product info file and associated use cases #1446 #1540

(cherry picked from commit d7834708)
(cherry picked from commit fbac6fb1)
(cherry picked from commit 8c31aa3c)
(cherry picked from commit bbb0d208)
(cherry picked from commit 88ddc985)
(cherry picked from commit fb93a51c)
(cherry picked from commit 8f4acc30)

plist

@@ -11,9 +11,9 @@
 /usr/local/etc/inc/auth.inc
 /usr/local/etc/inc/authgui.inc
 /usr/local/etc/inc/certs.inc
-/usr/local/etc/inc/config.console.inc
 /usr/local/etc/inc/config.inc
 /usr/local/etc/inc/config.lib.inc
+/usr/local/etc/inc/console.inc
 /usr/local/etc/inc/crypt.inc
 /usr/local/etc/inc/filter.inc
 /usr/local/etc/inc/filter.lib.inc
@@ -310,6 +310,7 @@
 /usr/local/opnsense/contrib/simplepie/library/SimplePie/gzdecode.php
 /usr/local/opnsense/contrib/simplepie/phpunit.xml.dist
 /usr/local/opnsense/contrib/tzdata/iso3166.tab
+/usr/local/opnsense/firmware-product
 /usr/local/opnsense/mvc/app/cache/README
 /usr/local/opnsense/mvc/app/config/config.php
 /usr/local/opnsense/mvc/app/config/loader.php

src/etc/inc/config.lib.inc

@@ -29,23 +29,12 @@
     POSSIBILITY OF SUCH DAMAGE.
 */
 
-openlog('opnsense', LOG_ODELAY, LOG_USER);
-register_shutdown_function('closelog');
-
 global $g; /* XXX make this a getter function for traceability */
 
-$g = array(
-    'factory_shipped_username' => 'root',
-    'factory_shipped_password' => 'opnsense',
-    'dhcpd_chroot_path' => '/var/dhcpd',
-    'unbound_chroot_path' => '/var/unbound',
-    'product_name' => 'OPNsense',
-    'product_website' => 'https://opnsense.org/',
-    'product_email' => 'project@opnsense.org',
-    'product_copyright_owner' => 'Deciso B.V.',
-    'product_copyright_years' => '2014-2017',
-    'product_copyright_url' => 'https://www.deciso.com/',
-);
+$g = json_decode(file_get_contents('/usr/local/opnsense/firmware-product'), true);
+
+openlog($g['product_id'], LOG_ODELAY, LOG_USER);
+register_shutdown_function('closelog');
 
 require_once("xmlparse.inc");
 require_once("crypt.inc");

src/etc/inc/plugins.inc.d/unbound.inc

@@ -142,17 +142,17 @@ function unbound_optimization()
 
 function unbound_generate_config()
 {
-    global $config, $g;
+    global $config;
 
     // Setup optimization
     $optimization = unbound_optimization();
 
     // Setup DNSSEC support
     if (isset($config['unbound']['dnssec'])) {
-        $module_config = "validator iterator";
-        $anchor_file = "auto-trust-anchor-file: {$g['unbound_chroot_path']}/root.key";
+        $module_config = 'validator iterator';
+        $anchor_file = 'auto-trust-anchor-file: /var/unbound/root.key';
     } else {
-        $module_config = "iterator";
+        $module_config = 'iterator';
     }
 
     // Setup DNS Rebinding
@@ -273,10 +273,10 @@ EOF;
 
     if (isset($config['unbound']['regdhcp'])) {
         // include dynamic leases
-        @touch("{$g['unbound_chroot_path']}/dhcpleases.conf");
-        $include_dhcpleases = "include: {$g['unbound_chroot_path']}/dhcpleases.conf";
+        @touch('/var/unbound/dhcpleases.conf');
+        $include_dhcpleases = 'include: /var/unbound/dhcpleases.conf';
     } else {
-        $include_dhcpleases = "";
+        $include_dhcpleases = '';
     }
 
     // Set up forwarding if it configured
@@ -322,10 +322,10 @@ EOD;
 # Server configuration
 ##
 server:
-chroot: {$g['unbound_chroot_path']}
-username: "unbound"
-directory: "{$g['unbound_chroot_path']}"
-pidfile: "/var/run/unbound.pid"
+chroot: /var/unbound
+username: unbound
+directory: /var/unbound
+pidfile: /var/run/unbound.pid
 use-syslog: yes
 port: {$port}
 verbosity: {$verbosity}
@@ -372,16 +372,16 @@ prefetch-key: {$prefetch_key}
 {$private_domains}
 
