aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc73
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.xml2
-rwxr-xr-xconfig/openvpn-client-export/vpn_openvpn_export.php22
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
5 files changed, 98 insertions, 3 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index c2082374..97e3f4cb 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -231,6 +231,18 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
$conf .= "ca [inline]{$nl}";
$conf .= "cert [inline]{$nl}";
$conf .= "key [inline]{$nl}";
+ } elseif ($expformat == "yealink_t28") {
+ $conf .= "ca /yealink/config/openvpn/keys/ca.crt{$nl}";
+ $conf .= "cert /yealink/config/openvpn/keys/client1.crt{$nl}";
+ $conf .= "key /yealink/config/openvpn/keys/client1.key{$nl}";
+ } elseif ($expformat == "yealink_t38g") {
+ $conf .= "ca /phone/config/openvpn/keys/ca.crt{$nl}";
+ $conf .= "cert /phone/config/openvpn/keys/client1.crt{$nl}";
+ $conf .= "key /phone/config/openvpn/keys/client1.key{$nl}";
+ } elseif ($expformat == "snom") {
+ $conf .= "ca /openvpn/ca.crt{$nl}";
+ $conf .= "cert /openvpn/phone1.crt{$nl}";
+ $conf .= "key /openvpn/phone1.key{$nl}";
} elseif ($usetoken) {
$conf .= "ca {$cafile}{$nl}";
$conf .= "cryptoapicert \"SUBJ:{$user['name']}\"{$nl}";
@@ -247,6 +259,12 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
if ($settings['tls'] && !$skiptls) {
if ($expformat == "inline")
$conf .= "tls-auth [inline] 1{$nl}";
+ elseif ($expformat == "yealink_t28")
+ $conf .= "tls-auth /yealink/config/openvpn/keys/ta.key 1{$nl}";
+ elseif ($expformat == "yealink_t38g")
+ $conf .= "tls-auth /phone/config/openvpn/keys/ta.key 1{$nl}";
+ elseif ($expformat == "snom")
+ $conf .= "tls-auth /openvpn/ta.key 1{$nl}";
else
$conf .= "tls-auth {$prefix}-tls.key 1{$nl}";
}
@@ -322,6 +340,61 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
if ($settings['tls']) {
$conf .= "<tls-auth>{$nl}" . base64_decode($settings['tls']) . "</tls-auth>{$nl} key-direction 1{$nl}";
}
+ case "yealink_t28":
+ case "yealink_t38g":
+ // create template directory
+ $tempdir = "{$g['tmp_path']}/{$prefix}";
+ $keydir = "{$tempdir}/keys";
+ mkdir($tempdir, 0700, true);
+ mkdir($keydir, 0700, true);
+
+ file_put_contents("{$tempdir}/vpn.cnf", $conf);
+
+ $cafile = "{$keydir}/ca.crt";
+ file_put_contents("{$cafile}", base64_decode($server_ca['crt']));
+ if ($settings['tls']) {
+ $tlsfile = "{$keydir}/ta.key";
+ file_put_contents($tlsfile, base64_decode($settings['tls']));
+ }
+
+ // write key files
+ if ($settings['mode'] != "server_user") {
+ $crtfile = "{$keydir}/client1.crt";
+ file_put_contents($crtfile, base64_decode($cert['crt']));
+ $keyfile = "{$keydir}/client1.key";
+ file_put_contents($keyfile, base64_decode($cert['prv']));
+ }
+ exec("tar -C {$tempdir} -cf {$g['tmp_path']}/client.tar ./keys ./vpn.cnf");
+ // Remove temporary directory
+ exec("rm -rf {$tempdir}");
+ return $g['tmp_path'] . "/client.tar";
+ break;
+ case "snom":
+ // create template directory
+ $tempdir = "{$g['tmp_path']}/{$prefix}";
+ mkdir($tempdir, 0700, true);
+
+ file_put_contents("{$tempdir}/vpn.cnf", $conf);
+
+ $cafile = "{$tempdir}/ca.crt";
+ file_put_contents("{$cafile}", base64_decode($server_ca['crt']));
+ if ($settings['tls']) {
+ $tlsfile = "{$tempdir}/ta.key";
+ file_put_contents($tlsfile, base64_decode($settings['tls']));
+ }
+
+ // write key files
+ if ($settings['mode'] != "server_user") {
+ $crtfile = "{$tempdir}/phone1.crt";
+ file_put_contents($crtfile, base64_decode($cert['crt']));
+ $keyfile = "{$tempdir}/phone1.key";
