diff options
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 73 | ||||
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.xml | 2 | ||||
-rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 22 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
5 files changed, 98 insertions, 3 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index c2082374..97e3f4cb 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -231,6 +231,18 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke $conf .= "ca [inline]{$nl}"; $conf .= "cert [inline]{$nl}"; $conf .= "key [inline]{$nl}"; + } elseif ($expformat == "yealink_t28") { + $conf .= "ca /yealink/config/openvpn/keys/ca.crt{$nl}"; + $conf .= "cert /yealink/config/openvpn/keys/client1.crt{$nl}"; + $conf .= "key /yealink/config/openvpn/keys/client1.key{$nl}"; + } elseif ($expformat == "yealink_t38g") { + $conf .= "ca /phone/config/openvpn/keys/ca.crt{$nl}"; + $conf .= "cert /phone/config/openvpn/keys/client1.crt{$nl}"; + $conf .= "key /phone/config/openvpn/keys/client1.key{$nl}"; + } elseif ($expformat == "snom") { + $conf .= "ca /openvpn/ca.crt{$nl}"; + $conf .= "cert /openvpn/phone1.crt{$nl}"; + $conf .= "key /openvpn/phone1.key{$nl}"; } elseif ($usetoken) { $conf .= "ca {$cafile}{$nl}"; $conf .= "cryptoapicert \"SUBJ:{$user['name']}\"{$nl}"; @@ -247,6 +259,12 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke if ($settings['tls'] && !$skiptls) { if ($expformat == "inline") $conf .= "tls-auth [inline] 1{$nl}"; + elseif ($expformat == "yealink_t28") + $conf .= "tls-auth /yealink/config/openvpn/keys/ta.key 1{$nl}"; + elseif ($expformat == "yealink_t38g") + $conf .= "tls-auth /phone/config/openvpn/keys/ta.key 1{$nl}"; + elseif ($expformat == "snom") + $conf .= "tls-auth /openvpn/ta.key 1{$nl}"; else $conf .= "tls-auth {$prefix}-tls.key 1{$nl}"; } @@ -322,6 +340,61 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke if ($settings['tls']) { $conf .= "<tls-auth>{$nl}" . base64_decode($settings['tls']) . "</tls-auth>{$nl} key-direction 1{$nl}"; } + case "yealink_t28": + case "yealink_t38g": + // create template directory + $tempdir = "{$g['tmp_path']}/{$prefix}"; + $keydir = "{$tempdir}/keys"; + mkdir($tempdir, 0700, true); + mkdir($keydir, 0700, true); + + file_put_contents("{$tempdir}/vpn.cnf", $conf); + + $cafile = "{$keydir}/ca.crt"; + file_put_contents("{$cafile}", base64_decode($server_ca['crt'])); + if ($settings['tls']) { + $tlsfile = "{$keydir}/ta.key"; + file_put_contents($tlsfile, base64_decode($settings['tls'])); + } + + // write key files + if ($settings['mode'] != "server_user") { + $crtfile = "{$keydir}/client1.crt"; + file_put_contents($crtfile, base64_decode($cert['crt'])); + $keyfile = "{$keydir}/client1.key"; + file_put_contents($keyfile, base64_decode($cert['prv'])); + } + exec("tar -C {$tempdir} -cf {$g['tmp_path']}/client.tar ./keys ./vpn.cnf"); + // Remove temporary directory + exec("rm -rf {$tempdir}"); + return $g['tmp_path'] . "/client.tar"; + break; + case "snom": + // create template directory + $tempdir = "{$g['tmp_path']}/{$prefix}"; + mkdir($tempdir, 0700, true); + + file_put_contents("{$tempdir}/vpn.cnf", $conf); + + $cafile = "{$tempdir}/ca.crt"; + file_put_contents("{$cafile}", base64_decode($server_ca['crt'])); + if ($settings['tls']) { + $tlsfile = "{$tempdir}/ta.key"; + file_put_contents($tlsfile, base64_decode($settings['tls'])); + } + + // write key files + if ($settings['mode'] != "server_user") { + $crtfile = "{$tempdir}/phone1.crt"; + file_put_contents($crtfile, base64_decode($cert['crt'])); + $keyfile = "{$tempdir}/phone1.key"; + file_put_contents($keyfile, base64_decode($cert['prv'])); + } + exec("cd {$tempdir}/ && tar -cf {$g['tmp_path']}/vpnclient.tar *"); + // Remove temporary directory + exec("rm -rf {$tempdir}"); + return $g['tmp_path'] . "/vpnclient.tar"; + break; default: return $conf; } diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml index ced96bfe..605bc190 100755 --- a/config/openvpn-client-export/openvpn-client-export.xml +++ b/config/openvpn-client-export/openvpn-client-export.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8" ?> <packagegui> <name>OpenVPN Client Export</name> - <version>0.10</version> + <version>0.20</version> <title>OpenVPN Client Export</title> <include_file>/usr/local/pkg/openvpn-client-export.inc</include_file> <backup_file></backup_file> diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index dd56ee0e..fa3bcb9c 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -140,6 +140,8 @@ if (!empty($act)) { $usetoken = $_GET['usetoken']; if ($usetoken && ($act == "confinline")) $input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration."; + if ($usetoken && (($act == "conf_yealink_t28") || ($act == "conf_yealink_t38g") || ($act == "conf_snom"))) + $input_errors[] = "You cannot use Microsoft Certificate Storage with a Yealink or SNOM configuration."; $password = ""; if ($_GET['password']) $password = $_GET['password']; @@ -176,6 +178,18 @@ if (!empty($act)) { $exp_name = urlencode($exp_name."-config.zip"); $expformat = "zip"; break; + case "conf_yealink_t28": + $exp_name = urlencode("client.tar"); + $expformat = "yealink_t28"; + break; + case "conf_yealink_t38g": + $exp_name = urlencode("client.tar"); + $expformat = "yealink_t38g"; + break; + case "conf_snom": + $exp_name = urlencode("vpnclient.tar"); + $expformat = "snom"; + break; case "confinline": $exp_name = urlencode($exp_name."-config.ovpn"); $expformat = "inline"; @@ -413,6 +427,14 @@ function server_changed() { cell2.innerHTML += "<a href='javascript:download_begin(\"inst\", -1," + j + ")'>Windows Installer</a>"; cell2.innerHTML += "<br/>"; cell2.innerHTML += "<a href='javascript:download_begin(\"visc\", -1," + j + ")'>Viscosity Bundle</a>"; + if (servers[index][2] == "server_tls") { + cell2.innerHTML += "<br/>Yealink SIP Handset: "; + cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t28\", -1," + j + ")'>T28</a>"; + cell2.innerHTML += " "; + cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g\", -1," + j + ")'>T38G</a>"; + cell2.innerHTML += "<br/>"; + cell2.innerHTML += "<a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>"; + } } if (servers[index][2] == 'server_user') { var row = table.insertRow(table.rows.length); diff --git a/pkg_config.8.xml b/pkg_config.8.xml index e2ac0a90..da8430ce 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -1336,7 +1336,7 @@ <depends_on_package_pbi>zip-3.0-i386.pbi p7zip-9.20.1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/archivers/p7zip</build_port_path> <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>0.10</version> + <version>0.20</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index e907932f..344f6c7d 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1323,7 +1323,7 @@ <depends_on_package_pbi>p7zip-9.20.1-amd64.pbi zip-3.0-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/archivers/p7zip</build_port_path> <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>0.10</version> + <version>0.20</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> |