/01-adresse-routeur.pngbin0 -> 10805 bytes
-rw-r--r--maj/02-auth-routeur.pngbin0 -> 25005 bytes
-rw-r--r--maj/03-interface-admin.pngbin0 -> 68652 bytes
-rw-r--r--maj/04-menu-system-firmware-upgrade.pngbin0 -> 13320 bytes
-rw-r--r--maj/05-formulaire-upgrade.pngbin0 -> 81985 bytes
-rw-r--r--maj/06-selection-fichier-firmware.pngbin0 -> 69482 bytes
-rw-r--r--maj/07-verif-nom-fichier-firmware.pngbin0 -> 18115 bytes
-rw-r--r--maj/08-confirmation-upgrade.pngbin0 -> 12303 bytes
-rw-r--r--maj/09-flash-en-cours.pngbin0 -> 8762 bytes
-rw-r--r--maj/10-redemarrage-en-cours.pngbin0 -> 8933 bytes
-rw-r--r--maj/11-fin-du-redemarrage.pngbin0 -> 16384 bytes
-rw-r--r--maj/12-eventuel-probleme-de-chargement-de-page.pngbin0 -> 50361 bytes
-rw-r--r--maj/13-page-authentification-openwrt.pngbin0 -> 36992 bytes
-rw-r--r--maj/config.default.php3
-rw-r--r--maj/doc.html121
-rw-r--r--maj/gen-dev.php162
-rw-r--r--maj/gen.php162
-rw-r--r--maj/index.php139
-rw-r--r--maj/main.css99
-rw-r--r--maj/main.js200
-rw-r--r--maj/print.css17
26 files changed, 1741 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f34591c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+maj/config.php
diff --git a/TODO b/TODO
new file mode 100644
index 0000000..608fbd6
--- /dev/null
+++ b/TODO
@@ -0,0 +1,3 @@
+
+ * Router hostname customziation ?
+ * Unrecognized IP if comming from IPv6
diff --git a/build-openwrt-dev.sh b/build-openwrt-dev.sh
new file mode 100755
index 0000000..79ea750
--- /dev/null
+++ b/build-openwrt-dev.sh
@@ -0,0 +1,408 @@
+#!/bin/bash
+#
+# Work derived from ./quick_740n_ttn_bb.sh (Laurent Guerby <laurent@guery.net>)
+#
+# Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+#
+# CHD OpenWRT is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# CHD OpenWRT is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+#
+echo -n "$0 - " ; date
+
+# Directories and source file URL
+BUILD_DIR=${BUILD_DIR:-./build}
+CACHE_DIR=${CACHE_DIR:-.}
+ORIG_TARBALL=OpenWrt-ImageBuilder-15.05-ar71xx-generic.Linux-x86_64.tar.bz2
+ORIG_URL=http://downloads.openwrt.org/chaos_calmer/15.05/ar71xx/generic/$ORIG_TARBALL
+PACKAGES="luci luci-mod-admin-full ip" # Base packages
+PACKAGES="$PACKAGES luci-i18n-base-en luci-i18n-firewall-en luci-i18n-base-fr luci-i18n-firewall-fr" # internationnalisation
+PACKAGES="$PACKAGES miniupnpd luci-app-upnp luci-i18n-upnp-fr" # Extra packages
+PACKAGES="$PACKAGES kmod-ledtrig-default-on kmod-ledtrig-netdev kmod-ledtrig-timer kmod-ledtrig-usbdev kmod-leds-gpio" # Additionnal kernel modules
+PACKAGES="$PACKAGES -kmod-ppp -kmod-pppoe -kmod-pppox" # Unusefull kernel modules
+PACKAGES="$PACKAGES -luci-proto-ppp -ppp -ppp-mod-pppoe -odhcp6c" # Unusefull packages
+
+# Argument parsing
+if [ $# -lt 8 -o $# -gt 9 ]
+then echo "Usage: $0 <profile> <ip4pub> <lanip4addr> <ip6prefix> <root_passwd> <wireless_ssid> <wireless_key> <wireless_txpower> [wanip4addr]"
+ exit 1
+fi
+
+dnslist="185.131.40.1 fe80::31"
+
+profile=$1
+case "$profile" in
+ TLWR740|TLWR841)
+ ;;
+ *) echo "Unsupported profile '$profile', should be TLWR740 or TLWR841"
+ exit 2
+ ;;
+esac
+
+ip4pub=$2
+case "$ip4pub" in
+ 185.131.40.*) ;;
+ 185.131.41.*) ;;
+ *) echo "Unknown Ip4 $ip4pub"; exit 3;;
+esac
+
+lanip4addr=$3
+ip6prefix=$4
+wanip6addr=${ip6prefix}1/56
+lanip6addr=${ip6prefix%%0::}1::1/64
+wanip6ll=$(echo $ip6prefix | sed -e 's#.*:\(....:....\)::$#fe80::\1/64#')
+
+if [ '$1$' = "${5:0:3}" ]
+then root_password=$5
+else root_password=$(mkpasswd -5 "$5")
+fi
+
+wireless_ssid=$6
+wireless_key=$7
+case $8 in
+ -1) wireless_disabled=1; wireless_txpower=10 ;;
+ 0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16) wireless_disabled=0; wireless_txpower=$8 ;;
+ *) echo "Unknown txpower '$8'"; exit 4 ;;
+esac
+
+wanip4addr=${9:-'no-nat'}
+case "$wanip4addr" in
+ 172.16.20.*|172.16.21.*) wanip4mask=255.255.0.0; wanip4gw=172.16.0.254 ;;
+ *) wanip4addr=$ip4pub; wanip4mask=255.255.254.0; wanip4gw=185.131.40.1 ;;
+esac
+
+wanip6gw=fe80::31
+
+cat <<EOF
+wanip4addr: $wanip4addr
+wanip6addr: $wanip6addr
+lanip6addr: $lanip6addr
+wanip6ll: $wanip6ll
+root_password: $root_password
+
+
+EOF
+
+#########################
+# Prepare image builder #
+#########################
+if [ ! -f "$BUILD_DIR/Makefile" ]; then
+ if [ ! -s "$CACHE_DIR/$ORIG_TARBALL" ] ; then
+ wget -O "$CACHE_DIR/$ORIG_TARBALL" "$ORIG_URL"
+ fi
+ tar -x -C "$BUILD_DIR/" --strip-components=1 -f "$CACHE_DIR/$ORIG_TARBALL"
+fi
+
+cd "$BUILD_DIR/" || exit 5
+
+mkdir -p extra_files/etc/config extra_files/etc/dropbear extra_files/etc/hotplug.d/button
+
+###############################
+# Prepare Openwrt config file #
+###############################
+
+cat > extra_files/etc/dropbear/authorized_keys <<EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuRKy/uRhwFvR3JrCp2NKY0HUPl0m7INUjY9wemmEGA6pSH/9zb+MLX9ZfuDVo6gkMI2YZzdpwAZ7KE2tajDXHHl+KiycY3lcQizgQt3usxf7Eqz3pTWtZBOjrHs3hRloPugg8KXA8Sxko03f68v8lfUw+Kj4LHmnnozJc8Hxde3GjkFbyL9c9Z5rSYG82H217RWaSDnjYso9wyBZYkjTe6vu88fWls3+ZL8p8NdrgqMFO7C+zV38Mgk/G3PkC9SYdobgy58Cm/06jehWonuafZ6bXTH1J3qjogbcGfewNx4H4E7Lf1nl6UTdbAC24tZu3c/UXZQzND+yRRK1r0zen lpouzenc@ttn
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDpqlz2pyiBoGnC7FgnyXrb012hnnLFL0I0RColS/fLzJT4VL8t3/hPFy/Jbl4tX28Yw5G+Mc0WFzZ+KS1ebmYqBcXi2OGNm65HGsEMGUa+67g8PP0t+2OPRN05gFR4Cf4HFro3FdDf/R4mZOf5+Z1Z8fAyIhQ34x/0sl+hnt/nqbOdNlOSqzqyQmmKtzUKSh2CiffajAW/sVfD3HAG1CCiy+Z88df1v7kQ/HdFhFqtjcHrWLO/zgQBOCf3SMrZpead1B13DXCQLMeI98i+VIRB+K6c71FMIGU1Ohp5/FRWtHJ+3nFqRsKOWbBI0SmeMnz9wXkG7FQ2CaDUvg7vB0AZ cyril@cyril-master
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtfZ7UcydNGf5vpLgfvJRHs6Q08qKP1fIr8aXALg0+/pAlF5FEKMqwERpJ+B8YTmJl0MrrznPLPOUoaYqgJl5aqFww0zDNpbbtW6qDoQE85VRjEmchfbLae8s9q6eWW+CfNh0+7bwBPNTaPVq/FKfge4aR0GwA+ggzS9kPoLRPBM= nicolas@selenimh
+EOF
+
+cat > extra_files/etc/shadow <<EOF
+root:$root_password:15980:0:99999:7:::
+daemon:*:0:0:99999:7:::
+ftp:*:0:0:99999:7:::
+network:*:0:0:99999:7:::
+nobody:*:0:0:99999:7:::
+EOF
+
+cat > extra_files/etc/rc.local <<EOF
+# Put your custom commands here that should be executed once
+# the system init finished. By default this file does nothing.