 # Access lists
-include: {$g['unbound_chroot_path']}/access_lists.conf
+include: /var/unbound/access_lists.conf
 
 # Static host entries
-include: {$g['unbound_chroot_path']}/host_entries.conf
+include: /var/unbound/host_entries.conf
 
 # DHCP leases (if configured)
 {$include_dhcpleases}
 
 # Domain overrides
-include: {$g['unbound_chroot_path']}/domainoverrides.conf
+include: /var/unbound/domainoverrides.conf
 
 {$custom_options}
 
@@ -390,32 +390,31 @@ include: {$g['unbound_chroot_path']}/domainoverrides.conf
 ###
 # Remote Control Config
 ###
-include: {$g['unbound_chroot_path']}/remotecontrol.conf
+include: /var/unbound/remotecontrol.conf
 
 EOD;
 
-    file_put_contents("{$g['unbound_chroot_path']}/unbound.conf", $unboundconf);
+    file_put_contents('/var/unbound/unbound.conf', $unboundconf);
 
     return 0;
 }
 
-function unbound_remote_control_setup() {
-    global $g;
-
-    if (!file_exists("{$g['unbound_chroot_path']}/remotecontrol.conf") || !file_exists("{$g['unbound_chroot_path']}/unbound_control.key")) {
+function unbound_remote_control_setup()
+{
+    if (!file_exists('/var/unbound/remotecontrol.conf') || !file_exists('/var/unbound/unbound_control.key')) {
         $remotcfg = <<<EOF
 remote-control:
     control-enable: yes
     control-interface: 127.0.0.1
     control-port: 953
-    server-key-file: "{$g['unbound_chroot_path']}/unbound_server.key"
-    server-cert-file: "{$g['unbound_chroot_path']}/unbound_server.pem"
-    control-key-file: "{$g['unbound_chroot_path']}/unbound_control.key"
-    control-cert-file: "{$g['unbound_chroot_path']}/unbound_control.pem"
+    server-key-file: /var/unbound/unbound_server.key
+    server-cert-file: /var/unbound/unbound_server.pem
+    control-key-file: /var/unbound/unbound_control.key
+    control-cert-file: /var/unbound/unbound_control.pem
 
 EOF;
 
-        file_put_contents("{$g['unbound_chroot_path']}/remotecontrol.conf", $remotcfg);
+        file_put_contents('/var/unbound/remotecontrol.conf', $remotcfg);
 
         unbound_execute('unbound-control-setup');
     }
@@ -448,7 +447,7 @@ function unbound_configure_do($verbose = false)
 
 function unbound_execute($cmd)
 {
-    global $g, $config;
+    global $config;
 
     switch ($cmd) {
         case 'start':
@@ -460,7 +459,7 @@ function unbound_execute($cmd)
             if (isset($config['unbound']['regdhcp'])) {
                 mwexecf('/usr/local/opnsense/scripts/dns/unbound_dhcpd.py /domain %s', $domain);
             }
-            mwexecf('/usr/local/sbin/unbound -c %s', "{$g['unbound_chroot_path']}/unbound.conf");
+            mwexecf('/usr/local/sbin/unbound -c %s', '/var/unbound/unbound.conf');
             break;
         case 'stop':
             killbypid('/var/run/unbound_dhcpd.pid', 'TERM', true);
@@ -472,14 +471,14 @@ function unbound_execute($cmd)
         case 'unbound-anchor':
             mwexecf(
                 'chroot -u unbound -g unbound / %s -a %s',
-                array('/usr/local/sbin/unbound-anchor', "{$g['unbound_chroot_path']}/root.key"),
+                array('/usr/local/sbin/unbound-anchor', '/var/unbound/root.key'),
                 true
             );
             break;
         case 'unbound-control-setup':
             mwexecf(
                 'chroot -u unbound -g unbound / %s -d %s',
-                array('/usr/local/sbin/unbound-control-setup', $g['unbound_chroot_path'])
+                array('/usr/local/sbin/unbound-control-setup', '/var/unbound')
             );
             break;
         default:
@@ -487,8 +486,9 @@ function unbound_execute($cmd)
     }
 }
 
