aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc111
1 files changed, 25 insertions, 86 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 886ebb85..b018d006 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -95,10 +95,8 @@ function openvpn_client_pem_to_pk12($outpath, $outpass, $crtpath, $keypath, $cap
unlink($capath);
}
-function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys = false, $proxy, $zipconf = false, $outpass = "", $skiptls=false, $doslines=false, $advancedoptions = "") {
- global $config, $input_errors, $g;
-
- $nl = ($doslines) ? "\r\n" : "\n";
+function openvpn_client_export_validate_config($srvid, $usrid, $crtid) {
+ global $config, $g, $input_errors;
// lookup server settings
$settings = $config['openvpn']['openvpn-server'][$srvid];
@@ -150,6 +148,21 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
} else
$nokeys = true;
+ return array($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys);
+}
+
+function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys = false, $proxy, $zipconf = false, $outpass = "", $skiptls=false, $doslines=false, $advancedoptions = "") {
+ global $config, $input_errors, $g;
+
+ $nl = ($doslines) ? "\r\n" : "\n";
+
+ $validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
+ if ($validconfig) {
+ list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
+ } else {
+ return false;
+ }
+
// determine basic variables
if ($useaddr == "serveraddr") {
$interface = $settings['interface'];
@@ -298,55 +311,13 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
if (!file_exists($workdir . "/template/openvpn-install.exe"))
openvpn_client_export_install();
- // lookup server settings
- $settings = $config['openvpn']['openvpn-server'][$srvid];
- if (empty($settings)) {
- $input_errors[] = "Could not find a valid server config for id: {$srvid}";
- return false;
- }
- if ($settings['disable']) {
- $input_errors[] = "This server is disabled.";
- return false;
- }
-
- $nokeys = false;
-
- // lookup server certificate info
- $server_cert = lookup_cert($settings['certref']);
- $server_ca = lookup_ca($server_cert['caref']);
- if (!$server_cert || !$server_ca) {
- $input_errors[] = "Could not find a valid certificate.";
+ $validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
+ if ($validconfig) {
+ list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
+ } else {
return false;
}
- // lookup user info
- if ($usrid) {
- $user = $config['system']['user'][$usrid];
- if (!$user) {
- $input_errors[] = "Could not find the details about userid: {$usrid}";
- return false;
- }
- }
-
- // lookup user certificate info
- if ($settings['mode'] == "server_tls_user") {
- if ($settings['authmode'] == "Local Database") {
- $cert = $user['cert'][$crtid];
- } else {
- $cert = $config['cert'][$crtid];
- }
- if (!$cert)
- return false;
- // If $cert is not an array, it's a certref not a cert.
- if (!is_array($cert))
- $cert = lookup_cert($cert);
- } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
- $cert = $config['cert'][$crtid];
- if (!$cert)
- return false;
- } else
- $nokeys = true;
-
// create template directory
$tempdir = $g['tmp_path'] . "/openvpn-export-".uniqid();
mkdir($tempdir, 0700, true);
@@ -439,45 +410,13 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead
$tempdir = $g['tmp_path'] . "/openvpn-export-" . $uniq;
$zipfile = $g['tmp_path'] . "/{$uniq}-Viscosity.visc.zip";
- // lookup server settings
- $settings = $config['openvpn']['openvpn-server'][$srvid];
- if (empty($settings))
+ $validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
+ if ($validconfig) {
+ list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
+ } else {
return false;
- if ($settings['disable'])
- return false;
-
- // lookup server certificate info
- $server_cert = lookup_cert($settings['certref']);
- $server_ca = lookup_ca($server_cert['caref']);
- if (!$server_cert || !$server_ca)
- return false;
-
- // lookup user info
- if ($usrid) {
- $user = $config['system']['user'][$usrid];
- if (!$user)
- return false;
}
- // lookup user certificate info
- if ($settings['mode'] == "server_tls_user") {
- if ($settings['authmode'] == "Local Database") {
- $cert = $user['cert'][$crtid];
- } else {
- $cert = $config['cert'][$crtid];
- }
- if (!$cert)
- return false;
- // If $cert is not an array, it's a certref not a cert.
- if (!is_array($cert))
- $cert = lookup_cert($cert);
- } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
- $cert = $config['cert'][$crtid];
- if (!$cert)
- return false;
- } else
- $nokeys = true;
-
// create template directory
mkdir($tempdir, 0700, true);
mkdir($tempdir . "/Viscosity.visc", 0700, true);