+
+# generated on $(date)
+# generated from $(hostname):$(stat -c'%N %y' $0)
+
+exit 0
+EOF
+
+cat > extra_files/etc/config/network <<EOF
+config interface 'loopback'
+ option ifname 'lo'
+ option proto 'static'
+ option ipaddr '127.0.0.1'
+ option netmask '255.0.0.0'
+
+config interface 'lan'
+ option ifname 'eth0'
+ option type 'bridge'
+ option proto 'static'
+ option netmask '255.255.255.0'
+ option ipaddr '$lanip4addr'
+ option ip6addr '$lanip6addr'
+
+config interface 'wan'
+ option ifname 'eth1'
+ option _orig_ifname 'eth1'
+ option _orig_bridge 'false'
+ option proto 'static'
+ option ipaddr '$wanip4addr'
+ option netmask '$wanip4mask'
+ option dns '$dnslist'
+ option ip6addr '$wanip6addr'
+ option ip6gw '$wanip6gw'
+
+config switch
+ option name 'eth0'
+ option reset '1'
+ option enable_vlan '1'
+
+config switch_vlan
+ option device 'eth0'
+ option vlan '1'
+ option ports '0 1 2 3 4'
+
+config interface 'wan6'
+ option proto 'static'
+ option ifname 'eth1'
+ option send_rs '0'
+ option ip6addr '$wanip6ll'
+
+config route
+ option interface 'wan'
+ option onlink '1'
+ option target '0.0.0.0/0'
+ option gateway '$wanip4gw'
+EOF
+
+
+cat > extra_files/etc/config/wireless <<EOF
+config wifi-device 'radio0'
+ option type 'mac80211'
+ option phy 'phy0'
+ option channel '11'
+ option hwmode '11ng'
+ option htmode 'HT20'
+ list ht_capab 'SHORT-GI-20'
+ list ht_capab 'SHORT-GI-40'
+ list ht_capab 'RX-STBC1'
+ list ht_capab 'DSSS_CCK-40'
+ option country 'FR'
+ option txpower '$wireless_txpower'
+
+config wifi-iface
+ option device 'radio0'
+ option network 'lan'
+ option mode 'ap'
+ option ssid '$wireless_ssid'
+ option encryption 'psk2'
+ option key '$wireless_key'
+ option disabled '$wireless_disabled'
+EOF
+
+cat > extra_files/etc/config/dhcp <<EOF
+config dnsmasq
+ option domainneeded 1
+ option boguspriv 1
+ option filterwin2k 0 # enable for dial on demand
+ option localise_queries 1
+ option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
+ option rebind_localhost 1 # enable for RBL checking and similar services
+ option local '/lan/'
+ option domain 'lan'
+ option expandhosts 1
+ option nonegcache 0
+ option authoritative 1
+ option readethers 1
+ option leasefile '/tmp/dhcp.leases'
+ option resolvfile '/tmp/resolv.conf.auto'
+
+config dhcp lan
+ option interface lan
+ option start 100
+ option limit 150
+ option leasetime 12h
+ option dhcpv6 disabled
+ option ra server
+
+config dhcp wan
+ option interface wan
+ option ignore 1
+EOF
+
+cat > extra_files/etc/config/dropbear <<EOF
+config dropbear
+ option PasswordAuth 'off'
+ option Port '22'
+EOF
+
+cat > extra_files/etc/config/firewall <<EOF
+config defaults
+ option syn_flood '1'
+ option input 'ACCEPT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+
+config zone
+ option name 'lan'
+ option network 'lan'
+ option input 'ACCEPT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+
+config zone
+ option name 'wan'
+ option network 'wan'
+ option input 'REJECT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'wan'
+
+config rule
+ option name 'Allow-DHCP-Renew'
+ option src 'wan'
+ option proto 'udp'
+ option dest_port '68'
+ option target 'ACCEPT'
+ option family 'ipv4'
+
+config rule
+ option name 'Allow-Ping'
+ option src 'wan'
+ option proto 'icmp'
+ option icmp_type 'echo-request'
+ option family 'ipv4'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-DHCPv6'
+ option src 'wan'
+ option proto 'udp'
+ option src_ip 'fe80::/10'
+ option src_port '547'
+ option dest_ip 'fe80::/10'
+ option dest_port '546'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ICMPv6-Input'
+ option src 'wan'
+ option proto 'icmp'
+ list icmp_type 'echo-request'
+ list icmp_type 'echo-reply'
+ list icmp_type 'destination-unreachable'
+ list icmp_type 'packet-too-big'
+ list icmp_type 'time-exceeded'
+ list icmp_type 'bad-header'
+ list icmp_type 'unknown-header-type'
+ list icmp_type 'router-solicitation'
+ list icmp_type 'neighbour-solicitation'
+ list icmp_type 'router-advertisement'
+ list icmp_type 'neighbour-advertisement'
+ option limit '1000/sec'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ICMPv6-Forward'
+ option src 'wan'
+ option dest '*'
+ option proto 'icmp'
+ list icmp_type 'echo-request'
+ list icmp_type 'echo-reply'
+ list icmp_type 'destination-unreachable'
+ list icmp_type 'packet-too-big'
+ list icmp_type 'time-exceeded'
+ list icmp_type 'bad-header'
+ list icmp_type 'unknown-header-type'
+ option limit '1000/sec'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option target 'ACCEPT'
+ option src 'wan'
+ option proto 'tcp'
+ option dest_port '22'
+ option family 'ipv6'
+ option dest_ip 'fe80::/10'
+ option name 'Allow-ssh-maj-routeur'
+
+config include
+ option path '/etc/firewall.user'
+EOF
+
+cat > extra_files/etc/config/upnpd <<EOF
+config upnpd 'config'
+ option download '1024'
+ option upload '512'
+ option internal_iface 'lan'
+ option port '5000'
+ option upnp_lease_file '/var/upnp.leases'
+ option uuid 'acae4394-2186-4d96-92d1-b2c8d0819f37'
+ option enable_upnp '0'
+ option enable_natpmp '0'
+
+config perm_rule
+ option action 'allow'
+ option ext_ports '1024-65535'
+ option int_addr '0.0.0.0/0'
+ option int_ports '1024-65535'
+ option comment 'Allow high ports'
+
+config perm_rule
+ option action 'deny'
+ option ext_ports '0-65535'
+ option int_addr '0.0.0.0/0'
+ option int_ports '0-65535'
+ option comment 'Default deny'
+EOF
+
+cat > extra_files/etc/hotplug.d/button/01onoff <<"EOF"
+#!/bin/sh
+
+[ "$BUTTON" = "wps" ] && [ "$ACTION" = "pressed" ] && {
+ SW=$(uci get wireless.@wifi-device[0].disabled)
+ [ $SW == '0' ] && uci set wireless.@wifi-device[0].disabled=1
+ [ $SW == '0' ] || uci set wireless.@wifi-device[0].disabled=0
+ wifi
+}
+EOF
+
+#######################
+# Build Openwrt image #
+#######################
+
+# Bug fix for RC3 (make clean forget things)
+#if [ -d $BUILD_DIR/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp ]
+#then rm -r $BUILD_DIR/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp
+#fi
+
+make clean
+make image PROFILE=$profile PACKAGES="$PACKAGES" FILES="extra_files/"
+res=$?
+
+echo
+if [ $res -eq 0 ]
+then echo "Image ready: "
+ ls -la bin/ar71xx/openwrt-*-ar71xx-generic-tl-*-v[49]-squashfs-*
+ echo
+else echo "Something went wrong, sorry"
+fi
+
+echo -n "$0 - " ; date
+exit $res
diff --git a/build-openwrt.sh b/build-openwrt.sh
new file mode 100755
index 0000000..1442359
--- /dev/null
+++ b/build-openwrt.sh
@@ -0,0 +1,426 @@
+#!/bin/bash
+#
+# Work derived from ./quick_740n_ttn_bb.sh (Laurent Guerby <laurent@guery.net>)
+#
+# Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+#
+# CHD OpenWRT is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# CHD OpenWRT is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+#
+echo -n "$0 - " ; date
+
+# Directories and source file URL
+BUILD_DIR=${BUILD_DIR:-./build}
+CACHE_DIR=${CACHE_DIR:-.}
+ORIG_TARBALL=OpenWrt-ImageBuilder-15.05-ar71xx-generic.Linux-x86_64.tar.bz2
+ORIG_URL=http://downloads.openwrt.org/chaos_calmer/15.05/ar71xx/generic/$ORIG_TARBALL
+PACKAGES="luci luci-mod-admin-full ip" # Base packages
+PACKAGES="$PACKAGES luci-i18n-base-en luci-i18n-firewall-en luci-i18n-base-fr luci-i18n-firewall-fr" # internationnalisation
+PACKAGES="$PACKAGES miniupnpd luci-app-upnp luci-i18n-upnp-fr" # Extra packages
+PACKAGES="$PACKAGES kmod-ledtrig-default-on kmod-ledtrig-netdev kmod-ledtrig-timer kmod-ledtrig-usbdev kmod-leds-gpio" # Additionnal kernel modules
+PACKAGES="$PACKAGES -kmod-ppp -kmod-pppoe -kmod-pppox" # Unusefull kernel modules
+PACKAGES="$PACKAGES -luci-proto-ppp -ppp -ppp-mod-pppoe -odhcp6c" # Unusefull packages
+
+# Argument parsing
+if [ $# -lt 8 -o $# -gt 9 ]
+then echo "Usage: $0 <profile> <ip4pub> <lanip4addr> <ip6prefix> <root_passwd> <wireless_ssid> <wireless_key> <wireless_txpower> [wanip4addr]"
+ exit 1
+fi
+
+dnslist="185.131.40.1 fe80::31"
+
+profile=$1
+case "$profile" in
+ TLWR740|TLWR841)
+ ;;
+ *) echo "Unsupported profile '$profile', should be TLWR740 or TLWR841"
+ exit 2
+ ;;
+esac
+
+ip4pub=$2
+case "$ip4pub" in
+ 185.131.40.*) ;;
+ 185.131.41.*) ;;
+ *) echo "Unknown Ip4 $ip4pub"; exit 3;;
+esac
+
+lanip4addr=$3
+ip6prefix=$4
+wanip6addr=${ip6prefix}1/56
+lanip6addr=${ip6prefix%%0::}1::1/64
+wanip6ll=$(echo $ip6prefix | sed -e 's#.*:\(....:....\)::$#fe80::\1/64#')
+
+if [ '$1$' = "${5:0:3}" ]
+then root_password=$5
+else root_password=$(mkpasswd -5 "$5")
+fi
+
+wireless_ssid=$6
+wireless_key=$7
+case $8 in
+ -1) wireless_disabled=1; wireless_txpower=10 ;;
+ 0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16) wireless_disabled=0; wireless_txpower=$8 ;;
+ *) echo "Unknown txpower '$8'"; exit 4 ;;
+esac
+
+wanip4addr=${9:-'no-nat'}
+case "$wanip4addr" in
+ 172.16.20.*|172.16.21.*) wanip4mask=255.255.0.0; wanip4gw=172.16.0.254 ;;
+ *) wanip4addr=$ip4pub; wanip4mask=255.255.254.0; wanip4gw=185.131.40.1 ;;
+esac
+
+wanip6gw=fe80::31
+
+cat <<EOF
+wanip4addr: $wanip4addr
+wanip6addr: $wanip6addr
+lanip6addr: $lanip6addr
+wanip6ll: $wanip6ll
+root_password: $root_password
+
+
+EOF
+
+#########################
+# Prepare image builder #
+#########################
+if [ ! -f "$BUILD_DIR/Makefile" ]; then
+ if [ ! -s "$CACHE_DIR/$ORIG_TARBALL" ] ; then
+ wget -O "$CACHE_DIR/$ORIG_TARBALL" "$ORIG_URL"
+ fi
+ tar -x -C "$BUILD_DIR/" --strip-components=1 -f "$CACHE_DIR/$ORIG_TARBALL"
+fi
+
+cd "$BUILD_DIR/" || exit 5
+
+mkdir -p extra_files/etc/config extra_files/etc/dropbear extra_files/etc/hotplug.d/button
+
+###############################
+# Prepare Openwrt config file #
+###############################
+
+# Use local replication of repositories
+cat > repositories.conf <<"EOT"
+## Place your custom repositories here, they must match the architecture and version.
