diff options
| author | jim-p <jimp@pfsense.org> | 2011-11-17 13:30:45 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-11-17 13:34:20 -0500 |
| commit | 5b998d49bf356c4f1c5548f67378eb637ade18ec (patch) | |
| tree | 9c2d961b466c9ebb0cd13eb565cc6d8b27984144 /config/openvpn-client-export | |
| parent | 0d8274b646bdea5391418aa293899160a19d2704 (diff) | |
| download | pfsense-packages-5b998d49bf356c4f1c5548f67378eb637ade18ec.tar.gz pfsense-packages-5b998d49bf356c4f1c5548f67378eb637ade18ec.tar.bz2 pfsense-packages-5b998d49bf356c4f1c5548f67378eb637ade18ec.zip | |
Fix up various export scenarios that were not functioning properly.
Diffstat (limited to 'config/openvpn-client-export')
| -rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 23 | ||||
| -rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 4 |
2 files changed, 20 insertions, 7 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index cd436929..a69826ba 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -132,7 +132,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke } // lookup user certificate info - if ($settings['mode'] != "server_user") { + if ($settings['mode'] == "server_tls_user") { if ($settings['authmode'] == "Local Database") { $cert = $user['cert'][$crtid]; } else { @@ -143,6 +143,10 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); + } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { + $cert = $config['cert'][$crtid]; + if (!$cert) + return false; } else $nokeys = true; @@ -315,7 +319,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset } // lookup user certificate info - if ($settings['mode'] != "server_user") { + if ($settings['mode'] == "server_tls_user") { if ($settings['authmode'] == "Local Database") { $cert = $user['cert'][$crtid]; } else { @@ -326,6 +330,10 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); + } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { + $cert = $config['cert'][$crtid]; + if (!$cert) + return false; } else $nokeys = true; @@ -350,7 +358,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset $pwdfle .= "{$proxy['password']}\r\n"; file_put_contents("{$confdir}/{$proxy['passwdfile']}", $pwdfle); } - $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, false, "", false, $doslines=true, $advancedoptions); + $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, false, "", false, true, $advancedoptions); if (!$conf) { $input_errors[] = "Could not create a config to export."; return false; @@ -442,7 +450,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead } // lookup user certificate info - if ($settings['mode'] != "server_user") { + if ($settings['mode'] == "server_tls_user") { if ($settings['authmode'] == "Local Database") { $cert = $user['cert'][$crtid]; } else { @@ -453,7 +461,12 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); - } + } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { + $cert = $config['cert'][$crtid]; + if (!$cert) + return false; + } else + $nokeys = true; // create template directory mkdir($tempdir, 0700, true); diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index 98d4fafc..5a41b85d 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -59,7 +59,7 @@ foreach($a_server as $sindex => $server) { $ras_certs = array(); if (stripos($server['mode'], "server") === false) continue; - if ($server['authmode'] == "Local Database" && ($server['mode'] != "server_user")) { + if (($server['mode'] == "server_tls_user") && ($server['authmode'] == "Local Database")) { foreach($a_user as $uindex => $user) { if (!is_array($user['cert'])) continue; @@ -78,7 +78,7 @@ foreach($a_server as $sindex => $server) { $ras_user[] = $ras_userent; } } - } elseif ((!empty($server['authmode']) && ($server['mode'] != "server_user")) || ($server['mode'] == "server_tls")) { + } elseif (($server['mode'] == "server_tls") || (($server['mode'] == "server_tls_user") && ($server['authmode'] != "Local Database"))) { foreach($a_cert as $cindex => $cert) { if ($cert['caref'] != $server['caref']) continue; |