Fix indent and style

author: Renato Botelho <garga@FreeBSD.org> 2015-05-06 15:17:00 -0300
committer: Renato Botelho <garga@FreeBSD.org> 2015-05-06 15:17:00 -0300
commit: 96c279c128119183a57378a6c42907c606586252 (patch)
tree: ef1486e449ba86b2cbf3a2da1ce045b3d38f1c96 /config
parent: 45e19a94127f35a0f5614589ec81684d08f58e4f (diff)
download: pfsense-packages-96c279c128119183a57378a6c42907c606586252.tar.gz
pfsense-packages-96c279c128119183a57378a6c42907c606586252.tar.bz2
pfsense-packages-96c279c128119183a57378a6c42907c606586252.zip
1 files changed, 79 insertions, 79 deletions
diff --git a/config/squid3/34/squid_reverse.inc b/config/squid3/34/squid_reverse.inc
index 3f216296..f583ee12 100755
--- a/config/squid3/34/squid_reverse.inc
+++ b/config/squid3/34/squid_reverse.inc
@@ -31,8 +31,6 @@
 
 function squid_resync_reverse() {
 	global $config;
-	//if(!is_array($valid_acls))
-	//	return;
 
 	//CONFIG FILE
 	if (is_array($config['installedpackages']['squidreversegeneral']))
@@ -46,19 +44,19 @@ function squid_resync_reverse() {
 
 	$conf = "# Reverse Proxy settings\n";
 
-	if(isset($settings["reverse_ssl_cert"]) && $settings["reverse_ssl_cert"] != "none") {
-    	$svr_cert = lookup_cert($settings["reverse_ssl_cert"]);
+	if (isset($settings["reverse_ssl_cert"]) && $settings["reverse_ssl_cert"] != "none") {
+		$svr_cert = lookup_cert($settings["reverse_ssl_cert"]);
 		if ($svr_cert != false) {
-			if(base64_decode($svr_cert['crt'])) {
+			if (base64_decode($svr_cert['crt'])) {
 				file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt",sq_text_area_decode($svr_cert['crt']));
 				$reverse_crt = SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt";
-				}
-			if(base64_decode($svr_cert['prv'])) {
+			}
+			if (base64_decode($svr_cert['prv'])) {
 				file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.key",sq_text_area_decode($svr_cert['prv']));
 				$reverse_key = SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.key";
-       			}
 			}
 		}
+	}
 
 	if (!empty($settings['reverse_int_ca']))
 		file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt","\n" . sq_text_area_decode($settings['reverse_int_ca']),FILE_APPEND | LOCK_EX);
@@ -66,42 +64,41 @@ function squid_resync_reverse() {
 	$ifaces = ($settings['reverse_interface'] ? $settings['reverse_interface'] : 'wan');
 	$real_ifaces = array();
 
-	#set HTTP port and defsite
+	// set HTTP port and defsite
 	$http_port=(empty($settings['reverse_http_port'])?"80":$settings['reverse_http_port']);
 	$http_defsite=(empty($settings['reverse_http_defsite'])?$settings['reverse_external_fqdn']:$settings['reverse_http_defsite']);
 
-	#set HTTPS port and defsite
+	// set HTTPS port and defsite
 	$https_port=(empty($settings['reverse_https_port'])?"443":$settings['reverse_https_port']);
 	$https_defsite=(empty($settings['reverse_https_defsite'])?$settings['reverse_external_fqdn']:$settings['reverse_https_defsite']);
 
 	foreach (explode(",", $ifaces) as $i => $iface) {
 		$real_ifaces[] = squid_get_real_interface_address($iface);
-		if($real_ifaces[$i][0]) {
-		      //HTTP
-		      if (!empty($settings['reverse_http']) OR ($settings['reverse_owa_autodiscover'] == 'on'))
-		      		$conf .= "http_port {$real_ifaces[$i][0]}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
-		      //HTTPS
-		      if (!empty($settings['reverse_https']))
-		      		$conf .= "https_port {$real_ifaces[$i][0]}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite} vhost\n";
-			}
+		if ($real_ifaces[$i][0]) {
+			//HTTP
+			if (!empty($settings['reverse_http']) OR ($settings['reverse_owa_autodiscover'] == 'on'))
+				$conf .= "http_port {$real_ifaces[$i][0]}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
+			//HTTPS
+			if (!empty($settings['reverse_https']))
+				$conf .= "https_port {$real_ifaces[$i][0]}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite} vhost\n";
 		}
+	}
 
-	if(!empty($settings['reverse_ip'])) {
+	if (!empty($settings['reverse_ip'])) {
 		$reverse_ip = explode(";", ($settings['reverse_ip']));
 		foreach ($reverse_ip as $reip) {
-		      //HTTP
-		      if (!empty($settings['reverse_http']) OR ($settings['reverse_owa_autodiscover'] == 'on'))
-		      		$conf .= "http_port {$reip}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
-		      //HTTPS
-		      if (!empty($settings['reverse_https']))
-		      		$conf .= "https_port {$reip}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite} vhost\n";
-			}
-	 	}
+			//HTTP
+			if (!empty($settings['reverse_http']) OR ($settings['reverse_owa_autodiscover'] == 'on'))
+				$conf .= "http_port {$reip}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
+			//HTTPS
+			if (!empty($settings['reverse_https']))
+				$conf .= "https_port {$reip}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite} vhost\n";
+		}
+	}
 