+# src/gz chaos_calmer http://downloads.openwrt.org/chaos_calmer/15.05/ar71xx/generic/packages
+# src custom file:///usr/src/openwrt/bin/ar71xx/packages
+
+## Remote package repositories
+src/gz chaos_calmer_base http://localhost/openwrt/chaos_calmer/15.05/ar71xx/generic/packages/base
+src/gz chaos_calmer_luci http://localhost/openwrt/chaos_calmer/15.05/ar71xx/generic/packages/luci
+src/gz chaos_calmer_packages http://localhost/openwrt/chaos_calmer/15.05/ar71xx/generic/packages/packages
+src/gz chaos_calmer_routing http://localhost/openwrt/chaos_calmer/15.05/ar71xx/generic/packages/routing
+src/gz chaos_calmer_telephony http://localhost/openwrt/chaos_calmer/15.05/ar71xx/generic/packages/telephony
+src/gz chaos_calmer_management http://localhost/openwrt/chaos_calmer/15.05/ar71xx/generic/packages/management
+
+## This is the local package repository, do not remove!
+src imagebuilder file:packages
+EOT
+
+cat > extra_files/etc/dropbear/authorized_keys <<EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuRKy/uRhwFvR3JrCp2NKY0HUPl0m7INUjY9wemmEGA6pSH/9zb+MLX9ZfuDVo6gkMI2YZzdpwAZ7KE2tajDXHHl+KiycY3lcQizgQt3usxf7Eqz3pTWtZBOjrHs3hRloPugg8KXA8Sxko03f68v8lfUw+Kj4LHmnnozJc8Hxde3GjkFbyL9c9Z5rSYG82H217RWaSDnjYso9wyBZYkjTe6vu88fWls3+ZL8p8NdrgqMFO7C+zV38Mgk/G3PkC9SYdobgy58Cm/06jehWonuafZ6bXTH1J3qjogbcGfewNx4H4E7Lf1nl6UTdbAC24tZu3c/UXZQzND+yRRK1r0zen lpouzenc@ttn
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDpqlz2pyiBoGnC7FgnyXrb012hnnLFL0I0RColS/fLzJT4VL8t3/hPFy/Jbl4tX28Yw5G+Mc0WFzZ+KS1ebmYqBcXi2OGNm65HGsEMGUa+67g8PP0t+2OPRN05gFR4Cf4HFro3FdDf/R4mZOf5+Z1Z8fAyIhQ34x/0sl+hnt/nqbOdNlOSqzqyQmmKtzUKSh2CiffajAW/sVfD3HAG1CCiy+Z88df1v7kQ/HdFhFqtjcHrWLO/zgQBOCf3SMrZpead1B13DXCQLMeI98i+VIRB+K6c71FMIGU1Ohp5/FRWtHJ+3nFqRsKOWbBI0SmeMnz9wXkG7FQ2CaDUvg7vB0AZ cyril@cyril-master
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtfZ7UcydNGf5vpLgfvJRHs6Q08qKP1fIr8aXALg0+/pAlF5FEKMqwERpJ+B8YTmJl0MrrznPLPOUoaYqgJl5aqFww0zDNpbbtW6qDoQE85VRjEmchfbLae8s9q6eWW+CfNh0+7bwBPNTaPVq/FKfge4aR0GwA+ggzS9kPoLRPBM= nicolas@selenimh
+EOF
+
+cat > extra_files/etc/shadow <<EOF
+root:$root_password:15980:0:99999:7:::
+daemon:*:0:0:99999:7:::
+ftp:*:0:0:99999:7:::
+network:*:0:0:99999:7:::
+nobody:*:0:0:99999:7:::
+EOF
+
+cat > extra_files/etc/rc.local <<EOF
+# Put your custom commands here that should be executed once
+# the system init finished. By default this file does nothing.
+
+# generated on $(date)
+# generated from $(hostname):$(stat -c'%N %y' $0)
+
+exit 0
+EOF
+
+cat > extra_files/etc/config/network <<EOF
+config interface 'loopback'
+ option ifname 'lo'
+ option proto 'static'
+ option ipaddr '127.0.0.1'
+ option netmask '255.0.0.0'
+
+config interface 'lan'
+ option ifname 'eth0'
+ option type 'bridge'
+ option proto 'static'
+ option netmask '255.255.255.0'
+ option ipaddr '$lanip4addr'
+ option ip6addr '$lanip6addr'
+
+config interface 'wan'
+ option ifname 'eth1'
+ option _orig_ifname 'eth1'
+ option _orig_bridge 'false'
+ option proto 'static'
+ option ipaddr '$wanip4addr'
+ option netmask '$wanip4mask'
+ option dns '$dnslist'
+ option ip6addr '$wanip6addr'
+ option ip6gw '$wanip6gw'
+
+config switch
+ option name 'eth0'
+ option reset '1'
+ option enable_vlan '1'
+
+config switch_vlan
+ option device 'eth0'
+ option vlan '1'
+ option ports '0 1 2 3 4'
+
+config interface 'wan6'
+ option proto 'static'
+ option ifname 'eth1'
+ option send_rs '0'
+ option ip6addr '$wanip6ll'
+
+config route
+ option interface 'wan'
+ option onlink '1'
+ option target '0.0.0.0/0'
+ option gateway '$wanip4gw'
+EOF
+
+
+cat > extra_files/etc/config/wireless <<EOF
+config wifi-device 'radio0'
+ option type 'mac80211'
+ option phy 'phy0'
+ option channel '11'
+ option hwmode '11ng'
+ option htmode 'HT20'
+ list ht_capab 'SHORT-GI-20'
+ list ht_capab 'SHORT-GI-40'
+ list ht_capab 'RX-STBC1'
+ list ht_capab 'DSSS_CCK-40'
+ option country 'FR'
+ option txpower '$wireless_txpower'
+
+config wifi-iface
+ option device 'radio0'
+ option network 'lan'
+ option mode 'ap'
+ option ssid '$wireless_ssid'
+ option encryption 'psk2'
+ option key '$wireless_key'
+ option disabled '$wireless_disabled'
+EOF
+
+cat > extra_files/etc/config/dhcp <<EOF
+config dnsmasq
+ option domainneeded 1
+ option boguspriv 1
+ option filterwin2k 0 # enable for dial on demand
+ option localise_queries 1
+ option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
+ option rebind_localhost 1 # enable for RBL checking and similar services
+ option local '/lan/'
+ option domain 'lan'
+ option expandhosts 1
+ option nonegcache 0
+ option authoritative 1
+ option readethers 1
+ option leasefile '/tmp/dhcp.leases'
+ option resolvfile '/tmp/resolv.conf.auto'
+
+config dhcp lan
+ option interface lan
+ option start 100
+ option limit 150
+ option leasetime 12h
+ option dhcpv6 disabled
+ option ra server
+
+config dhcp wan
+ option interface wan
+ option ignore 1
+EOF
+
+cat > extra_files/etc/config/dropbear <<EOF
+config dropbear
+ option PasswordAuth 'off'
+ option Port '22'
+EOF
+
+cat > extra_files/etc/config/firewall <<EOF
+config defaults
+ option syn_flood '1'
+ option input 'ACCEPT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+
+config zone
+ option name 'lan'
+ option network 'lan'
+ option input 'ACCEPT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+
+config zone
+ option name 'wan'
+ option network 'wan'
+ option input 'REJECT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'wan'
+
+config rule
+ option name 'Allow-DHCP-Renew'
+ option src 'wan'
+ option proto 'udp'
+ option dest_port '68'
+ option target 'ACCEPT'
+ option family 'ipv4'
+
+config rule
+ option name 'Allow-Ping'
+ option src 'wan'
+ option proto 'icmp'
+ option icmp_type 'echo-request'
+ option family 'ipv4'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-DHCPv6'
+ option src 'wan'
+ option proto 'udp'
+ option src_ip 'fe80::/10'
+ option src_port '547'
+ option dest_ip 'fe80::/10'
+ option dest_port '546'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ICMPv6-Input'
+ option src 'wan'
+ option proto 'icmp'
+ list icmp_type 'echo-request'
+ list icmp_type 'echo-reply'
+ list icmp_type 'destination-unreachable'
+ list icmp_type 'packet-too-big'
+ list icmp_type 'time-exceeded'
+ list icmp_type 'bad-header'
+ list icmp_type 'unknown-header-type'
+ list icmp_type 'router-solicitation'
+ list icmp_type 'neighbour-solicitation'
+ list icmp_type 'router-advertisement'
+ list icmp_type 'neighbour-advertisement'
+ option limit '1000/sec'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ICMPv6-Forward'
+ option src 'wan'
+ option dest '*'
+ option proto 'icmp'
+ list icmp_type 'echo-request'
+ list icmp_type 'echo-reply'
+ list icmp_type 'destination-unreachable'
+ list icmp_type 'packet-too-big'
+ list icmp_type 'time-exceeded'
+ list icmp_type 'bad-header'
+ list icmp_type 'unknown-header-type'
+ option limit '1000/sec'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option target 'ACCEPT'
+ option src 'wan'
+ option proto 'tcp'
+ option dest_port '22'
+ option family 'ipv6'
+ option dest_ip 'fe80::/10'
+ option name 'Allow-ssh-maj-routeur'
+
+config include
+ option path '/etc/firewall.user'
+EOF
+
+cat > extra_files/etc/config/upnpd <<EOF
+config upnpd 'config'
+ option download '1024'
+ option upload '512'
+ option internal_iface 'lan'
+ option port '5000'
+ option upnp_lease_file '/var/upnp.leases'
+ option uuid 'acae4394-2186-4d96-92d1-b2c8d0819f37'
+ option enable_upnp '0'
+ option enable_natpmp '0'
+
+config perm_rule
+ option action 'allow'
+ option ext_ports '1024-65535'
+ option int_addr '0.0.0.0/0'
+ option int_ports '1024-65535'
+ option comment 'Allow high ports'
+
+config perm_rule
+ option action 'deny'
+ option ext_ports '0-65535'
+ option int_addr '0.0.0.0/0'
+ option int_ports '0-65535'
+ option comment 'Default deny'
+EOF
+
+cat > extra_files/etc/hotplug.d/button/01onoff <<"EOF"
+#!/bin/sh
+
+[ "$BUTTON" = "wps" ] && [ "$ACTION" = "pressed" ] && {
+ SW=$(uci get wireless.@wifi-device[0].disabled)
+ [ $SW == '0' ] && uci set wireless.@wifi-device[0].disabled=1
+ [ $SW == '0' ] || uci set wireless.@wifi-device[0].disabled=0
+ wifi
+}
+EOF
+
+#######################
+# Build Openwrt image #
+#######################
+
+# Bug fix for RC3 (make clean forget things)
+#if [ -d $BUILD_DIR/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp ]
+#then rm -r $BUILD_DIR/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp
+#fi
+
+make clean
+make image PROFILE=$profile PACKAGES="$PACKAGES" FILES="extra_files/"
+res=$?