-function unbound_add_domain_overrides($pvt=false) {
-    global $config, $g;
+function unbound_add_domain_overrides($pvt = false)
+{
+    global $config;
 
     $domains = $config['unbound']['domainoverrides'];
 
@@ -521,13 +521,13 @@ function unbound_add_domain_overrides($pvt=false) {
     if ($pvt == true) {
         return $domain_entries;
     } else {
-        file_put_contents("{$g['unbound_chroot_path']}/domainoverrides.conf", $domain_entries);
+        file_put_contents('/var/unbound/domainoverrides.conf', $domain_entries);
     }
 }
 
 function unbound_add_host_entries()
 {
-    global $config, $g;
+    global $config;
 
     $unbound_entries = "local-zone: \"{$config['system']['domain']}\" transparent\n";
 
@@ -659,7 +659,7 @@ function unbound_add_host_entries()
         }
     }
 
-    file_put_contents("{$g['unbound_chroot_path']}/host_entries.conf", $unbound_entries);
+    file_put_contents('/var/unbound/host_entries.conf', $unbound_entries);
 }
 
 // Generation of Unbound statistics
@@ -692,9 +692,9 @@ EOF;
     return $stats;
 }
 
-// Unbound Access lists
-function unbound_acls_config() {
-    global $g, $config;
+function unbound_acls_config()
+{
+    global $config;
 
     $aclcfg = "access-control: 127.0.0.1/32 allow\n";
     $aclcfg .= "access-control: ::1 allow\n";
@@ -739,7 +739,7 @@ function unbound_acls_config() {
     }
 
     // Write out Access list
-    file_put_contents("{$g['unbound_chroot_path']}/access_lists.conf", $aclcfg);
+    file_put_contents('/var/unbound/access_lists.conf', $aclcfg);
 }
 
 function unbound_hosts_generate()

src/etc/inc/services.inc

@@ -322,33 +322,27 @@ function services_radvd_configure($blacklist = array())
 
 function services_dhcpd_leasesfile()
 {
-    global $g;
-
-    return "{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases";
+    return '/var/dhcpd/var/db/dhcpd.leases';
 }
 
 function services_dhcpdv6_leasesfile()
 {
-    global $g;
-
-    return "{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases";
+    return '/var/dhcpd/var/db/dhcpd6.leases';
 }
 
 function services_dhcpd_configure($family = 'all', $blacklist = array(), $verbose = false)
 {
-    global $g;
-
     $dirs = array('/dev', '/etc', '/lib', '/run', '/usr', '/usr/local/sbin', '/var/db', '/var/run');
 
     foreach ($dirs as $dir) {
-        mwexecf('/bin/mkdir -p %s', "{$g['dhcpd_chroot_path']}{$dir}");
+        mwexecf('/bin/mkdir -p %s', "/var/dhcpd{$dir}");
     }
 
-    if (mwexecf('/sbin/mount -uw %s', "{$g['dhcpd_chroot_path']}/dev", true)) {
-        mwexecf('/sbin/mount -t devfs devfs %s', "{$g['dhcpd_chroot_path']}/dev");
+    if (mwexecf('/sbin/mount -uw %s', '/var/dhcpd/dev', true)) {
+        mwexecf('/sbin/mount -t devfs devfs %s', '/var/dhcpd/dev');
     }
 
-    mwexecf('/usr/sbin/chown -R dhcpd:dhcpd %s', $g['dhcpd_chroot_path']);
+    mwexecf('/usr/sbin/chown -R dhcpd:dhcpd %s', '/var/dhcpd');
 
     if ($family == 'all' || $family == 'inet') {
         services_dhcpdv4_configure($verbose);
@@ -379,12 +373,12 @@ function is_dhcpv4_server_enabled()
 
 function services_dhcpdv4_configure($verbose = false)
 {
-    global $config, $g;
+    global $config;
 
     $need_ddns_updates = false;
     $ddns_zones = array();
 
-    killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid", 'TERM', true);
+    killbypid('/var/dhcpd/var/run/dhcpd.pid', 'TERM', true);
 
     if (!is_dhcpv4_server_enabled()) {
         return;
@@ -914,13 +908,13 @@ EOD;
         $dhcpdconf .= services_dhcpd_zones($ddns_zones);
     }
 
