aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormarcelloc <marcellocoutinho@gmail.com>2012-09-19 12:07:40 -0300
committermarcelloc <marcellocoutinho@gmail.com>2012-09-19 12:07:40 -0300
commit76442fe5d7e80e3099a805b3cada22b190455db9 (patch)
tree918580674788e4ce26716146264b23891d8ce20a
parent13877cb7190125e35bb4e467f0fe827d10334503 (diff)
parentb7cb81919d718fc0183cdc0297a2800c6b5902b9 (diff)
downloadpfsense-packages-76442fe5d7e80e3099a805b3cada22b190455db9.tar.gz
pfsense-packages-76442fe5d7e80e3099a805b3cada22b190455db9.tar.bz2
pfsense-packages-76442fe5d7e80e3099a805b3cada22b190455db9.zip
Merge branch 'master' of https://github.com/bsdperimeter/pfsense-packages
-rw-r--r--config/apache_mod_security-dev/apache_virtualhost.xml6
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc23
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.xml2
-rwxr-xr-xconfig/openvpn-client-export/vpn_openvpn_export.php41
-rw-r--r--pkg_config.8.xml4
-rw-r--r--pkg_config.8.xml.amd644
6 files changed, 59 insertions, 21 deletions
diff --git a/config/apache_mod_security-dev/apache_virtualhost.xml b/config/apache_mod_security-dev/apache_virtualhost.xml
index 9ac23dd6..2e29a9af 100644
--- a/config/apache_mod_security-dev/apache_virtualhost.xml
+++ b/config/apache_mod_security-dev/apache_virtualhost.xml
@@ -76,12 +76,12 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache.tempalte</item>
+ <item>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache.template</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_balancer.tempalte</item>
+ <item>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_balancer.template</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
@@ -96,7 +96,7 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_mod_security_manipulator.xml</item>
+ <item>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_mod_security_manipulation.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 9f06ed0c..1c556d10 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -151,7 +151,7 @@ function openvpn_client_export_validate_config($srvid, $usrid, $crtid) {
return array($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys);
}
-function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys = false, $proxy, $expformat = "baseconf", $outpass = "", $skiptls=false, $doslines=false, $advancedoptions = "") {
+function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $nokeys = false, $proxy, $expformat = "baseconf", $outpass = "", $skiptls=false, $doslines=false, $advancedoptions = "") {
global $config, $input_errors, $g;
$nl = ($doslines) ? "\r\n" : "\n";
@@ -198,8 +198,10 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
$conf .= "client{$nl}";
$conf .= "resolv-retry infinite{$nl}";
$conf .= "remote {$server_host} {$server_port}{$nl}";
- if (!empty($servercn))
- $conf .= "tls-remote \"{$servercn}\"{$nl}";
+ if (!empty($servercn)) {
+ $qw = ($quoteservercn) ? "\"" : "";
+ $conf .= "tls-remote {$qw}{$servercn}{$qw}{$nl}";
+ }
if (!empty($proxy)) {
if ($proto == "udp") {
@@ -239,6 +241,10 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
$conf .= "ca /phone/config/openvpn/keys/ca.crt{$nl}";
$conf .= "cert /phone/config/openvpn/keys/client1.crt{$nl}";
$conf .= "key /phone/config/openvpn/keys/client1.key{$nl}";
+ } elseif ($expformat == "yealink_t38g2") {
+ $conf .= "ca /config/openvpn/keys/ca.crt{$nl}";
+ $conf .= "cert /config/openvpn/keys/client1.crt{$nl}";
+ $conf .= "key /config/openvpn/keys/client1.key{$nl}";
} elseif ($expformat == "snom") {
$conf .= "ca /openvpn/ca.crt{$nl}";
$conf .= "cert /openvpn/phone1.crt{$nl}";
@@ -263,6 +269,8 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
$conf .= "tls-auth /yealink/config/openvpn/keys/ta.key 1{$nl}";
elseif ($expformat == "yealink_t38g")
$conf .= "tls-auth /phone/config/openvpn/keys/ta.key 1{$nl}";
+ elseif ($expformat == "yealink_t38g2")
+ $conf .= "tls-auth /config/openvpn/keys/ta.key 1{$nl}";
elseif ($expformat == "snom")
$conf .= "tls-auth /openvpn/ta.key 1{$nl}";
else
@@ -344,6 +352,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