+
+echo
+if [ $res -eq 0 ]
+then echo "Image ready: "
+ ls -la bin/ar71xx/openwrt-*-ar71xx-generic-tl-*-v[49]-squashfs-*
+ echo
+else echo "Something went wrong, sorry"
+fi
+
+echo -n "$0 - " ; date
+exit $res
diff --git a/maj/00-generer-le-fichier-de-mise-a-jour.png b/maj/00-generer-le-fichier-de-mise-a-jour.png
new file mode 100644
index 0000000..9bf2450
--- /dev/null
+++ b/maj/00-generer-le-fichier-de-mise-a-jour.png
Binary files differ
diff --git a/maj/01-adresse-routeur.png b/maj/01-adresse-routeur.png
new file mode 100644
index 0000000..95e86b5
--- /dev/null
+++ b/maj/01-adresse-routeur.png
Binary files differ
diff --git a/maj/02-auth-routeur.png b/maj/02-auth-routeur.png
new file mode 100644
index 0000000..50ed3fc
--- /dev/null
+++ b/maj/02-auth-routeur.png
Binary files differ
diff --git a/maj/03-interface-admin.png b/maj/03-interface-admin.png
new file mode 100644
index 0000000..6184797
--- /dev/null
+++ b/maj/03-interface-admin.png
Binary files differ
diff --git a/maj/04-menu-system-firmware-upgrade.png b/maj/04-menu-system-firmware-upgrade.png
new file mode 100644
index 0000000..89898a6
--- /dev/null
+++ b/maj/04-menu-system-firmware-upgrade.png
Binary files differ
diff --git a/maj/05-formulaire-upgrade.png b/maj/05-formulaire-upgrade.png
new file mode 100644
index 0000000..88f3997
--- /dev/null
+++ b/maj/05-formulaire-upgrade.png
Binary files differ
diff --git a/maj/06-selection-fichier-firmware.png b/maj/06-selection-fichier-firmware.png
new file mode 100644
index 0000000..ceceb1d
--- /dev/null
+++ b/maj/06-selection-fichier-firmware.png
Binary files differ
diff --git a/maj/07-verif-nom-fichier-firmware.png b/maj/07-verif-nom-fichier-firmware.png
new file mode 100644
index 0000000..9f01dc9
--- /dev/null
+++ b/maj/07-verif-nom-fichier-firmware.png
Binary files differ
diff --git a/maj/08-confirmation-upgrade.png b/maj/08-confirmation-upgrade.png
new file mode 100644
index 0000000..1a6c63e
--- /dev/null
+++ b/maj/08-confirmation-upgrade.png
Binary files differ
diff --git a/maj/09-flash-en-cours.png b/maj/09-flash-en-cours.png
new file mode 100644
index 0000000..8acb268
--- /dev/null
+++ b/maj/09-flash-en-cours.png
Binary files differ
diff --git a/maj/10-redemarrage-en-cours.png b/maj/10-redemarrage-en-cours.png
new file mode 100644
index 0000000..c528198
--- /dev/null
+++ b/maj/10-redemarrage-en-cours.png
Binary files differ
diff --git a/maj/11-fin-du-redemarrage.png b/maj/11-fin-du-redemarrage.png
new file mode 100644
index 0000000..0e19a32
--- /dev/null
+++ b/maj/11-fin-du-redemarrage.png
Binary files differ
diff --git a/maj/12-eventuel-probleme-de-chargement-de-page.png b/maj/12-eventuel-probleme-de-chargement-de-page.png
new file mode 100644
index 0000000..1c46271
--- /dev/null
+++ b/maj/12-eventuel-probleme-de-chargement-de-page.png
Binary files differ
diff --git a/maj/13-page-authentification-openwrt.png b/maj/13-page-authentification-openwrt.png
new file mode 100644
index 0000000..8eeb057
--- /dev/null
+++ b/maj/13-page-authentification-openwrt.png
Binary files differ
diff --git a/maj/config.default.php b/maj/config.default.php
new file mode 100644
index 0000000..657ab12
--- /dev/null
+++ b/maj/config.default.php
@@ -0,0 +1,3 @@
+<?php
+
+$CONF_API_BASE_URL = "https://USERNAME:AN-HTACCESS-PASSWORD-MAY-THERE@serv.domain.tld/api";
diff --git a/maj/doc.html b/maj/doc.html
new file mode 100644
index 0000000..66519a5
--- /dev/null
+++ b/maj/doc.html
@@ -0,0 +1,121 @@
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=620">
+<title>Procédure à suivre</title>
+<link rel="stylesheet" href="main.css">
+<link rel="stylesheet" href="print.css" media="print">
+</head>
+<body>
+<h1>Procédure de mise à jour votre routeur TP-Link</h1>
+<h2>Je dois faire ça moi&nbsp;?</h2>
+<p>Cette mise à jour est destinée à tous les adhérents de Comminges Haut Débit qui utilisent le petit routeur blanc TP-LINK fourni par l'association. Nous en avons besoin pour la suite des améliorations de notre réseau.
+Nous avons prévu un outil qui permette à chacun d'être autonome.</p>
+<p><em>Aucune compétence informatique particulière n'est requise ; essayez par vous même, on épaulera si besoin.</em> Si vous êtes perdus, téléphonez au 05&nbsp;33&nbsp;00&nbsp;33&nbsp;36 (plutôt le soir).
+Si vous n'êtes pas à l'aise avec l'utilisation de plusieurs fenêtres en même temps, vous pouvez <a href="javascript:window.print()">imprimer cette procédure</a> (je ne dis pas ça parce qu'on a quelques antennes sur la cellulose).
+</p>
+
+<p>Cette mise à jour va permettre&nbsp;:</p>
+<ul>
+<li>de corriger les problèmes connus avec le Wifi de maison (déconnections aléatoires)</li>
+<li>de simplifier le déploiement des futures mises à jour (nous pourrons les automatiser)</li>
+<li>de permettre des modifiations dans le fonctionnement de notre réseau (suppression du NAT)</li>
+</ul>
+
+<h2>C'est compris, mais comment faire&nbsp;?</h2>
+
+<p>Il faut dérouler cette procédure depuis la connexion internet Comminges Haut Débit, et de préférence avec un ordinateur relié au routeur par un câble réseau. Utilisez le navigateur <a href="https://www.mozilla.org/fr/firefox/new/">Mozilla Firefox</a> (on a moins testé avec les autres).</p>
+
+
+<!--<p>Les grandes étapes sont :
+<ol>
+<li>Remplir un formulaire pour choisir les mots de passe de votre routeur</li>
+<li>Télécharger le fichier de mise à jour personnalisé</li>
+<li>Se connecter au logiciel existant de votre routeur</li>
+<li>Lui indiquer le fichier mise à jour</li>
+<li>Attendre 1 minute et se connecter au nouveau logiciel du routeur</li>
+<li>Vérifier que tout fonctionne chez vous</li>
+</ol>
+</p>
+
+<h2 style="page-break-before: always;">Procédure pas à pas et en images</h2>
+-->
+<h3>1. Remplir un formulaire pour choisir les mots de passe de votre routeur</h3>
+<p>Le formulaire est disponible ici : <a href="http://moniteur.chd.sx/maj" target="_blank">http://moniteur.chd.sx/maj</a>.<br>
+(ce lien s'ouvrira dans une nouvelle fenêtre ou onglet)</p>
+<p>
+Vous avez là deux mots de passes à choisir, et à saisir deux fois chacun&nbsp;:
+<ul>
+<li>Le premier est le mot de passe WiFi pour connecter des ordinateurs portables ou tablettes</li>
+<li>Le second vous permettra d'accéder à la configuration de votre routeur si vous en avez besoin</li>
+</ul>
+
+<em>Astuce</em>&nbsp;: Si vous renseignez le même nom de réseau WiFi (SSID) et le même mot de passe qu'actuellement (cf étiquette sur le routeur), alors les ordinateurs qui se sont déjà connectés chez vous ne demanderont rien à la prochaine connexion. Sinon, il faudra leur indiquer le nouveau nom du réseau ou le nouveau mot de passe.
