diff options
Diffstat (limited to 'config/openvpn-client-export')
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 77 | ||||
-rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 53 |
2 files changed, 110 insertions, 20 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 34b0a675..16d4de15 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -253,4 +253,81 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset return $outfile; } +function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $outpass) { + global $config, $g; + + $ovpndir = "/usr/local/share/openvpn/"; + $tempdir = $g['tmp_path']."/openvpn-export-".uniqid(); + + // lookup server settings + $settings = $config['openvpn']['openvpn-server'][$srvid]; + if (empty($settings)) + return false; + if ($settings['disable']) + return false; + + // lookup server certificate info + $server_cert =& lookup_cert($settings['certref']); + $server_ca =& lookup_ca($server_cert['caref']); + if (!$server_cert || !$server_ca) + return false; + + // lookup user info + $user =& $config['system']['user'][$usrid]; + if (!$user) + return false; + + // lookup user certificate info + $cert =& $user['cert'][$crtid]; + if (!$cert) + return false; + + // create template directory + mkdir($tempdir, 0700, true); + + // create config directory + $confdir = "{$tempdir}/config"; + if (!is_dir($conf_dir)) + mkdir($confdir, 0700, true); + + // write cofiguration file + $prefix = openvpn_client_export_prefix($srvid); + $cfgfile = "{$confdir}/config.conf"; + $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken); + if (!$conf) + return false; + file_put_contents($cfgfile, $conf); + + // write key files + $cafile = "{$tempdir}/config/{$prefix}-ca.crt"; + file_put_contents($cafile, base64_decode($server_ca['crt'])); + $crtfile = "{$tempdir}/config/{$prefix}-{$user['name']}.crt"; + file_put_contents($crtfile, base64_decode($cert['crt'])); + $keyfile = "{$tempdir}/config/{$prefix}-{$user['name']}.key"; + file_put_contents($keyfile, base64_decode($cert['prv'])); + if ($settings['tls']) { + $tlsfile = "{$tempdir}/config/{$prefix}-tls.key"; + file_put_contents($tlsfile, base64_decode($settings['tls'])); + } + + // convert to pkcs12 format + $p12file = "{$tempdir}/config/{$prefix}.p12"; + if ($usetoken) + openvpn_client_pem_to_pk12($p12file, $outpass, $crtfile, $keyfile); + else + openvpn_client_pem_to_pk12($p12file, $outpass, $crtfile, $keyfile, $cafile); + + // Zip Viscosity file + exec("/usr/local/bin/zip {$tempdir} {$tempdir}.zip"); + + // Read in file and deliver to client + $outfile = file_get_contents("{$tempdir}.zip"); + + // Remove temporary directory + exec("rm -rf {$tempdir} {$tempdir}.zip"); + + return $outfile; + +} + ?>
\ No newline at end of file diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index 95db34d1..1ebeb8fb 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -29,15 +29,10 @@ DISABLE_PHP_LINT_CHECKING */ +require("globals.inc"); require("guiconfig.inc"); require("openvpn-client-export.inc"); -// Handle Viscosiy upload -if (is_uploaded_file($_FILES['ulfile']['tmp_name'])) { - rename($_FILES['ulfile']['tmp_name'], "{$g['upload_path']}/viscosity.zip"); - -} - $pgtitle = array("OpenVPN", "Client Export Utility"); if (!is_array($config['openvpn']['openvpn-server'])) @@ -115,6 +110,33 @@ if($act == "conf") { exit; } +if($act == "visc") { + $srvid = $_GET['srvid']; + $usrid = $_GET['usrid']; + $crtid = $_GET['crtid']; + if (($srvid === false) || ($usrid === false) || ($crtid === false)) { + pfSenseHeader("vpn_openvpn_export.php"); + exit; + } + $useaddr = $_GET['useaddr']; + $usetoken = $_GET['usetoken']; + $password = ""; + if ($_GET['password']) + $password = $_GET['password']; ; + + $exp_name = openvpn_client_export_prefix($srvid); + $exp_name = urlencode($exp_name."-Viscosity.visc"); + $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $password); + $exp_size = filesize($exp_path); + + header("Content-Type: application/octet-stream"); + header("Content-Disposition: attachment; filename={$exp_name}"); + header("Content-Length: $exp_size"); + readfile($exp_path); + unlink($exp_path); + exit; +} + if($act == "inst") { $srvid = $_GET['srvid']; $usrid = $_GET['usrid']; @@ -149,6 +171,7 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <script language="JavaScript"> + var viscosityAvailable = false; <!-- var servers = new Array(); @@ -227,6 +250,10 @@ function server_changed() { cell2.innerHTML = "<a href='javascript:download_begin(\"conf\"," + i + ")'>Configuration</a>"; cell2.innerHTML += " / "; cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ")'>Windows Installer</a>"; + + cell2.innerHTML += " / "; + cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ")'>Viscosity Bundle</a>"; + } } @@ -341,23 +368,9 @@ function usepass_changed() { </table> </td> </tr> - <tr> <td colspan="2" class="list" height="12"> </td> </tr> - <?php if(is_dir("/usr/local/share/openvpn")): ?> - - <?php else: ?> - <form action="vpn_openvpn_export.php" method="post" enctype="multipart/form-data"> - <strong>Zipped Viscosity file:</strong> - <input name="ulfile" type="file" class="formfld"> - </form> - <?php endif; ?> - <tr> - <td colspan="2" class="list" height="12"> </td> - </tr> - - <tr> <td colspan="2" valign="top" class="listtopic">Client Install Packages</td> </tr> |