break;
case "yealink_t28":
case "yealink_t38g":
+ case "yealink_t38g2":
// create template directory
$tempdir = "{$g['tmp_path']}/{$prefix}";
$keydir = "{$tempdir}/keys";
@@ -402,7 +411,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
}
}
-function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $usetoken, $outpass, $proxy, $advancedoptions) {
+function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $outpass, $proxy, $advancedoptions) {
global $config, $g, $input_errors;
$uname_p = trim(exec("uname -p"));
@@ -439,7 +448,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
$pwdfle .= "{$proxy['password']}\r\n";
file_put_contents("{$confdir}/{$proxy['passwdfile']}", $pwdfle);
}
- $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, "", "baseconf", false, true, $advancedoptions);
+ $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $nokeys, $proxy, "", "baseconf", false, true, $advancedoptions);
if (!$conf) {
$input_errors[] = "Could not create a config to export.";
return false;
@@ -498,7 +507,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
return $outfile;
}
-function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $outpass, $proxy, $advancedoptions) {
+function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $outpass, $proxy, $advancedoptions) {
global $config, $g;
$uname_p = trim(exec("uname -p"));
@@ -533,7 +542,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead
file_put_contents("{$tempdir}/{$proxy['passwdfile']}", $pwdfle);
}
- $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, true, $proxy, "baseconf", "", true, $advancedoptions);
+ $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, true, $proxy, "baseconf", "", true, $advancedoptions);
if (!$conf)
return false;
diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml
index 254a95c7..02949cbd 100755
--- a/config/openvpn-client-export/openvpn-client-export.xml
+++ b/config/openvpn-client-export/openvpn-client-export.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
<name>OpenVPN Client Export</name>
- <version>0.22</version>
+ <version>0.24</version>
<title>OpenVPN Client Export</title>
<include_file>/usr/local/pkg/openvpn-client-export.inc</include_file>
<backup_file></backup_file>
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index fa3bcb9c..811fb62f 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -137,10 +137,11 @@ if (!empty($act)) {
$useaddr = $_GET['useaddr'];
$advancedoptions = $_GET['advancedoptions'];
+ $quoteservercn = $_GET['quoteservercn'];
$usetoken = $_GET['usetoken'];
if ($usetoken && ($act == "confinline"))
$input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration.";
- if ($usetoken && (($act == "conf_yealink_t28") || ($act == "conf_yealink_t38g") || ($act == "conf_snom")))
+ if ($usetoken && (($act == "conf_yealink_t28") || ($act == "conf_yealink_t38g") || ($act == "conf_yealink_t38g2") || ($act == "conf_snom")))
$input_errors[] = "You cannot use Microsoft Certificate Storage with a Yealink or SNOM configuration.";
$password = "";
if ($_GET['password'])
@@ -186,6 +187,10 @@ if (!empty($act)) {
$exp_name = urlencode("client.tar");
$expformat = "yealink_t38g";
break;
+ case "conf_yealink_t38g2":
+ $exp_name = urlencode("client.tar");
+ $expformat = "yealink_t38g2";
+ break;
case "conf_snom":
$exp_name = urlencode("vpnclient.tar");
$expformat = "snom";
@@ -198,17 +203,17 @@ if (!empty($act)) {
$exp_name = urlencode($exp_name."-config.ovpn");
$expformat = "baseconf";
}
- $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $advancedoptions);
+ $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $advancedoptions);
}
if($act == "visc") {
$exp_name = urlencode($exp_name."-Viscosity.visc.zip");
- $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $password, $proxy, $advancedoptions);
+ $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $password, $proxy, $advancedoptions);
}
if($act == "inst") {
$exp_name = urlencode($exp_name."-install.exe");
- $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $usetoken, $password, $proxy, $advancedoptions);