+
+<h3>2. Télécharger le fichier de mise à jour</h3>
+
+<p>Une fois le formulaire rempli, cliquez sur le bouton "Générer le fichier de mise à jour". Il se grisera, il faudra patienter entre 20 secondes et une minute. Une boite de dialogue apparaîtra, choisissez "Enregistrer" comme illustré ci-dessous.</p>
+<img class="scale" src="00-generer-le-fichier-de-mise-a-jour" alt="00-generer-le-fichier-de-mise-a-jour">
+<p>Une fois ce fichier sauvegardé sur votre ordinateur, vous pouvez à présent fermer la page du formulaire.</p>
+
+<h3>3. Se connecter à votre routeur</h3>
+<p><em>Remarque</em>&nbsp;: D'origine, le nom d'utilisateur est <span class="tt">admin</span> et le mot de passe par défaut est <span class="tt">admin</span>.</p>
+<p><em>Première méthode</em>&nbsp;: vous pouvez cliquer simplement sur ce lien&nbsp;: <a href="http://admin:admin@192.168.1.1" target="_blank">http://192.168.1.1</a> et vous devriez arriver directement sur la page verte TP-Link. (dans ce cas, sautez à l'étape 4)
+</p>
+<p><em>Deuxième méthode</em>&nbsp;: ouvrez une nouvelle fenêtre ou onglet dans votre navigateur, et saisissez l'adresse LAN de votre routeur comme illustré.</p>
+
+<img class="scale" src="01-adresse-routeur.png" alt="01-adresse-routeur.png">
+<p>Si cela ne fonctionne pas, il est possible que votre routeur ait une adresse différente. Les adhérents anciens ou ayant eu des soucis avec le routeur peuvent avoir l'adresse <span class="tt">192.168.0.1</span> et non pas <span class="tt">192.168.1.1</span>.
+</p>
+<img class="scale" src="02-auth-routeur.png" alt="02-auth-routeur.png">
+
+<p>Les deux méthodes vous permettent d'arriver la page d'accueil du routeur, comme illustré ci-dessous.<br>
+(Certes ça parle patois, mais promis, il n'y a pas besoin de déchiffrer)</p>
+<img class="scale" src="03-interface-admin.png" alt="03-interface-admin.png">
+
+<h3>4. Lui indiquer le fichier mise à jour</h3>
+<!--<img class="scale" src="04-menu-system-firmware-upgrade.png" alt="04-menu-system-firmware-upgrade.png">-->
+<p>Dans la page d'accueil du routeur, dans le menu sur la gauche, cliquez sur "System Tools" puis "Firmware Upgrade". Vous obtiendrez la page illustrée ci-dessous.
+</p>
+<img class="scale" src="05-formulaire-upgrade.png" alt="05-formulaire-upgrade.png">
+<p>Vérifiez dans cette page qu'en face de <b>Hardware version</b>, il y ait écrit <span class="tt">WR740N v4</span> ou bien <span class="tt">WR841N v9</span>. Si ce n'est pas le cas, contactez-nous car cette mise à jour n'est pas compatible avec votre routeur, nous vous en confierons un autre.</p>
+
+<p> Cliquez sur le bouton "Parcourir...", puis sélectionnez le fichier que vous avez téléchargé tout à l'heure depuis le formulaire. Son nom est <span class="tt">mise-a-jour-routeur-TLWRxxxxx.bin</span>. Si vous ne savez pas dans quel dossier il est, il s'est probablement rangé automatiquement dans votre dossier <span class="tt">Téléchargements</span>. Une fois sélectionné, cliquez sur Ouvrir.</p>
+
+<img class="scale" src="06-selection-fichier-firmware.png" alt="06-selection-fichier-firmware.png">
+
+<p>Vérifiez sur le nom du fichier à droite du bouton Parcourir est bien <span class="tt">mise-a-jour-routeur-TLWRxxxxx.bin</span> puis cliquez sur le bouton "Upgrade" et confirmez avec le bouton OK.</p>
+<img class="scale" src="07-verif-nom-fichier-firmware.png" alt="07-verif-nom-fichier-firmware.png"><br>
+<img src="08-confirmation-upgrade.png" alt="08-confirmation-upgrade.png">
+
+<h3>5. Attendre 1 minute et se connecter au nouveau logiciel du routeur</h3>
+<p>Il n'y a aucune intervention de votre part pendant cette étape. Voici les illustrations de ce qui devrait se passer.</p>
+
+<img src="09-flash-en-cours.png" alt="09-flash-en-cours.png"><br>
+<img src="10-redemarrage-en-cours.png" alt="10-redemarrage-en-cours.png"><br>
+<img src="11-fin-du-redemarrage.png" alt="11-fin-du-redemarrage.png">
+
+<h3>6. Vérifier que tout fonctionne chez vous</h3>
+
+<p>Il se peut que juste après la mise à jour vous ayez un message d'erreur comme celui-ci&nbsp;:</p>
+<img class="scale" src="12-eventuel-probleme-de-chargement-de-page.png" alt="12-eventuel-probleme-de-chargement-de-page.png">
+
+<p>Pas de panique, votre ordinateur n'a peut-être pas encore accroché le réseau.</p>
+<ul>
+<li>Attendre quelques secondes et cliquez réessayer</li>
+<li>Si c'est pas mieux, débrancher le câble réseau au niveau de l'ordinateur pendant 10 secondes, rebrancher, attendre 30 secondes, cliquez réessayer</li>
+<li>Si vous avez personnalisé l'adresse LAN dans le formulaire, votre navigateur n'a pas la bonne adresse, remplacez-la et validez par Entrée</li>
+<li>Essayez une recherche sur votre moteur de recherche favori pour vérifier que vous avez accès à internet</li>
+</ul>
+
+<p>Le routeur devrait afficher maintenant la page de connexion de OpenWRT. Vous pouvez visiter l'interface d'administration du routeur avec le mot de passe que vous avez choisi ou fermer cette fenêtre.</p>
+
+<img src="13-page-authentification-openwrt.png" alt="13-page-authentification-openwrt.png">
+
+<p>Vérifiez que tous vos équipements ont accès à internet. Certains peuvent avoir besoin d'être rébranché puis rebranché au réseau, ou bien seront en attente du mot de passe WiFi.</p>
+
+
+<p>Si quelque chose c'est mal passé, contactez-nous, comme indiqué <a href="#top">en haut de cette page</a>.</p>
+</body>
+</html>
diff --git a/maj/gen-dev.php b/maj/gen-dev.php
new file mode 100644
index 0000000..5226813
--- /dev/null
+++ b/maj/gen-dev.php
@@ -0,0 +1,162 @@
+<?php
+/**
+ * Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+ *
+ * CHD OpenWRT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * CHD OpenWRT is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+**/
+
+function validate($regex, $index, $message, &$errors) {
+ if (isset($_POST[$index]) && 1 === preg_match($regex, $_POST[$index])) {
+ return true;
+ }
+ if (is_array($errors)) $errors[$index] = $message . ' (' . (isset($_POST[$index])?$_POST[$index]:'vide') . ')';
+ return false;
+}
+
+function checksame($index1, $index2, $message, &$errors) {
+ if (
+ isset($_POST[$index1])
+ && isset($_POST[$index2])
+ && ($_POST[$index1] === $_POST[$index2])
+ ) {
+ return true;
+ }
+ $errors[$index] = $message;
+ return false;
+}
+$pattern_ipv4_optionnal='/(^|((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4})$/';
+$pattern_ipv4='/((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4}$/';
+$pattern_ipv6='/^(((?=.*(::))(?!.*\3.+\3))\3?|([\dA-F]{1,4}(\3|:\b|$)|\2))(?4){5}((?4){2}|(((2[0-4]|1\d|[1-9])?\d|25[0-5])\.?\b){4})\z/i';
+$pattern_pass6='/^[^\']{6,64}$/u';
+$pattern_pass8='/^[^\']{8,64}$/u';
+$pattern_ssid='/^[\w._-]{1,32}$/';
+$pattern_iden='/^[\w._-]*$/';
+$pattern_rev='/^\d[\d.]*$/';
+$pattern_int='/^-?\d+$/';
+
+$errors=array();
+$ignore=NULL;
+$res = validate($pattern_iden, 'profile', 'Profil matériel du routeur incorrect', $errors);
+$res &= validate($pattern_rev, 'revision', 'Révision matérielle du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv4, 'ip4pub', 'Adresse IPv4 publique du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv4_optionnal, 'ip4wan', 'Adresse IPv4 WAN du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv4, 'ip4lan', 'Adresse IPv4 LAN du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv6, 'ip6prefix', 'Préfixe IPv6 du routeur incorrect', $errors);
+//$res &= validate($pattern_ipv6, 'ip6wanll', 'Adresse IPv6 WAN Link Local incorrecte', $errors);
+$res &= validate($pattern_pass6, 'pwd1', 'Mot de passe du routeur incorrect', $errors);
+$res &= validate($pattern_pass6, 'pwd2', 'Mot de passe du routeur incorrect', $ignore);
+$res &= validate($pattern_ssid, 'ssid', 'Nom du réseau WiFi (SSID) incorrect', $errors);
+$res &= validate($pattern_pass8, 'key1', 'Mot de passe du WiFi incorrect', $errors);
+$res &= validate($pattern_pass8, 'key2', 'Mot de passe du WiFi incorrect', $ignore);
