#!rsc # RouterOS script: daily-psk # Copyright (c) 2013-2018 Christian Hesse <mail@eworm.de> # # update daily PSK (pre shared key) :global "identity"; :global "daily-psk-match-comment"; :global SendNotification; :local seen [ :toarray "" ]; # return pseudo-random string for PSK :local GeneratePSK do={ :local date $1; :global "daily-psk-secrets"; :local months { "jan"; "feb"; "mar"; "apr"; "may"; "jun"; "jul"; "aug"; "sep"; "oct"; "nov"; "dec" } :local monthtbl { 0; 3; 3; 6; 1; 4; 6; 2; 5; 0; 3; 5 } :local monthstr [ :pick $date 0 3 ]; :local month; :local day [ :pick $date 4 6 ]; :local century [ :pick $date 7 9 ]; :local year [ :pick $date 9 11 ]; # get numeric value for month :for mindex from=0 to=[ :len $months ] do={ :if ([ :pick $months $mindex ] = $monthstr) do={ :set month $mindex; } } # calculate day of week :local sum 0; :set sum ($sum + (2 * (3 - ($century - (($century / 4) * 4))))); :set sum ($sum + ($year / 4)); :set sum ($sum + $year + $day); :set sum ($sum + $month); :set sum ($sum - (($sum / 7) * 7)); :local return ([ :pick [ :pick $"daily-psk-secrets" 0 ] ($day - 1) ] . \ [ :pick [ :pick $"daily-psk-secrets" 1 ] $month ] . \ [ :pick [ :pick $"daily-psk-secrets" 2 ] $sum ]); :return $return; } :local date [ / system clock get date ]; :local newpsk [ $GeneratePSK $date ]; :foreach acclist in=[ / interface wireless access-list find where comment~$"daily-psk-match-comment" ] do={ :local intname [ / interface wireless access-list get $acclist interface ]; :local interface [ / interface wireless find where name=$intname disabled=no ]; :local ssid [ / interface wireless get $intname ssid ]; :local oldpsk [ / interface wireless access-list get $acclist private-pre-shared-key ]; :local skip 0; :if ($newpsk != $oldpsk) do={ :log info ("Updating daily PSK for " . $intname . " to " . $newpsk . " (was " . $oldpsk . ")"); / interface wireless access-list set $acclist private-pre-shared-key=$newpsk; :if ([ :len $interface ] = 1) do={ :foreach "seen-ssid" in=$seen do={ :if ($"seen-ssid" = $ssid) do={ :log debug ("Already sent a mail for SSID " . $ssid . ", skipping."); :set skip 1; } } :if ($skip = 0) do={ :set $seen ( $seen, $ssid ); :local host "www.eworm.de" :local srcpath ("/cgi-bin/cqrlogo-wifi.cgi" . \ "?scale=8" . \ "&level=1" . \ "&ssid=" . $ssid . \ "&pass=" . $newpsk); / tool fetch mode=https check-certificate=yes-without-crl address=$host host=$host \ src-path=$srcpath dst-path=qrcode-daily.png; $SendNotification ("[" . $identity . "] daily PSK " . $ssid) \ ("This is the daily PSK on " . $identity . ":\n\n" . \ "SSID: " . $ssid . "\n" . \ "PSK: " . $newpsk . "\n" . \ "Date: " . [ / system clock get date ] . "\n\n" . \ "https://" . $host . $srcpath) \ "qrcode-daily.png"; } } else={ :log debug ("Missing active interface " . $intname . " for access list entry."); } } }