diff options
author | jim-p <jimp@pfsense.org> | 2013-01-22 16:14:38 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-01-22 16:15:36 -0500 |
commit | 05dd30063ea497b34bd0e1899ed975ed382cdf80 (patch) | |
tree | 4e21a0ac7178184612ffebef038dc71b43abd8b6 /config/openvpn-client-export | |
parent | 57744d2be345a990c2907deac358056ffa17f8c1 (diff) | |
download | pfsense-packages-05dd30063ea497b34bd0e1899ed975ed382cdf80.tar.gz pfsense-packages-05dd30063ea497b34bd0e1899ed975ed382cdf80.tar.bz2 pfsense-packages-05dd30063ea497b34bd0e1899ed975ed382cdf80.zip |
Update OpenVPN Client Export again, rearrange options to make them more clear/easy to follow. Also bump version and promote package status to reflect how stable it has become.
Diffstat (limited to 'config/openvpn-client-export')
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 43 | ||||
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.xml | 2 | ||||
-rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 84 |
3 files changed, 84 insertions, 45 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index c2d3dd40..9e23d3ca 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -170,6 +170,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese global $config, $input_errors, $g; $nl = ($doslines) ? "\r\n" : "\n"; + $conf = ""; $validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid); if ($validconfig) { @@ -195,25 +196,31 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese $server_host = $useaddr; $server_port = $settings['local_port']; - $proto = (strtoupper($settings['protocol']) == 'UDP' ? 'udp' : "tcp-client"); + $proto = (strtoupper($settings['protocol']) == 'UDP' ? 'udp' : "tcp"); + if (($expformat == "inlineios") && ($proto == "tcp-client")) + $proto = "tcp"; $cipher = $settings['crypto']; // add basic settings $devmode = empty($settings['dev_mode']) ? "tun" : $settings['dev_mode']; - $conf = "dev {$devmode}{$nl}"; - if(! empty($settings['tunnel_networkv6'])) { + if (($expformat != "inlinedroid") && ($expformat != "inlineios")) + $conf .= "dev {$devmode}{$nl}"; + if(!empty($settings['tunnel_networkv6']) && ($expformat != "inlinedroid") && ($expformat != "inlineios")) { $conf .= "tun-ipv6{$nl}"; } $conf .= "persist-tun{$nl}"; $conf .= "persist-key{$nl}"; - $conf .= "proto {$proto}{$nl}"; + +// if ((($expformat != "inlinedroid") && ($expformat != "inlineios")) && ($proto == "tcp")) +// $conf .= "proto tcp-client{$nl}"; $conf .= "cipher {$cipher}{$nl}"; $conf .= "tls-client{$nl}"; $conf .= "client{$nl}"; - $conf .= "resolv-retry infinite{$nl}"; - $conf .= "remote {$server_host} {$server_port}{$nl}"; - if (!empty($servercn) && ($expformat != "inline")) { + if (($expformat != "inlinedroid") && ($expformat != "inlineios")) + $conf .= "resolv-retry infinite{$nl}"; + $conf .= "remote {$server_host} {$server_port} {$proto}{$nl}"; + if (!empty($servercn) && ($expformat != "inlineios")) { $qw = ($quoteservercn) ? "\"" : ""; $conf .= "tls-remote {$qw}{$servercn}{$qw}{$nl}"; } @@ -263,11 +270,11 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese } elseif ($usetoken) { $conf .= "ca {$cafile}{$nl}"; $conf .= "cryptoapicert \"SUBJ:{$user['name']}\"{$nl}"; - } elseif ($expformat != "inline") { + } elseif (substr($expformat, 0, 6) != "inline") { $conf .= "pkcs12 {$prefix}.p12{$nl}"; } } else if ($settings['mode'] == "server_user") { - if ($expformat != "inline") + if (substr($expformat, 0, 6) != "inline") $conf .= "ca {$cafile}{$nl}"; } @@ -280,7 +287,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese $conf .= "tls-auth /config/openvpn/keys/ta.key 1{$nl}"; elseif ($expformat == "snom") $conf .= "tls-auth /openvpn/ta.key 1{$nl}"; - elseif ($expformat != "inline") + elseif (substr($expformat, 0, 6) != "inline") $conf .= "tls-auth {$prefix}-tls.key 1{$nl}"; } @@ -363,17 +370,19 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese return $g['tmp_path'] . "/{$prefix}-config.zip"; break; case "inline": + case "inlinedroid": + case "inlineios": // Inline CA - $conf .= "<ca>{$nl}" . base64_decode($server_ca['crt']) . "</ca>{$nl}"; + $conf .= "<ca>{$nl}" . trim(base64_decode($server_ca['crt'])) . "{$nl}</ca>{$nl}"; if ($settings['mode'] != "server_user") { // Inline Cert - $conf .= "<cert>{$nl}" . base64_decode($cert['crt']) . "</cert>{$nl}"; + $conf .