+$res &= validate($pattern_int, 'txpower', 'Puissance d\'émission WiFi incorrecte', $errors);
+$res &= checksame('pwd1', 'pwd2', 'Les mots de passes ne correspondent pas', $errors);
+$res &= checksame('key1', 'key2', 'Les mots de passes ne correspondent pas', $errors);
+
+switch ($_POST['profile']) {
+ case 'TLWR740':
+ switch($_POST['revision']) {
+ case '4':
+ $profile='TLWR740';
+ $revision='4';
+ $user_filename='mise-a-jour-routeur-TLWR740v4.bin';
+ $gen_filename='bin/ar71xx/openwrt-15.05-ar71xx-generic-tl-wr740n-v4-squashfs-factory.bin';
+ break;
+ default:
+ $errors['revision'] = 'Routeur non supporté (' . (isset($_POST['revision'])?$_POST[$index]:'vide') . ')';
+ $res = false;
+ }
+ break;
+ case 'TLWR841':
+ switch($_POST['revision']) {
+ case '9':
+ $profile='TLWR841';
+ $revision='9';
+ //$user_filename='wr841nv9_wr841ndv9_en_3_16_9_up(150310).bin';
+ $user_filename='mise-a-jour-routeur-TLWR841v9.bin';
+ $gen_filename='bin/ar71xx/openwrt-15.05-ar71xx-generic-tl-wr841n-v9-squashfs-factory.bin';
+ break;
+ default:
+ $errors['revision'] = 'Routeur non supporté (' . (isset($_POST['revision'])?$_POST[$index]:'vide') . ')';
+ $res = false;
+ }
+ break;
+ default:
+ $errors['profile'] = 'Routeur non supporté (' . (isset($_POST[$index])?$_POST['profile']:'vide') . ')';
+ $res = false;
+
+}
+
+if ( !$res ) {
+ echo "<!DOCTYPE html>\n<html>\n<head>\n<meta charset=\"utf-8\" />\n</head>\n<body>\n<h2>Oops, une erreur s'est produite</h2><div>Il y a un problème avec les renseignements fournis<br><ul>\n";
+ foreach ($errors as $k=>$v) {
+ echo "<li>$v</li>\n";
+ }
+ echo '</ul><input action="action" type="button" value="Revenir au formulaire" onclick="history.go(-1);" />'."</div>\n</body>\n</html>\n";
+ exit();
+}
+
+// Prevent escapeshellarg to eat UTF-8 non ASCII chars
+setlocale(LC_CTYPE, "fr_FR.UTF-8");
+
+$basepath='/var/cache/build-openwrt-dev';
+$scriptfile='build-openwrt-dev.sh';
+$lockfile='/run/lock/build-openwrt-dev.lock';
+
+
+// Escape everything and build command-line
+$ip4pub=escapeshellarg($_POST['ip4pub']);
+$lanip4addr=escapeshellarg($_POST['ip4lan']);
+$ip6prefix=escapeshellarg($_POST['ip6prefix']);
+//$wanip6ll=escapeshellarg($_POST['ip6wanll']);
+$root_passwd=escapeshellarg($_POST['pwd1']);
+$wireless_ssid=escapeshellarg($_POST['ssid']);
+$wireless_key=escapeshellarg($_POST['key1']);
+$wireless_txpower=escapeshellarg($_POST['txpower']);
+$wanip4addr=escapeshellarg($_POST['ip4wan']);
+
+# build-openwrt <profile> <ip4pub> <lanip4addr> <ip6prefix> <root_passwd> <wireless_ssid> <wireless_key> <wireless_txpower> [ip4wan]
+$command=escapeshellcmd($scriptfile);
+$command .= " $profile $ip4pub $lanip4addr $ip6prefix $root_passwd $wireless_ssid $wireless_key $wireless_txpower $wanip4addr 2>&1";
+
+// Prevent multiple parallel executions of the generation part
+$fh=fopen($lockfile, 'w+');
+if ( ! is_resource($fh) ) {
+ echo "PROBLEM opening lock file\n";
+ exit();
+}
+
+if ( ! flock($fh, LOCK_EX) ) {
+ echo "PROBLEM acquiring lock file\n";
+ exit();
+}
+
+putenv("CACHE_DIR=$basepath/");
+putenv("BUILD_DIR=$basepath/build/");
+exec($command, $output, $return_val);
+
+// Dump script output in /tmp for troobleshooting
+file_put_contents(tempnam('/tmp' , $scriptfile.'_'), array($command, "\n", print_r($output,true), "\n",$return_val,"\n"));
+
+if ( $return_val === 0 ) {
+ header('Content-Type: application/octet-stream');
+ header("Content-Disposition: attachment; filename=$user_filename");
+ readfile("$basepath/build/$gen_filename");
+} else {
+ echo "<pre>\n$command\n\n";
+ echo join($output, "\n") . "\n\n";
+ echo "Command return value : "; var_dump($return_val);
+}
+
+fclose($fh);
+
diff --git a/maj/gen.php b/maj/gen.php
new file mode 100644
index 0000000..700150a
--- /dev/null
+++ b/maj/gen.php
@@ -0,0 +1,162 @@
+<?php
+/**
+ * Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+ *
+ * CHD OpenWRT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * CHD OpenWRT is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+**/
+
+function validate($regex, $index, $message, &$errors) {
+ if (isset($_POST[$index]) && 1 === preg_match($regex, $_POST[$index])) {
+ return true;
+ }
+ if (is_array($errors)) $errors[$index] = $message . ' (' . (isset($_POST[$index])?$_POST[$index]:'vide') . ')';
+ return false;
+}
+
+function checksame($index1, $index2, $message, &$errors) {
+ if (
+ isset($_POST[$index1])
+ && isset($_POST[$index2])
+ && ($_POST[$index1] === $_POST[$index2])
+ ) {
+ return true;
+ }
+ $errors[$index] = $message;
+ return false;
+}
+$pattern_ipv4_optionnal='/(^|((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4})$/';
+$pattern_ipv4='/((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4}$/';
+$pattern_ipv6='/^(((?=.*(::))(?!.*\3.+\3))\3?|([\dA-F]{1,4}(\3|:\b|$)|\2))(?4){5}((?4){2}|(((2[0-4]|1\d|[1-9])?\d|25[0-5])\.?\b){4})\z/i';
+$pattern_pass6='/^[^\']{6,64}$/u';
+$pattern_pass8='/^[^\']{8,64}$/u';
+$pattern_ssid='/^[\w._-]{1,32}$/';
+$pattern_iden='/^[\w._-]*$/';
+$pattern_rev='/^\d[\d.]*$/';
+$pattern_int='/^-?\d+$/';
+
+$errors=array();
+$ignore=NULL;
+$res = validate($pattern_iden, 'profile', 'Profil matériel du routeur incorrect', $errors);
+$res &= validate($pattern_rev, 'revision', 'Révision matérielle du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv4, 'ip4pub', 'Adresse IPv4 publique du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv4_optionnal, 'ip4wan', 'Adresse IPv4 WAN du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv4, 'ip4lan', 'Adresse IPv4 LAN du routeur incorrecte', $errors);
+$res &= validate($pattern_ipv6, 'ip6prefix', 'Préfixe IPv6 du routeur incorrect', $errors);
+//$res &= validate($pattern_ipv6, 'ip6wanll', 'Adresse IPv6 WAN Link Local incorrecte', $errors);
+$res &= validate($pattern_pass6, 'pwd1', 'Mot de passe du routeur incorrect', $errors);
+$res &= validate($pattern_pass6, 'pwd2', 'Mot de passe du routeur incorrect', $ignore);
+$res &= validate($pattern_ssid, 'ssid', 'Nom du réseau WiFi (SSID) incorrect', $errors);
+$res &= validate($pattern_pass8, 'key1', 'Mot de passe du WiFi incorrect', $errors);
+$res &= validate($pattern_pass8, 'key2', 'Mot de passe du WiFi incorrect', $ignore);
+$res &= validate($pattern_int, 'txpower', 'Puissance d\'émission WiFi incorrecte', $errors);
+$res &= checksame('pwd1', 'pwd2', 'Les mots de passes ne correspondent pas', $errors);
+$res &= checksame('key1', 'key2', 'Les mots de passes ne correspondent pas', $errors);
+
+switch ($_POST['profile']) {
+ case 'TLWR740':
+ switch($_POST['revision']) {
+ case '4':
+ $profile='TLWR740';
+ $revision='4';
+ $user_filename='mise-a-jour-routeur-TLWR740v4.bin';
+ $gen_filename='bin/ar71xx/openwrt-15.05-ar71xx-generic-tl-wr740n-v4-squashfs-factory.bin';
+ break;
+ default:
+ $errors['revision'] = 'Routeur non supporté (' . (isset($_POST['revision'])?$_POST[$index]:'vide') . ')';
+ $res = false;
+ }
+ break;
+ case 'TLWR841':
+ switch($_POST['revision']) {
+ case '9':
+ $profile='TLWR841';
+ $revision='9';
+ //$user_filename='wr841nv9_wr841ndv9_en_3_16_9_up(150310).bin';
+ $user_filename='mise-a-jour-routeur-TLWR841v9.bin';
+ $gen_filename='bin/ar71xx/openwrt-15.05-ar71xx-generic-tl-wr841n-v9-squashfs-factory.bin';
+ break;
+ default:
+ $errors['revision'] = 'Routeur non supporté (' . (isset($_POST['revision'])?$_POST[$index]:'vide') . ')';
+ $res = false;
+ }
+ break;
+ default:
+ $errors['profile'] = 'Routeur non supporté (' . (isset($_POST[$index])?$_POST['profile']:'vide') . ')';
+ $res = false;
+
+}
+
+if ( !$res ) {
+ echo "<!DOCTYPE html>\n<html>\n<head>\n<meta charset=\"utf-8\" />\n</head>\n<body>\n<h2>Oops, une erreur s'est produite</h2><div>Il y a un problème avec les renseignements fournis<br><ul>\n";
+ foreach ($errors as $k=>$v) {
+ echo "<li>$v</li>\n";
+ }
+ echo '</ul><input action="action" type="button" value="Revenir au formulaire" onclick="history.go(-1);" />'."</div>\n</body>\n</html>\n";
