aboutsummaryrefslogtreecommitdiffstats
path: root/config/openvpn-client-export
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2011-11-17 13:30:45 -0500
committerjim-p <jimp@pfsense.org>2011-11-17 13:34:20 -0500
commit5b998d49bf356c4f1c5548f67378eb637ade18ec (patch)
tree9c2d961b466c9ebb0cd13eb565cc6d8b27984144 /config/openvpn-client-export
parent0d8274b646bdea5391418aa293899160a19d2704 (diff)
downloadpfsense-packages-5b998d49bf356c4f1c5548f67378eb637ade18ec.tar.gz
pfsense-packages-5b998d49bf356c4f1c5548f67378eb637ade18ec.tar.bz2
pfsense-packages-5b998d49bf356c4f1c5548f67378eb637ade18ec.zip
Fix up various export scenarios that were not functioning properly.
Diffstat (limited to 'config/openvpn-client-export')
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc23
-rwxr-xr-xconfig/openvpn-client-export/vpn_openvpn_export.php4
2 files changed, 20 insertions, 7 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index cd436929..a69826ba 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -132,7 +132,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
}
// lookup user certificate info
- if ($settings['mode'] != "server_user") {
+ if ($settings['mode'] == "server_tls_user") {
if ($settings['authmode'] == "Local Database") {
$cert = $user['cert'][$crtid];
} else {
@@ -143,6 +143,10 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
// If $cert is not an array, it's a certref not a cert.
if (!is_array($cert))
$cert = lookup_cert($cert);
+ } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
+ $cert = $config['cert'][$crtid];
+ if (!$cert)
+ return false;
} else
$nokeys = true;
@@ -315,7 +319,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
}
// lookup user certificate info
- if ($settings['mode'] != "server_user") {
+ if ($settings['mode'] == "server_tls_user") {
if ($settings['authmode'] == "Local Database") {
$cert = $user['cert'][$crtid];
} else {
@@ -326,6 +330,10 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
// If $cert is not an array, it's a certref not a cert.
if (!is_array($cert))
$cert = lookup_cert($cert);
+ } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
+ $cert = $config['cert'][$crtid];
+ if (!$cert)
+ return false;
} else
$nokeys = true;
@@ -350,7 +358,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
$pwdfle .= "{$proxy['password']}\r\n";
file_put_contents("{$confdir}/{$proxy['passwdfile']}", $pwdfle);
}
- $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, false, "", false, $doslines=true, $advancedoptions);
+ $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, false, "", false, true, $advancedoptions);
if (!$conf) {
$input_errors[] = "Could not create a config to export.";
return false;
@@ -442,7 +450,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead
}
// lookup user certificate info
- if ($settings['mode'] != "server_user") {
+ if ($settings['mode'] == "server_tls_user") {
if ($settings['authmode'] == "Local Database") {
$cert = $user['cert'][$crtid];
} else {
@@ -453,7 +461,12 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead
// If $cert is not an array, it's a certref not a cert.
if (!is_array($cert))
$cert = lookup_cert($cert);
- }
+ } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
+ $cert = $config['cert'][$crtid];
+ if (!$cert)
+ return false;
+ } else
+ $nokeys = true;
// create template directory
mkdir($tempdir, 0700, true);
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index 98d4fafc..5a41b85d 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -59,7 +59,7 @@ foreach($a_server as $sindex => $server) {
$ras_certs = array();
if (stripos($server['mode'], "server") === false)
continue;
- if ($server['authmode'] == "Local Database" && ($server['mode'] != "server_user")) {
+ if (($server['mode'] == "server_tls_user") && ($server['authmode'] == "Local Database")) {
foreach($a_user as $uindex => $user) {
if (!is_array($user['cert']))
continue;
@@ -78,7 +78,7 @@ foreach($a_server as $sindex => $server) {
$ras_user[] = $ras_userent;
}
}
- } elseif ((!empty($server['authmode']) && ($server['mode'] != "server_user")) || ($server['mode'] == "server_tls")) {
+ } elseif (($server['mode'] == "server_tls") || (($server['mode'] == "server_tls_user") && ($server['authmode'] != "Local Database"))) {
foreach($a_cert as $cindex => $cert) {
if ($cert['caref'] != $server['caref'])
continue;