 	//PEERS
- 	if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])))
-
-		if(!empty($settings['reverse_owa_ip'])) {
+	if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip']))) {
+		if (!empty($settings['reverse_owa_ip'])) {
 			$reverse_owa_ip = explode(";", ($settings['reverse_owa_ip']));
 			$casnr = 0;
 			foreach ($reverse_owa_ip as $reowaip) {
@@ -110,36 +107,38 @@ function squid_resync_reverse() {
 				$conf .= "cache_peer {$reowaip} parent 80 0 proxy-only no-query no-digest originserver login=PASSTHRU connection-auth=on name=OWA_HOST_80_{$casnr}_pfs\n";
 			}
 		}
+	}
 
- 	$active_peers=array();
- 	if (is_array($reverse_peers))
- 	 foreach ($reverse_peers as $rp){
- 		if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){
- 			$conf_peer = "#{$rp['description']}\n";
- 			$conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASSTHRU connection-auth=on round-robin ";
- 			if($rp['protocol'] == 'HTTPS')
-	            	$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
+	$active_peers=array();
+	if (is_array($reverse_peers)) {
+		foreach ($reverse_peers as $rp) {
+		if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !="") {
+			$conf_peer = "#{$rp['description']}\n";
+			$conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASSTHRU connection-auth=on round-robin ";
+			if ($rp['protocol'] == 'HTTPS')
+				$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
 			$conf_peer .= "name=rvp_{$rp['name']}\n\n";
 
 			// add peer only if reverse proxy is enabled for http
-			if($rp['protocol'] == 'HTTP' && $settings['reverse_http'] =="on"){
+			if ($rp['protocol'] == 'HTTP' && $settings['reverse_http'] =="on") {
 				$conf .= $conf_peer;
 				array_push($active_peers,$rp['name']);
-				}
+			}
 			// add peer only if if reverse proxy is enabled for https
-			if($rp['protocol'] == 'HTTPS' && $settings['reverse_https'] =="on"){
-				if (!in_array($rp['name'],$active_peers)){
+			if ($rp['protocol'] == 'HTTPS' && $settings['reverse_https'] =="on") {
+				if (!in_array($rp['name'],$active_peers)) {
 					$conf .= $conf_peer;
- 					array_push($active_peers,$rp['name']);
+					array_push($active_peers,$rp['name']);
 					}
 				}
- 			}
- 	}
+			}
+		}
+	}
 
 	//REDIRECTS
 	if (is_array($reverse_redir)) {
 		foreach ($reverse_redir as $rdr) {
-			if($rdr['enable'] == "on" && $rdr['name'] != "" && $rdr['pathregex'] != "" && $rdr['redirurl'] != "") {
+			if ($rdr['enable'] == "on" && $rdr['name'] != "" && $rdr['pathregex'] != "" && $rdr['redirurl'] != "") {
 				$conf_rdr = "# Redirect: {$rdr['description']}\n";
 
 				if (is_array($rdr['row'])) {
@@ -152,11 +151,11 @@ function squid_resync_reverse() {
 				$conf_rdr .= "deny_info {$rdr['redirurl']} rdr_path_{$rdr['name']}\n";
 
 				foreach (explode(',', $rdr['protocol']) as $rdr_protocol) {
-					if($rdr_protocol == "HTTP") {
+					if ($rdr_protocol == "HTTP") {
 						$conf_rdr .= "http_access deny HTTP rdr_dst_{$rdr['name']} rdr_path_{$rdr['name']}\n";
 					}
 
-					if($rdr_protocol == "HTTPS") {
+					if ($rdr_protocol == "HTTPS") {
 						$conf_rdr .= "http_access deny HTTPS rdr_dst_{$rdr['name']} rdr_path_{$rdr['name']}\n";
 					}
 				}
@@ -170,24 +169,24 @@ function squid_resync_reverse() {
 
 	//ACLS and MAPPINGS
 
- 	//create an empty owa_dirs to populate based on user selected options
+	//create an empty owa_dirs to populate based on user selected options
 	$owa_dirs=array();
-	if (($settings['reverse_owa'] == 'on') && $settings['reverse_https'] =="on"){
-		if(!empty($settings['reverse_owa_ip'])){
+	if (($settings['reverse_owa'] == 'on') && $settings['reverse_https'] =="on") {
+		if (!empty($settings['reverse_owa_ip'])) {
 			array_push($owa_dirs,'owa','exchange','public','exchweb','ecp','OAB');
-			if($settings['reverse_owa_activesync'])
-					array_push($owa_dirs,'Microsoft-Server-ActiveSync');
-			if($settings['reverse_owa_rpchttp'])
-					array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll');
-			if($settings['reverse_owa_mapihttp'])
-					array_push($owa_dirs,'mapi');
-			if($settings['reverse_owa_webservice']){
-					array_push($owa_dirs,'EWS');
-					}
-			}
-		if (is_array($owa_dirs))
-		  foreach ($owa_dirs as $owa_dir)
-			$conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/$owa_dir.*$\n";
+			if ($settings['reverse_owa_activesync'])
+				array_push($owa_dirs,'Microsoft-Server-ActiveSync');
+			if ($settings['reverse_owa_rpchttp'])
+				array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll');
+			if ($settings['reverse_owa_mapihttp'])
+				array_push($owa_dirs,'mapi');
+			if ($settings['reverse_owa_webservice'])
+				array_push($owa_dirs,'EWS');
+		}
+		if (is_array($owa_dirs)) {
+			foreach ($owa_dirs as $owa_dir)
+				$conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/$owa_dir.*$\n";
+		}
 
