diff options
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 23 | ||||
-rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 4 |
2 files changed, 20 insertions, 7 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index cd436929..a69826ba 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -132,7 +132,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke } // lookup user certificate info - if ($settings['mode'] != "server_user") { + if ($settings['mode'] == "server_tls_user") { if ($settings['authmode'] == "Local Database") { $cert = $user['cert'][$crtid]; } else { @@ -143,6 +143,10 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); + } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { + $cert = $config['cert'][$crtid]; + if (!$cert) + return false; } else $nokeys = true; @@ -315,7 +319,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset } // lookup user certificate info - if ($settings['mode'] != "server_user") { + if ($settings['mode'] == "server_tls_user") { if ($settings['authmode'] == "Local Database") { $cert = $user['cert'][$crtid]; } else { @@ -326,6 +330,10 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); + } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { + $cert = $config['cert'][$crtid]; + if (!$cert) + return false; } else $nokeys = true; @@ -350,7 +358,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset $pwdfle .= "{$proxy['password']}\r\n"; file_put_contents("{$confdir}/{$proxy['passwdfile']}", $pwdfle); } - $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, false, "", false, $doslines=true, $advancedoptions); + $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, false, "", false, true, $advancedoptions); if (!$conf) { $input_errors[] = "Could not create a config to export."; return false; @@ -442,7 +450,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead } // lookup user certificate info - if ($settings['mode'] != "server_user") { + if ($settings['mode'] == "server_tls_user") { if ($settings['authmode'] == "Local Database") { $cert = $user['cert'][$crtid]; } else { @@ -453,7 +461,12 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); - } + } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { + $cert = $config['cert'][$crtid]; + if (!$cert) + return false; + } else + $nokeys = true; // create template directory mkdir($tempdir, 0700, true); diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index 98d4fafc..5a41b85d 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -59,7 +59,7 @@ foreach($a_server as $sindex => $server) { $ras_certs = array(); if (stripos($server['mode'], "server") === false) continue; - if ($server['authmode'] == "Local Database" && ($server['mode'] != "server_user")) { + if (($server['mode'] == "server_tls_user") && ($server['authmode'] == "Local Database")) { foreach($a_user as $uindex => $user) { if (!is_array($user['cert'])) continue; @@ -78,7 +78,7 @@ foreach($a_server as $sindex => $server) { $ras_user[] = $ras_userent; } } - } elseif ((!empty($server['authmode']) && ($server['mode'] != "server_user")) || ($server['mode'] == "server_tls")) { + } elseif (($server['mode'] == "server_tls") || (($server['mode'] == "server_tls_user") && ($server['authmode'] != "Local Database"))) { foreach($a_cert as $cindex => $cert) { if ($cert['caref'] != $server['caref']) continue; |