+ file_put_contents($keyfile, base64_decode($cert['prv']));
+ }
+ exec("cd {$tempdir}/ && tar -cf {$g['tmp_path']}/vpnclient.tar *");
+ // Remove temporary directory
+ exec("rm -rf {$tempdir}");
+ return $g['tmp_path'] . "/vpnclient.tar";
+ break;
default:
return $conf;
}
diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml
index ced96bfe..605bc190 100755
--- a/config/openvpn-client-export/openvpn-client-export.xml
+++ b/config/openvpn-client-export/openvpn-client-export.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
<name>OpenVPN Client Export</name>
- <version>0.10</version>
+ <version>0.20</version>
<title>OpenVPN Client Export</title>
<include_file>/usr/local/pkg/openvpn-client-export.inc</include_file>
<backup_file></backup_file>
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index dd56ee0e..fa3bcb9c 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -140,6 +140,8 @@ if (!empty($act)) {
$usetoken = $_GET['usetoken'];
if ($usetoken && ($act == "confinline"))
$input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration.";
+ if ($usetoken && (($act == "conf_yealink_t28") || ($act == "conf_yealink_t38g") || ($act == "conf_snom")))
+ $input_errors[] = "You cannot use Microsoft Certificate Storage with a Yealink or SNOM configuration.";
$password = "";
if ($_GET['password'])
$password = $_GET['password'];
@@ -176,6 +178,18 @@ if (!empty($act)) {
$exp_name = urlencode($exp_name."-config.zip");
$expformat = "zip";
break;
+ case "conf_yealink_t28":
+ $exp_name = urlencode("client.tar");
+ $expformat = "yealink_t28";
+ break;
+ case "conf_yealink_t38g":
+ $exp_name = urlencode("client.tar");
+ $expformat = "yealink_t38g";
+ break;
+ case "conf_snom":
+ $exp_name = urlencode("vpnclient.tar");
+ $expformat = "snom";
+ break;
case "confinline":
$exp_name = urlencode($exp_name."-config.ovpn");
$expformat = "inline";
@@ -413,6 +427,14 @@ function server_changed() {
cell2.innerHTML += "<a href='javascript:download_begin(\"inst\", -1," + j + ")'>Windows Installer</a>";
cell2.innerHTML += "<br/>";
cell2.innerHTML += "<a href='javascript:download_begin(\"visc\", -1," + j + ")'>Viscosity Bundle</a>";
+ if (servers[index][2] == "server_tls") {
+ cell2.innerHTML += "<br/>Yealink SIP Handset: &nbsp;&nbsp;";
+ cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t28\", -1," + j + ")'>T28</a>";
+ cell2.innerHTML += "&nbsp;&nbsp; ";
+ cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g\", -1," + j + ")'>T38G</a>";
+ cell2.innerHTML += "<br/>";
+ cell2.innerHTML += "<a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>";
+ }
}
if (servers[index][2] == 'server_user') {
var row = table.insertRow(table.rows.length);
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index e2ac0a90..da8430ce 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -1336,7 +1336,7 @@
<depends_on_package_pbi>zip-3.0-i386.pbi p7zip-9.20.1-i386.pbi</depends_on_package_pbi>
<build_port_path>/usr/ports/archivers/p7zip</build_port_path>
<build_port_path>/usr/ports/archivers/zip</build_port_path>
- <version>0.10</version>
+ <version>0.20</version>
<status>BETA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index e907932f..344f6c7d 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -1323,7 +1323,7 @@
<depends_on_package_pbi>p7zip-9.20.1-amd64.pbi zip-3.0-amd64.pbi</depends_on_package_pbi>
<build_port_path>/usr/ports/archivers/p7zip</build_port_path>
<build_port_path>/usr/ports/archivers/zip</build_port_path>
- <version>0.10</version>
+ <version>0.20</version>
<status>BETA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file>