 		if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_autodiscover'] == 'on')) {
 			$reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.');
@@ -195,36 +194,36 @@ function squid_resync_reverse() {
 			$conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n";
 			$conf .= "acl OWA_URI_pfs url_regex -i ^http://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n";
 			$conf .= "acl OWA_URI_pfs url_regex -i ^https://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n";
-			}
 		}
+	}
 	//$conf .= "ssl_unclean_shutdown on";
-	if (is_array($reverse_maps))
-	 foreach ($reverse_maps as $rm){
-		if ($rm['enable'] == "on" && $rm['name']!="" && $rm['peers']!=""){
-		    if (is_array($rm['row']))
-				foreach ($rm['row'] as $uri){
+	if (is_array($reverse_maps)) {
+		foreach ($reverse_maps as $rm) {
+			if ($rm['enable'] == "on" && $rm['name']!="" && $rm['peers']!="" && is_array($rm['row'])) {
+				foreach ($rm['row'] as $uri) {
 					$url_regex=($uri['uri'] == '' ? $settings['reverse_external_fqdn'] : $uri['uri'] );
 					//$conf .= "acl rvm_{$rm['name']} url_regex -i {$uri['uri']}{$url_regex}.*$\n";
 					$conf .= "acl rvm_{$rm['name']} url_regex -i {$url_regex}\n";
-					if($rm['name'] != $last_rm_name){
+					if ($rm['name'] != $last_rm_name) {
 						$cache_peer_never_direct_conf .= "never_direct allow rvm_{$rm['name']}\n";
 						$http_access_conf .= "http_access allow rvm_{$rm['name']}\n";
-						foreach (explode(',',$rm['peers']) as $map_peer)
-							if (in_array($map_peer,$active_peers)){
+						foreach (explode(',',$rm['peers']) as $map_peer) {
+							if (in_array($map_peer,$active_peers)) {
 								$cache_peer_allow_conf .= "cache_peer_access rvp_{$map_peer} allow rvm_{$rm['name']}\n";
 								$cache_peer_deny_conf .= "cache_peer_access rvp_{$map_peer} deny allsrc\n";
 							}
-						$last_rm_name=$rm['name'];
 						}
+						$last_rm_name=$rm['name'];
+					}
 				}
-	 	}
+			}
+		}
 	}
 
 	//ACCESS
-  	if ($settings['reverse_owa'] == 'on' && !empty($settings['reverse_owa_ip']) && $settings['reverse_https'] =="on") {
+	if ($settings['reverse_owa'] == 'on' && !empty($settings['reverse_owa_ip']) && $settings['reverse_https'] =="on") {
 
-		for($cascnt=1;$cascnt<$casnr+1;$cascnt++)
-		{
+		for ($cascnt=1;$cascnt<$casnr+1;$cascnt++) {
 			$conf .= "cache_peer_access OWA_HOST_443_{$cascnt}_pfs allow OWA_URI_pfs\n";
 			$conf .= "cache_peer_access OWA_HOST_80_{$cascnt}_pfs allow OWA_URI_pfs\n";
 			$conf .= "cache_peer_access OWA_HOST_443_{$cascnt}_pfs deny allsrc\n";
@@ -233,7 +232,7 @@ function squid_resync_reverse() {
 
 		$conf .= "never_direct allow OWA_URI_pfs\n";
 		$conf .= "http_access allow OWA_URI_pfs\n";
-		}
+	}
 
 	$conf .= $cache_peer_allow_conf.$cache_peer_deny_conf.$cache_peer_never_direct_conf.$http_access_conf."\n";
 
@@ -242,4 +241,5 @@ function squid_resync_reverse() {
 
 	return $conf;
 }
+
 ?>
author	Renato Botelho <garga@FreeBSD.org>	2015-05-06 15:17:00 -0300
committer	Renato Botelho <garga@FreeBSD.org>	2015-05-06 15:17:00 -0300
commit	96c279c128119183a57378a6c42907c606586252 (patch)
tree	ef1486e449ba86b2cbf3a2da1ce045b3d38f1c96 /config
parent	45e19a94127f35a0f5614589ec81684d08f58e4f (diff)
download	pfsense-packages-96c279c128119183a57378a6c42907c606586252.tar.gz pfsense-packages-96c279c128119183a57378a6c42907c606586252.tar.bz2 pfsense-packages-96c279c128119183a57378a6c42907c606586252.zip