diff options
author | jim-p <jimp@pfsense.org> | 2011-04-26 17:11:11 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2011-04-26 17:11:11 -0400 |
commit | 780af2e7678dcccf0fd730a06549facd00906707 (patch) | |
tree | 11bc9f82840e9c6a9be75a8c58734ea55508b912 /config/openvpn-client-export/openvpn-client-export.inc | |
parent | a7227f4cf070bd26d738f089aa35485de6d72190 (diff) | |
download | pfsense-packages-780af2e7678dcccf0fd730a06549facd00906707.tar.gz pfsense-packages-780af2e7678dcccf0fd730a06549facd00906707.tar.bz2 pfsense-packages-780af2e7678dcccf0fd730a06549facd00906707.zip |
Allow exporting OpenVPN with SSL/TLS+User Auth+External source (LDAP, Radius), by listing certificates from the same CA as the OpenVPN server.
Diffstat (limited to 'config/openvpn-client-export/openvpn-client-export.inc')
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 82eae161..48be5f0f 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -128,7 +128,11 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke // lookup user certificate info if ($settings['mode'] != "server_user") { - $cert = $user['cert'][$crtid]; + if ($settings['authmode'] == "Local Database") { + $cert = $user['cert'][$crtid]; + } else { + $cert = $config['cert'][$crtid]; + } if (!$cert) return false; // If $cert is not an array, it's a certref not a cert. @@ -295,7 +299,11 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset // lookup user certificate info if ($settings['mode'] != "server_user") { - $cert = $user['cert'][$crtid]; + if ($settings['authmode'] == "Local Database") { + $cert = $user['cert'][$crtid]; + } else { + $cert = $config['cert'][$crtid]; + } if (!$cert) return false; // If $cert is not an array, it's a certref not a cert. @@ -414,7 +422,11 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead // lookup user certificate info if ($settings['mode'] != "server_user") { - $cert = $user['cert'][$crtid]; + if ($settings['authmode'] == "Local Database") { + $cert = $user['cert'][$crtid]; + } else { + $cert = $config['cert'][$crtid]; + } if (!$cert) return false; // If $cert is not an array, it's a certref not a cert. |