-    @file_put_contents("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", $dhcpdconf);
-    @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
-    @unlink("{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid");
+    @file_put_contents('/var/dhcpd/etc/dhcpd.conf', $dhcpdconf);
+    @touch('/var/dhcpd/var/db/dhcpd.leases');
+    @unlink('/var/dhcpd/var/run/dhcpd.pid');
 
     /* fire up dhcpd in a chroot */
     if (count($dhcpdifs) > 0) {
-        mwexec("/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid " . join(" ", $dhcpdifs));
+        mwexec('/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid ' . join(' ', $dhcpdifs));
     }
 
     if ($verbose) {
@@ -1011,9 +1005,9 @@ function is_dhcpv6_server_enabled()
 
 function services_dhcpdv6_configure($blacklist = array(), $verbose = false)
 {
-    global $config, $g;
+    global $config;
 
-    killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid", 'TERM', true);
+    killbypid('/var/dhcpd/var/run/dhcpdv6.pid', 'TERM', true);
     killbypid('/var/run/dhcpleases6.pid', 'TERM', true);
 
     if (!is_dhcpv6_server_enabled()) {
@@ -1302,15 +1296,14 @@ EOD;
         $dhcpdv6conf .= "\nddns-update-style none;\n";
     }
 
-    @file_put_contents("{$g['dhcpd_chroot_path']}/etc/dhcpdv6.conf", $dhcpdv6conf);
-    @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases");
-    @unlink("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid");
+    @file_put_contents('/var/dhcpd/etc/dhcpdv6.conf', $dhcpdv6conf);
+    @touch('/var/dhcpd/var/db/dhcpd6.leases');
+    @unlink('/var/dhcpd/var/run/dhcpdv6.pid');
 
     /* fire up dhcpd in a chroot */
     if (count($dhcpdv6ifs) > 0) {
-        mwexec("/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid " .
-          join(" ", $dhcpdv6ifs));
-        mwexec("/usr/local/sbin/dhcpleases6 -c \"/usr/local/bin/php -f /usr/local/sbin/prefixes.php|/bin/sh\" -l {$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases");
+        mwexec('/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid ' . join(' ', $dhcpdv6ifs));
+        mwexec('/usr/local/sbin/dhcpleases6 -c "/usr/local/bin/php -f /usr/local/sbin/prefixes.php|/bin/sh" -l /var/dhcpd/var/db/dhcpd6.leases');
     }
 
     if ($verbose) {
@@ -1607,7 +1600,7 @@ function is_apinger_enabled()
 
 function services_get()
 {
-    global $config, $g;
+    global $config;
 
     $services = array();
 
@@ -1647,7 +1640,7 @@ function services_get()
         $pconfig['description'] = gettext("DHCP Server");
         $pconfig['php']['restart'] = array('services_dhcpdv4_configure');
         $pconfig['php']['start'] = array('services_dhcpdv4_configure');
-        $pconfig['pidfile'] = "{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid";
+        $pconfig['pidfile'] = '/var/dhcpd/var/run/dhcpd.pid';
         $services[] = $pconfig;
     }
 
@@ -1657,7 +1650,7 @@ function services_get()
         $pconfig['description'] = gettext("DHCPv6 Server");
         $pconfig['php']['restart'] = array('services_dhcpdv6_configure');
         $pconfig['php']['start'] = array('services_dhcpdv6_configure');
-        $pconfig['pidfile'] = "{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid";
+        $pconfig['pidfile'] = '/var/dhcpd/var/run/dhcpdv6.pid';
         $services[] = $pconfig;
     }
 

src/etc/inc/system.inc

@@ -725,7 +725,7 @@ function system_syslogd_extra_local($logsocket)
 
 function system_syslogd_start($verbose = false)
 {
-    global $config, $g;
+    global $config;
 
     if ($verbose) {
         echo 'Starting syslog...';
@@ -755,7 +755,7 @@ function system_syslogd_start($verbose = false)
          * get rid of this behaviour by wrapping this local array using
          * the key as a "name" entry in the array...
          */
-        $syslogconfs['dhcpd'] = array('facility' => array('dhcpd', 'dhcrelay', 'dhclient', 'dhcp6c'), 'local' => "{$g['dhcpd_chroot_path']}/var/run/log", 'remote' => 'dhcp');
+        $syslogconfs['dhcpd'] = array('facility' => array('dhcpd', 'dhcrelay', 'dhclient', 'dhcp6c'), 'local' => '/var/dhcpd/var/run/log', 'remote' => 'dhcp');
         $syslogconfs['filter'] = array('facility' => array('filterlog'), 'remote' => 'filter');
         $syslogconfs['gateways'] = array('facility' => array('apinger'), 'remote' => 'apinger');
         $syslogconfs['portalauth'] = array('facility' => array('captiveportal'), 'remote' => 'portalauth');

src/etc/rc.bootup

@@ -38,7 +38,7 @@ flush();
 