+ $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $quoteservercn, $usetoken, $password, $proxy, $advancedoptions);
}
if (!$exp_path) {
@@ -289,6 +294,9 @@ function download_begin(act, i, j) {
advancedoptions = document.getElementById("advancedoptions").value;
+ var quoteservercn = 0;
+ if (document.getElementById("quoteservercn").checked)
+ quoteservercn = 1;
var usetoken = 0;
if (document.getElementById("usetoken").checked)
usetoken = 1;
@@ -357,6 +365,7 @@ function download_begin(act, i, j) {
dlurl += "&crtid=" + escape(certs[j][0]);
}
dlurl += "&useaddr=" + escape(useaddr);
+ dlurl += "&quoteservercn=" + escape(quoteservercn);
dlurl += "&usetoken=" + escape(usetoken);
if (usepass)
dlurl += "&password=" + escape(pass);
@@ -428,10 +437,13 @@ function server_changed() {
cell2.innerHTML += "<br/>";
cell2.innerHTML += "<a href='javascript:download_begin(\"visc\", -1," + j + ")'>Viscosity Bundle</a>";
if (servers[index][2] == "server_tls") {
- cell2.innerHTML += "<br/>Yealink SIP Handset: &nbsp;&nbsp;";
+ cell2.innerHTML += "<br/>Yealink SIP Handsets: <br/>";
+ cell2.innerHTML += "&nbsp;&nbsp; ";
cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t28\", -1," + j + ")'>T28</a>";
cell2.innerHTML += "&nbsp;&nbsp; ";
- cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g\", -1," + j + ")'>T38G</a>";
+ cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g\", -1," + j + ")'>T38G (1)</a>";
+ cell2.innerHTML += "&nbsp;&nbsp; ";
+ cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g2\", -1," + j + ")'>T38G (2)</a>";
cell2.innerHTML += "<br/>";
cell2.innerHTML += "<a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>";
}
@@ -550,6 +562,23 @@ function useproxy_changed(obj) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell">Quote Server CN</td>
+ <td width="78%" class="vtable">
+ <table border="0" cellpadding="2" cellspacing="0">
+ <tr>
+ <td>
+ <input name="quoteservercn" id="quoteservercn" type="checkbox" value="yes">
+ </td>
+ <td>
+ <span class="vexpl">
+ Enclose the server CN in quotes. Can help if your server CN contains spaces and certain clients cannot parse the server CN. Some clients have problems parsing the CN with quotes. Use only as needed.
+ </span>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ <tr>
<td width="22%" valign="top" class="vncell">Certificate Export Options</td>
<td width="78%" class="vtable">
<table border="0" cellpadding="2" cellspacing="0">
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index f943d8be..823b83a2 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -176,7 +176,7 @@
<depends_on_package_pbi>haproxy-1.4.21-i386.pbi</depends_on_package_pbi>
</package>
<package>
- <name>Apache+mod_security-dev</name>
+ <name>Apache with mod_security-dev</name>
<pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink>
<website>http://www.modsecurity.org/</website>
<descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr>
@@ -1381,7 +1381,7 @@
<depends_on_package_pbi>zip-3.0-i386.pbi p7zip-9.20.1-i386.pbi</depends_on_package_pbi>
<build_port_path>/usr/ports/archivers/p7zip</build_port_path>
<build_port_path>/usr/ports/archivers/zip</build_port_path>
- <version>0.22</version>
+ <version>0.24</version>
<status>BETA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 6c19a678..42c04536 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -163,7 +163,7 @@
<depends_on_package_pbi>haproxy-1.4.21-amd64.pbi</depends_on_package_pbi>
</package>
<package>
- <name>apache+mod_security-dev</name>
+ <name>Apache with mod_security-dev</name>
<pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink>
<website>http://www.modsecurity.org/</website>
<descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr>
@@ -1368,7 +1368,7 @@
<depends_on_package_pbi>p7zip-9.20.1-amd64.pbi zip-3.0-amd64.pbi</depends_on_package_pbi>
<build_port_path>/usr/ports/archivers/p7zip</build_port_path>
<build_port_path>/usr/ports/archivers/zip</build_port_path>
- <version>0.22</version>
+ <version>0.24</version>
<status>BETA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file>