+ exit();
+}
+
+// Prevent escapeshellarg to eat UTF-8 non ASCII chars
+setlocale(LC_CTYPE, "fr_FR.UTF-8");
+
+$basepath='/var/cache/build-openwrt';
+$scriptfile='build-openwrt.sh';
+$lockfile='/run/lock/build-openwrt.lock';
+
+
+// Escape everything and build command-line
+$ip4pub=escapeshellarg($_POST['ip4pub']);
+$lanip4addr=escapeshellarg($_POST['ip4lan']);
+$ip6prefix=escapeshellarg($_POST['ip6prefix']);
+//$wanip6ll=escapeshellarg($_POST['ip6wanll']);
+$root_passwd=escapeshellarg($_POST['pwd1']);
+$wireless_ssid=escapeshellarg($_POST['ssid']);
+$wireless_key=escapeshellarg($_POST['key1']);
+$wireless_txpower=escapeshellarg($_POST['txpower']);
+$wanip4addr=escapeshellarg($_POST['ip4wan']);
+
+# build-openwrt <profile> <ip4pub> <lanip4addr> <ip6prefix> <root_passwd> <wireless_ssid> <wireless_key> <wireless_txpower> [ip4wan]
+$command=escapeshellcmd($scriptfile);
+$command .= " $profile $ip4pub $lanip4addr $ip6prefix $root_passwd $wireless_ssid $wireless_key $wireless_txpower $wanip4addr 2>&1";
+
+// Prevent multiple parallel executions of the generation part
+$fh=fopen($lockfile, 'w+');
+if ( ! is_resource($fh) ) {
+ echo "PROBLEM opening lock file\n";
+ exit();
+}
+
+if ( ! flock($fh, LOCK_EX) ) {
+ echo "PROBLEM acquiring lock file\n";
+ exit();
+}
+
+putenv("CACHE_DIR=$basepath/");
+putenv("BUILD_DIR=$basepath/build/");
+exec($command, $output, $return_val);
+
+// Dump script output in /tmp for troobleshooting
+file_put_contents(tempnam('/tmp' , $scriptfile.'_'), array($command, "\n", print_r($output,true), "\n",$return_val,"\n"));
+
+if ( $return_val === 0 ) {
+ header('Content-Type: application/octet-stream');
+ header("Content-Disposition: attachment; filename=$user_filename");
+ readfile("$basepath/build/$gen_filename");
+} else {
+ echo "<pre>\n$command\n\n";
+ echo join($output, "\n") . "\n\n";
+ echo "Command return value : "; var_dump($return_val);
+}
+
+fclose($fh);
+
diff --git a/maj/index.php b/maj/index.php
new file mode 100644
index 0000000..f9ed143
--- /dev/null
+++ b/maj/index.php
@@ -0,0 +1,139 @@
+<?php
+/**
+ * Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+ *
+ * CHD OpenWRT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * CHD OpenWRT is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+**/
+
+require_once('config.php');
+?>
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=620">
+ <title>Mise à jour du routeur</title>
+ <link rel="stylesheet" href="main.css">
+</head>
+<body>
+<!-- Local IP detection tricks via WebRTC and iframe
+<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>-->
+<script src="main.js"></script>
+<?php
+ //FIXME : support IPv6 also
+ if ( array_key_exists('ip', $_GET) ) {
+ $ip4pub=$_GET['ip'];
+ } else {
+ $ip4pub=$_SERVER['REMOTE_ADDR'];
+ }
+
+ if ( preg_match('/^185\.131\.4[01]\.[0-9]{1,3}$/', $ip4pub)!==1 ) {
+ echo "<div>Erreur&nbsp;: L'adresse publique $ip4pub n'est pas reconnue</div></body></html>\n";
+ exit();
+ }
+
+ $rest = file_get_contents($CONF_API_BASE_URL . "/gen_firm.php?ip4pub=".urlencode($ip4pub), false, NULL, 0, 256);
+ if ( $rest === FALSE ) {
+ echo "<div>Erreur&nbsp;: Pb webservice</div></body></html>\n";
+ exit();
+ }
+
+ $result = json_decode($rest);
+ if ( !array_key_exists("initiales", $result) ) {
+ echo "<div>Erreur&nbsp;: Pb retour webservice</div></body></html>\n";
+ exit();
+ }
+ $ip4wan = $result->ip4wan;
+ $ip6prefix = $result->ip6prefix;
+ $constructeur = $result->constructeur;
+ $modele = $result->modele;
+ $profile = $result->profile;
+ $revision = $result->revision;
+ $adt_initiales = $result->initiales;
+
+ $action=array_key_exists('dev', $_GET)?"gen-dev.php":"gen.php";
+?>
+<div>
+<form id="form_main" method="POST" action="<?=$action?>" style="width: 33em">
+ <fieldset>
+ <legend>Paramètres du réseau WiFi de maison</legend>
+ <label>Nom du réseau (SSID)&nbsp;:</label>
+ <span>
+ <input id="field_ssid" size="24" title="Le nom du réseau peut contenir des lettres, des nombres, des occurences de '.' (point), '-' (tiret) ou '_' (underscore). Maximum de 32 caractères." type="text" required pattern="[\w\._-]{1,32}" name="ssid" value="<?=$adt_initiales?>_CommingesHautDebit.net">
+ </span>
+
+ <label>Mot de passe Wifi&nbsp;:</label>
+ <span>
+ <input id="field_key1" size="24" title="Le mot de passe doit être composé de 8 à 63 caractères, devrait inclure des majuscules et des minuscules, des nombres ou des caractères spéciaux" type="password" required pattern="^[^']{8,64}$" name="key1">
+ </span>
+
+ <label>Confirmation mot de passe&nbsp;:</label>
+ <span>
+ <input id="field_key2" size="24" title="Merci de saisir le même mot de passe que dans le champ précédent" type="password" required name="key2">
+ </span>
+ <label>Puissance d'émission WiFi&nbsp;:</label>
+ <span>
+ <input id="field_txpower" style="width: 14.8em;" type="range" min="-1" max="16" value="13" title="Merci de choisir la puissance d'émission du WiFi à l'intérieur de l'habitat.&#10;L'échelle va de 0 dBm (1 mW) à 16 dBm (39 mW), hors gain d'antenne." name="txpower">
+ <table><tr><td style="width:8em">Désactivé</td><td style="width:9em;">Moyen</td><td>Fort</td></table>
+ </span>
+ </fieldset>
+ <fieldset>
+ <legend>Administration du routeur</legend>
+ <label>Modèle du routeur&nbsp;:</label>
+ <span>
+ <?=$constructeur . " " . $modele."\n"?>
+ <input name="profile" type="hidden" value="<?=$profile?>">
+ <input name="revision" type="hidden" value="<?=$revision?>">
+ </span>
+ <label>Adresse IPv4 publique&nbsp;:</label>
+ <span>
+ <?=$ip4pub?><input name="ip4pub" type="hidden" value="<?=$ip4pub?>">
+ </span>
+ <label>IPv4 WAN du routeur&nbsp;:</label>
+ <span>
+ <?=$ip4wan?$ip4wan:'n/a'?><input name="ip4wan" type="hidden" value="<?=$ip4wan?>">
+ </span>
+ <label>IPv4 LAN du routeur&nbsp;:</label>
+ <span>
+ <input id="field_ip4lan" size="24" title="L'adresse IP doit respecter le format nnn.nnn.nnn.nnn" type="text" required pattern="((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4}$" name="ip4lan" value="192.168.1.1">
+ </span>
+ <label>Préfixe IPv6 public&nbsp;:</label>
+ <span>
+ <?=$ip6prefix?><input name="ip6prefix" type="hidden" value="<?=$ip6prefix?>">
+ </span>
+ <label>Mot de passe du routeur&nbsp;:</label>
+ <span>
+ <input id="field_pwd1" size="24" title="Le mot de passe doit être composé de 6 à 64 caractères, devrait inclure des majuscules et des minuscules, des nombres ou des caractères spéciaux" type="password" required pattern="^[^']{6,64}$" name="pwd1">
+ </span>
+
+ <label>Confirmation mot de passe&nbsp;:</label>
+ <span>
+ <input id="field_pwd2" size="24" title="Merci de saisir le même mot de passe que dans le champ précédent" type="password" required name="pwd2">
+ </span>
+ </fieldset>
+ <div class="fieldset">
+ <div class="label"><a href="doc.html" target="_blank">Consulter la procédure à suivre</a></div>
+ <span><input id="btn_gen" type="submit" value="Valider et télécharger la mise à jour"></span>
+ </div>
+ <div style="margin-top:1em;">
+ <ul style="padding-left:2em; margin-top:0;">
+ <li>Utilisez ce formulaire depuis votre propre connexion internet CHD&nbsp;;</li>
+ <li>Réutilisez les anciens paramètres WiFi si vous souhaitez éviter de devoir retapper le mot de passe sur vos équipements WiFi&nbsp;;</li>
+ <li>Changez le mot de passe d'administration (initialement&nbsp;: <tt>admin</tt>)&nbsp;;</li>
+ </ul>
+ </div>
+</form>
+</div>
+</body>
+</html>
diff --git a/maj/main.css b/maj/main.css
new file mode 100644
index 0000000..8d23e8f
--- /dev/null
+++ b/maj/main.css
@@ -0,0 +1,99 @@
+/**
+ * Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+ *
+ * CHD OpenWRT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * CHD OpenWRT is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+**/
+
+body {
+ font-family: Verdana,Arial,Helvetica,sans-serif;
+ font-size: 14px;
+ line-height: 1.5;
+}
+
+fieldset {