 $inc_files = array(
     'config.inc',
-    'config.console.inc',
+    'console.inc',
     'auth.inc',
     'util.inc',
     'interfaces.inc',

src/etc/rc.initial.password

@@ -32,50 +32,61 @@ require_once('auth.inc');
 
 $fp = fopen('php://stdin', 'r');
 
-printf(
-    'The %s password will be reset to the factory default of `%s\'.',
-    $g['factory_shipped_username'],
-    $g['factory_shipped_password']
-);
-printf("\n\n");
-printf('Do you want to proceed [y|n]? ');
+echo "The root user login behaviour will be restored to its defaults.\n\nDo you want to proceed? [y/N]: ";
 
-if (strcasecmp(chop(fgets($fp)), 'y') == 0) {
-    if (isset($config['system']['webgui']['authmode']) &&
-        $config['system']['webgui']['authmode'] != 'Local Database') {
-        printf("\n\n");
-        printf('The User manager authentication server is set to "%s".', $config['system']['webgui']['authmode']);
-        printf("\n");
-        printf('Do you want to set it back to Local Database [y|n]? ');
-        if (strcasecmp(chop(fgets($fp)), 'y') == 0) {
-            $config['system']['webgui']['authmode'] = 'Local Database';
-        }
+if (strcasecmp(chop(fgets($fp)), 'y') != 0) {
+    return;
+}
+
+if (isset($config['system']['webgui']['authmode']) && $config['system']['webgui']['authmode'] != 'Local Database') {
+    echo sprintf("\nThe authentication server is set to \"%s\".\n", $config['system']['webgui']['authmode']);
+    echo 'Do you want to set it back to Local Database? [y/N]: ';
+    if (strcasecmp(chop(fgets($fp)), 'y') == 0) {
+        $config['system']['webgui']['authmode'] = 'Local Database';
     }
-    $admin_user =& getUserEntryByUID(0);
-    if (!$admin_user) {
-        echo "Failed to locate the admin user account! Attempting to restore access.\n";
-        $admin_user = array();
-        $admin_user['uid'] = 0;
-        if (!isset($config['system']['user'])) {
-            $config['system']['user'] = array();
-        }
-        $config['system']['user'][] = $admin_user;
+}
+
+$admin_user = &getUserEntryByUID(0);
+if (!$admin_user) {
+    $admin_user = array();
+    $admin_user['uid'] = 0;
+    if (!isset($config['system']['user'])) {
+        $config['system']['user'] = array();
     }
+    $config['system']['user'][] = $admin_user;
+    echo "\nRestored missing root user.\n";
+}
 
-    $admin_user['name'] = $g['factory_shipped_username'];
-    $admin_user['scope'] = 'system';
+$admin_user['name'] = 'root';
+$admin_user['scope'] = 'system';
+if (isset($admin_user['disabled'])) {
+    unset($admin_user['disabled']);
+}
 
-    if (isset($admin_user['disabled'])) {
-        unset($admin_user['disabled']);
-    }
+echo "\nType a new password: ";
 
-    local_user_set_password($admin_user, $g['factory_shipped_password']);
-    local_user_set($admin_user);
-    write_config('Password reset from console menu');
+shell_exec('/bin/stty -echo');
+$password = chop(fgets($fp));
+shell_exec('/bin/stty echo');
+echo "\n";
+if (empty($password)) {
+    echo "\nPassword cannot be empty.\n";
+    return;
+}
 