= "<cert>{$nl}" . trim(base64_decode($cert['crt'])) . "{$nl}</cert>{$nl}"; // Inline Key - $conf .= "<key>{$nl}" . base64_decode($cert['prv']) . "</key>{$nl}"; + $conf .= "<key>{$nl}" . trim(base64_decode($cert['prv'])) . "{$nl}</key>{$nl}"; } // Inline TLS if ($settings['tls']) { - $conf .= "<tls-auth>{$nl}" . base64_decode($settings['tls']) . "</tls-auth>{$nl} key-direction 1{$nl}"; + $conf .= "<tls-auth>{$nl}" . trim(base64_decode($settings['tls'])) . "{$nl}</tls-auth>{$nl} key-direction 1{$nl}"; } return $conf; break; @@ -708,8 +717,7 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco $cipher = $settings['crypto']; // add basic settings - if ($expformat != "inline") - $conf = "dev tun\n"; + $conf = "dev tun\n"; if(! empty($settings['tunnel_networkv6'])) { $conf .= "tun-ipv6\n"; } @@ -718,8 +726,7 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco $conf .= "proto {$proto}\n"; $conf .= "cipher {$cipher}\n"; $conf .= "client\n"; - if ($expformat != "inline") - $conf .= "resolv-retry infinite\n"; + $conf .= "resolv-retry infinite\n"; $conf .= "remote {$server_host} {$server_port}\n"; if ($settings['local_network']) { list($ip, $mask) = explode('/', $settings['local_network']); diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml index 9f3d7376..5b87c48e 100755 --- a/config/openvpn-client-export/openvpn-client-export.xml +++ b/config/openvpn-client-export/openvpn-client-export.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8" ?> <packagegui> <name>OpenVPN Client Export</name> - <version>0.29</version> + <version>1.0</version> <title>OpenVPN Client Export</title> <include_file>/usr/local/pkg/openvpn-client-export.inc</include_file> <backup_file></backup_file> diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index c7e5d147..3f34dc51 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -140,7 +140,7 @@ if (!empty($act)) { $quoteservercn = $_GET['quoteservercn']; $usetoken = $_GET['usetoken']; - if ($usetoken && ($act == "confinline")) + if ($usetoken && (substr($act, 0, 10) == "confinline")) $input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration."; if ($usetoken && (($act == "conf_yealink_t28") || ($act == "conf_yealink_t38g") || ($act == "conf_yealink_t38g2") || ($act == "conf_snom"))) $input_errors[] = "You cannot use Microsoft Certificate Storage with a Yealink or SNOM configuration."; @@ -200,6 +200,14 @@ if (!empty($act)) { $exp_name = urlencode($exp_name."-config.ovpn"); $expformat = "inline"; break; + case "confinlinedroid": + $exp_name = urlencode($exp_name."-android-config.ovpn"); + $expformat = "inlinedroid"; + break; + case "confinlineios": + $exp_name = urlencode($exp_name."-ios-config.ovpn"); + $expformat = "inlineios"; + break; default: $exp_name = urlencode($exp_name."-config.ovpn"); $expformat = "baseconf"; @@ -222,7 +230,7 @@ if (!empty($act)) { } if (empty($input_errors)) { - if (($act == "conf") || ($act == "confinline")) { + if (($act == "conf") || (substr($act, 0, 10) == "confinline")) { $exp_size = strlen($exp_path); } else { $exp_size = filesize($exp_path); @@ -232,7 +240,7 @@ if (!empty($act)) { header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename={$exp_name}"); header("Content-Length: $exp_size"); - if (($act == "conf") || ($act == "confinline")) { + if (($act == "conf") || (substr($act, 0, 10) == "confinline")) { echo $exp_path; } else { readfile($exp_path); @@ -408,19 +416,27 @@ function server_changed() { cell1.className = "listr"; cell1.innerHTML = users[i][3]; cell2.className = "listr"; - cell2.innerHTML = "<a href='javascript:download_begin(\"conf\"," + i + ", -1)'>Configuration</a>"; - cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ", -1)'>Inline Configuration</a>"; - cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ", -1)'>Configuration archive</a>"; - cell2.innerHTML += "<br/>Windows Installers:<br/>"; + cell2.innerHTML = "- Standard Configurations:<br/>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ", -1)'>Archive</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"conf\"," + i + ", -1)'>Config Only</a>"; + cell2.innerHTML += "<br/>- Inline Configurations:<br/>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinlinedroid\"," + i + ", -1)'>Android</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinlineios\"," + i + ", -1)'>iOS</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ", -1)'>All Other Platforms</a>"; + cell2.innerHTML += "<br/>- Windows Installers:<br/>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ", -1)'>2.2</a>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x86\"," + i + ", -1)'>2.3-x86</a>"; // cell2.innerHTML += " "; // cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x64\"," + i + ", -1)'>2.3-x64</a>"; - cell2.innerHTML += "<br/>"; + cell2.innerHTML += "<br/>- Mac OSX:<br/>"; + cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"visc\"," + i + ", -1)'>Viscosity Bundle</a>"; } for (j=0; j < certs.length; j++) { @@ -437,22 +453,30 @@ function server_changed() { cell1.className = "listr"; cell1.innerHTML = certs[j][1]; cell2.className = "listr"; - cell2.innerHTML = "<a href='javascript:download_begin(\"conf\", -1," + j + ")'>Configuration</a>"; - cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\", -1," + j + ")'>Inline Configuration</a>"; - cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\", -1," + j + ")'>Configuration archive</a>"; - cell2.innerHTML += "<br/>Windows Installers:<br/>"; + cell2.innerHTML = "- Standard Configurations:<br/>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\", -1," + j + ")'>Archive</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"conf\", -1," + j + ")'>File Only</a>"; + cell2.innerHTML += "<br/>- Inline Configurations:<br/>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinlinedroid\", -1," + j + ")'>Android</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinlineios\", -1," + j + ")'>iOS</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\", -1," + j + ")'>All Other Platforms</a>"; + cell2.innerHTML += "<br/>- Windows Installers:<br/>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst\", -1," + j + ")'>2.2</a>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x86\", -1," + j + ")'>2.3-x86</a>"; // cell2.innerHTML += " "; // cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x64\", -1," + j + ")'>2.3-x64</a>"; - cell2.innerHTML += "<br/>"; + cell2.innerHTML += "<br/>- Mac OSX:<br/>"; + cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"visc\", -1," + j + ")'>Viscosity Bundle</a>"; if (servers[index][2] == "server_tls") { - cell2.innerHTML += "<br/>Yealink SIP Handsets: <br/>"; + cell2.innerHTML += "<br/>- Yealink SIP Handsets: <br/>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t28\", -1," + j + ")'>T28</a>"; cell2.innerHTML += " "; @@ -460,7 +484,7 @@ function server_changed() { cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g2\", -1," + j + ")'>T38G (2)</a>"; cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>"; + cell2.innerHTML += "- <a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>"; } } if (servers[index][2] == 'server_user') { @@ -473,19 +497,27 @@ function server_changed() { cell1.className = "listr"; cell1.innerHTML = "none"; cell2.className = "listr"; - cell2.innerHTML = "<a href='javascript:download_begin(\"conf\"," + i + ")'>Configuration</a>"; - cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ")'>Inline Configuration</a>"; - cell2.innerHTML += "<br/>"; - cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ")'>Configuration archive</a>"; - cell2.innerHTML += "<br/>Windows Installers:<br/>"; + cell2.innerHTML = "- Standard Configurations:<br/>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ")'>Archive</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"conf\"," + i + ")'>File Only</a>"; + cell2.innerHTML += "<br/>- Inline Configurations:<br/>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinlinedroid\"," + i + ")'>Android</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinlineios\"," + i + ")'>iOS</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ")'>All Other Platforms</a>"; + cell2.innerHTML += "<br/>- Windows Installers:<br/>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ")'>2.2</a>"; cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x86\"," + i + ")'>2.3-x86</a>"; // cell2.innerHTML += " "; // cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x64\"," + i + ")'>2.3-x64</a>"; - cell2.innerHTML += "<br/>"; + cell2.innerHTML += "<br/>- Mac OSX:<br/>"; + cell2.innerHTML += " "; cell2.innerHTML += "<a href='javascript:download_begin(\"visc\"," + i + ")'>Viscosity Bundle</a>"; } } |