+ border: 2px solid #E0D8B7;
+ background: none repeat scroll 0% 0% #fcfaf0;
+ color: #000;
+ margin: 1em 0px;
+ padding: 10px;
+}
+
+.fieldset {
+ padding: 0 10px;
+}
+
+legend {
+ padding: 1px 8px;
+ border: 2px solid #E0D8B7;
+ border-radius: 6px / 12px;
+ box-shadow: none;
+ background: none repeat scroll 0% 0% #FFF;
+ font-size: 14px;
+ color: #5E5223;
+}
+
+fieldset label {
+ font-size: 12px;
+}
+
+fieldset label, .label {
+ float: left;
+ clear: left;
+ padding-right: 0.5em;
+ width: 14.5em;
+ text-align: right;
+ font-size: 100%;
+ color: #333;
+}
+
+form span {
+ display: block;
+ margin: 0px 0px 0px 15em;
+ padding: 0px 0px 4px 4px;
+}
+
+input:required:invalid, input:focus:invalid, textarea:required:invalid, textarea:focus:invalid {
+ background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAwAAAAMCAYAAABWdVznAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAT1JREFUeNpi/P//PwMpgImBRMACY/x7/uDX39sXt/67cMoDyOVgMjBjYFbV/8kkqcCBrIER5KS/967s+rmkXxzI5wJiRSBm/v8P7NTfHHFFl5mVdIzhGv4+u///x+xmuAlcdXPB9KeqeLgYd3bDU2ZpRRmwH4DOeAI07QXIRKipYPD35184/nn17CO4p/+cOfjl76+/X4GYAYThGn7/g+Mfh/ZZwjUA/aABpJVhpv6+dQUjZP78Z0YEK7OezS2gwltg64GmfTu6i+HL+mUMP34wgvGvL78ZOEysf8M1sGgZvQIqfA1SDAL8iUUMPIFRQLf+AmMQ4DQ0vYYSrL9vXDz2sq9LFsiX4dLRA0t8OX0SHKzi5bXf2HUMBVA0gN356N7p7xdOS3w5fAgcfNxWtn+BJi9gVVBOQfYPQIABABvRq3BwGT3OAAAAAElFTkSuQmCC');
+ background-position: right top;
+ background-repeat: no-repeat;
+ box-shadow: none;
+}
+
+fieldset input, fieldset textarea, fieldset select {
+ padding: 2px 4px;
+ border: 1px solid #ccc;
+ border-radius: 2px;
+ background: none repeat scroll 0% 0% #fff;
+ line-height: 1.1;
+ font-family: inherit;
+ font-size: 1.1em;
+ margin: 0;
+}
+
+input[type="submit"], input[type="reset"], input[type="button"] {
+ padding: 2px 6px;
+ border: 1px solid #b5bbc4;
+ background: linear-gradient(to bottom, #fff, #dae6f1) repeat scroll 0% 0% #f7fafc;
+ font-size: 100%;
+ color: #333;
+}
+
+img {
+ border: 2em #ccc solid;
+ margin:1em 0 1em 3em;
+}
+
+span.tt {
+ font-family:'Lucida Console', monospace;
+}
diff --git a/maj/main.js b/maj/main.js
new file mode 100644
index 0000000..a880b92
--- /dev/null
+++ b/maj/main.js
@@ -0,0 +1,200 @@
+/**
+ * Copyright 2016 Ludovic Pouzenc <ludovic@pouzenc.fr>
+ *
+ * CHD OpenWRT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * CHD OpenWRT is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with CHD OpenWRT. If not, see <http://www.gnu.org/licenses/>.
+**/
+
+/*
+document.onreadystatechange = function () {
+ console.log("document.onreadystatechange");
+};
+
+document.onunload = function () {
+ console.log("document.onunload");
+ for(var i=0; i<1000000000; i++) {}
+};*/
+
+document.addEventListener("DOMContentLoaded", function() {
+ console.log("DOMContentLoaded");
+
+ // HTML5 form validation
+ var supports_input_validity = function() { var i = document.createElement("input"); return "setCustomValidity" in i; }
+
+ if(supports_input_validity()) {
+ var pwd1Input = document.getElementById("field_pwd1");
+ var pwd2Input = document.getElementById("field_pwd2");
+ var key1Input = document.getElementById("field_key1");
+ var key2Input = document.getElementById("field_key2");
+
+ pwd2Input.addEventListener("keyup", function() {
+ this.setCustomValidity(
+ (this.value!=pwd1Input.value)?pwd2Input.title:""
+ )}, false);
+
+ key2Input.addEventListener("keyup", function() {
+ this.setCustomValidity(
+ (this.value!=key1Input.value)?key2Input.title:""
+ )}, false);
+ }
+
+ /* Range slider value update
+ var txpower = document.getElementById("field_txpower");
+ var txpowerText = document.getElementById("field_txpower_text");
+ txpower.addEventListener("change", function(e) {
+ txpowerText.value=txpower.value + " dB";
+ }, true);
+ */
+ var btn_gen = document.getElementById("btn_gen");
+ btn_gen.value="Générer le fichier de mise à jour";
+
+ // Additionnal form validation (on submit)
+ var checkForm = function(e) {
+
+ if (this.pwd1.value != this.pwd2.value) {
+ this.pwd1.focus();
+ e.preventDefault();
+ return;
+ }
+ if (this.key1.value != this.key2.value) {
+ this.key1.focus();
+ e.preventDefault();
+ return;
+ }
+ // Safari needs this one too
+ if (!e.target.checkValidity()) {
+ e.preventDefault();
+ return;
+ }
+ // Form will pass, disable the form button to prevent multiple clicks
+ var btn_gen = document.getElementById("btn_gen");
+ btn_gen.value="Patientez puis sauvez le fichier";
+ btn_gen.disabled=true;
+ btn_gen.style.color="gray";
+ };
+ var form_main = document.getElementById("form_main");
+ form_main.addEventListener("submit", checkForm, true);
+
+ // Guess of current LAN gateway
+ var field_ip4lan = document.getElementById("field_ip4lan");
+ getIPs(function(ip){
+ console.log(ip);
+ var res = ip.match(/^192\.168\.\d+/);
+ if ( res ) {
+ // Dumb guess of gateway IP
+ field_ip4lan.value = res + ".1";
+ }
+ });
+
+}, false);
+
+
+window.addEventListener('unload', function(event) {
+ console.log('unload');
+
+ // Revert submit button to inital state if history.go(-1) was used
+ var btn_gen = document.getElementById("btn_gen");
+ btn_gen.value="Générer le fichier de mise à jour";
+ btn_gen.disabled=false;
+ btn_gen.style.color="black";
+
+});
+
+
+// LAN IPs detection
+function getIPs(callback){
+ var ip_dups = {};
+
+ //compatibility for firefox and chrome
+ var RTCPeerConnection = window.RTCPeerConnection
+ || window.mozRTCPeerConnection
+ || window.webkitRTCPeerConnection;
+ var useWebKit = !!window.webkitRTCPeerConnection;
+
+ if(!RTCPeerConnection){
+ return; // The following code pops JS errors on Safari
+ }
+
+ //bypass naive webrtc blocking using an iframe
+ if(!RTCPeerConnection){
+ //NOTE: you need to have an iframe in the page right above the script tag
+ //
+ //<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>
+ //<script>...getIPs called in here...
+ //
+ var win = iframe.contentWindow;
+ RTCPeerConnection = win.RTCPeerConnection
+ || win.mozRTCPeerConnection
+ || win.webkitRTCPeerConnection;
+ useWebKit = !!win.webkitRTCPeerConnection;
+ }
+
+ //minimal requirements for data connection
+ var mediaConstraints = {
+optional: [{RtpDataChannels: true}]
+ };
+
+ //firefox already has a default stun server in about:config
+ // media.peerconnection.default_iceservers =
+ // [{"url": "stun:stun.services.mozilla.com"}]
+ var servers = undefined;
+
+ //add same stun server for chrome
+ if(useWebKit)
+ servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
+
+ //construct a new RTCPeerConnection
+ var pc = new RTCPeerConnection(servers, mediaConstraints);
+
+ function handleCandidate(candidate){
+ //match just the IP address
+ var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3})/
+ var ip_addr = ip_regex.exec(candidate)[1];
+
+ //remove duplicates
+ if(ip_dups[ip_addr] === undefined)
+ callback(ip_addr);
+
+ ip_dups[ip_addr] = true;
+ }
+
+ //listen for candidate events
+ pc.onicecandidate = function(ice){
+
+ //skip non-candidate events
+ if(ice.candidate)
+ handleCandidate(ice.candidate.candidate);
+ };
+
+ //create a bogus data channel
+ pc.createDataChannel("");
+
+ //create an offer sdp
+ pc.createOffer(function(result){
+
+ //trigger the stun server request
+ pc.setLocalDescription(result, function(){}, function(){});
+
+ }, function(){});
+
+ //wait for a while to let everything done
+ setTimeout(function(){
+ //read candidate info from local description
+ var lines = pc.localDescription.sdp.split('\n');
+
+ lines.forEach(function(line){
+ if(line.indexOf('a=candidate:') === 0)
+ handleCandidate(line);
+ });
+ }, 1000);
+}
diff --git a/maj/print.css b/maj/print.css
new file mode 100644
index 0000000..609bbe0
--- /dev/null
+++ b/maj/print.css
@@ -0,0 +1,17 @@
+
+body {
+ font-family: Verdana,Arial,Helvetica,sans-serif;
+ font-size: 10pt;
+ line-height: 1.5;
+ margin: 0;
+}
+
+img {
+ border: thick #ccc solid;
+ margin: 0;
+}
+
+img.scale {
+ width: 96%;
+}
+