-    printf("\n\n");
-    printf('The password has been reset.');
-    printf("\n");
-    printf('Please change the password as soon as you log in!');
-    printf("\n\n");
+echo "Confirm new password: ";
+shell_exec('/bin/stty -echo');
+$confirm = chop(fgets($fp));
+shell_exec('/bin/stty echo');
+echo "\n";
+if ($password !== $confirm) {
+    echo "\nPasswords do not match.\n";
+    return;
 }
+
+local_user_set_password($admin_user, $password);
+local_user_set($admin_user);
+
+write_config('Root user reset from console menu');
+
+echo "\nThe root user has been reset successfully.\n";

src/etc/rc.initial.setports

@@ -28,7 +28,7 @@
 */
 
 require_once("config.inc");
-require_once("config.console.inc");
+require_once("console.inc");
 require_once("filter.inc");
 require_once("util.inc");
 require_once("rrd.inc");
@@ -43,8 +43,8 @@ if (set_networking_interfaces_ports()) {
     $config = parse_config(true);
 
     /* need to stop local dhcp servers to avoid wrong leases */
-    killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid", 'TERM', true);
-    killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid", 'TERM', true);
+    killbypid('/var/dhcpd/var/run/dhcpd.pid', 'TERM', true);
+    killbypid('/var/dhcpd/var/run/dhcpdv6.pid', 'TERM', true);
 
     interfaces_configure(true);
     rrd_configure(true);

src/opnsense/firmware-product

+{
+    "product_copyright_owner": "Deciso B.V.",
+    "product_copyright_url": "https://www.deciso.com/",
+    "product_copyright_years": "2014-2017",
+    "product_email": "project@opnsense.org",
+    "product_id": "opnsense",
+    "product_name": "OPNsense",
+    "product_website": "https://opnsense.org/"
+}

src/opnsense/mvc/app/controllers/OPNsense/Base/ControllerBase.php

@@ -206,6 +206,11 @@ class ControllerBase extends ControllerRoot
             $this->view->ui_theme = $cnf->object()->theme;
         }
 
+        $product_vars = json_decode(file_get_contents('/usr/local/opnsense/firmware-product'), true);
+        foreach ($product_vars as $product_key => $product_var) {
+            $this->view->$product_key = $product_var;
+        }
+
         // info about the current user and box
         $this->view->session_username = !empty($_SESSION['Username']) ? $_SESSION['Username'] : '(unknown)';
         $this->view->system_hostname = $cnf->object()->system->hostname;

src/opnsense/mvc/app/views/layouts/default.volt

@@ -250,7 +250,9 @@
         <!-- page footer -->
     <footer class="page-foot col-sm-push-3 col-lg-push-2">
       <div class="container-fluid">
-        <a target="_blank" href="https://opnsense.org/" class="redlnk">OPNsense</a> (c) 2014-2017 <a href="https://www.deciso.com" class="tblnk">Deciso B.V.</a>
+        <a target="_blank" href="{{ product_website }}" class="redlnk">{{ product_name }}</a>
+        (c) {{ product_copyright_years }}
+        <a href="{{ product_copyright_url }}" class="tblnk">{{ product_copyright_owner }}</a>
       </div>
     </footer>
 

src/www/diag_defaults.php

@@ -49,13 +49,12 @@ include("head.inc");
         <form method="post">
           <p><strong> <?=gettext('If you click "Yes", the system will:')?></strong></p>
           <ul>
-            <li><?=gettext("Reset to factory defaults");?></li>
-            <li><?=gettext("LAN IP address will be reset to 192.168.1.1");?></li>
-            <li><?=gettext("System will be configured as a DHCP server on the default LAN interface");?></li>
-            <li><?=gettext("Reboot after changes are installed");?></li>
-            <li><?=gettext("WAN interface will be set to obtain an address automatically from a DHCP server");?></li>
-            <li><?= sprintf(gettext('Admin username will be reset to: %s'), $g['factory_shipped_username']) ?></li>
-            <li><?= sprintf(gettext('Admin password will be reset to: %s'), $g['factory_shipped_password']) ?></li>
+            <li><?= gettext('Reset to factory defaults') ?></li>
+            <li><?= gettext('LAN IP address will be reset to 192.168.1.1') ?></li>
+            <li><?= gettext('System will be configured as a DHCP server on the default LAN interface') ?></li>
+            <li><?= gettext('Reboot after changes are installed') ?></li>
+            <li><?= gettext('WAN interface will be set to obtain an address automatically from a DHCP server') ?></li>
+            <li><?= gettext('Admin user name and password will be reset') ?></li>
           </ul>
           <p><strong><?=gettext("Are you sure you want to proceed?");?></strong></p>
           <div class="btn-group">