aboutsummaryrefslogtreecommitdiffstats
path: root/config/openvpn-client-export
diff options
context:
space:
mode:
Diffstat (limited to 'config/openvpn-client-export')
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc77
-rwxr-xr-xconfig/openvpn-client-export/vpn_openvpn_export.php53
2 files changed, 110 insertions, 20 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 34b0a675..16d4de15 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -253,4 +253,81 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
return $outfile;
}
+function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $outpass) {
+ global $config, $g;
+
+ $ovpndir = "/usr/local/share/openvpn/";
+ $tempdir = $g['tmp_path']."/openvpn-export-".uniqid();
+
+ // lookup server settings
+ $settings = $config['openvpn']['openvpn-server'][$srvid];
+ if (empty($settings))
+ return false;
+ if ($settings['disable'])
+ return false;
+
+ // lookup server certificate info
+ $server_cert =& lookup_cert($settings['certref']);
+ $server_ca =& lookup_ca($server_cert['caref']);
+ if (!$server_cert || !$server_ca)
+ return false;
+
+ // lookup user info
+ $user =& $config['system']['user'][$usrid];
+ if (!$user)
+ return false;
+
+ // lookup user certificate info
+ $cert =& $user['cert'][$crtid];
+ if (!$cert)
+ return false;
+
+ // create template directory
+ mkdir($tempdir, 0700, true);
+
+ // create config directory
+ $confdir = "{$tempdir}/config";
+ if (!is_dir($conf_dir))
+ mkdir($confdir, 0700, true);
+
+ // write cofiguration file
+ $prefix = openvpn_client_export_prefix($srvid);
+ $cfgfile = "{$confdir}/config.conf";
+ $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken);
+ if (!$conf)
+ return false;
+ file_put_contents($cfgfile, $conf);
+
+ // write key files
+ $cafile = "{$tempdir}/config/{$prefix}-ca.crt";
+ file_put_contents($cafile, base64_decode($server_ca['crt']));
+ $crtfile = "{$tempdir}/config/{$prefix}-{$user['name']}.crt";
+ file_put_contents($crtfile, base64_decode($cert['crt']));
+ $keyfile = "{$tempdir}/config/{$prefix}-{$user['name']}.key";
+ file_put_contents($keyfile, base64_decode($cert['prv']));
+ if ($settings['tls']) {
+ $tlsfile = "{$tempdir}/config/{$prefix}-tls.key";
+ file_put_contents($tlsfile, base64_decode($settings['tls']));
+ }
+
+ // convert to pkcs12 format
+ $p12file = "{$tempdir}/config/{$prefix}.p12";
+ if ($usetoken)
+ openvpn_client_pem_to_pk12($p12file, $outpass, $crtfile, $keyfile);
+ else
+ openvpn_client_pem_to_pk12($p12file, $outpass, $crtfile, $keyfile, $cafile);
+
+ // Zip Viscosity file
+ exec("/usr/local/bin/zip {$tempdir} {$tempdir}.zip");
+
+ // Read in file and deliver to client
+ $outfile = file_get_contents("{$tempdir}.zip");
+
+ // Remove temporary directory
+ exec("rm -rf {$tempdir} {$tempdir}.zip");
+
+ return $outfile;
+
+}
+
?> \ No newline at end of file
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index 95db34d1..1ebeb8fb 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -29,15 +29,10 @@
DISABLE_PHP_LINT_CHECKING
*/
+require("globals.inc");
require("guiconfig.inc");
require("openvpn-client-export.inc");
-// Handle Viscosiy upload
-if (is_uploaded_file($_FILES['ulfile']['tmp_name'])) {
- rename($_FILES['ulfile']['tmp_name'], "{$g['upload_path']}/viscosity.zip");
-
-}
-
$pgtitle = array("OpenVPN", "Client Export Utility");
if (!is_array($config['openvpn']['openvpn-server']))
@@ -115,6 +110,33 @@ if($act == "conf") {
exit;
}
+if($act == "visc") {
+ $srvid = $_GET['srvid'];
+ $usrid = $_GET['usrid'];
+ $crtid = $_GET['crtid'];
+ if (($srvid === false) || ($usrid === false) || ($crtid === false)) {
+ pfSenseHeader("vpn_openvpn_export.php");
+ exit;
+ }
+ $useaddr = $_GET['useaddr'];
+ $usetoken = $_GET['usetoken'];
+ $password = "";
+ if ($_GET['password'])
+ $password = $_GET['password']; ;
+
+ $exp_name = openvpn_client_export_prefix($srvid);
+ $exp_name = urlencode($exp_name."-Viscosity.visc");
+ $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $password);
+ $exp_size = filesize($exp_path);
+
+ header("Content-Type: application/octet-stream");
+ header("Content-Disposition: attachment; filename={$exp_name}");
+ header("Content-Length: $exp_size");
+ readfile($exp_path);
+ unlink($exp_path);
+ exit;
+}
+
if($act == "inst") {
$srvid = $_GET['srvid'];
$usrid = $_GET['usrid'];
@@ -149,6 +171,7 @@ include("head.inc");
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
<script language="JavaScript">
+ var viscosityAvailable = false;
<!--
var servers = new Array();
@@ -227,6 +250,10 @@ function server_changed() {
cell2.innerHTML = "<a href='javascript:download_begin(\"conf\"," + i + ")'>Configuration</a>";
cell2.innerHTML += "&nbsp;/&nbsp;";
cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ")'>Windows Installer</a>";
+
+ cell2.innerHTML += "&nbsp;/&nbsp;";
+ cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ")'>Viscosity Bundle</a>";
+
}
}
@@ -341,23 +368,9 @@ function usepass_changed() {
</table>
</td>
</tr>
-
<tr>
<td colspan="2" class="list" height="12">&nbsp;</td>
</tr>
- <?php if(is_dir("/usr/local/share/openvpn")): ?>
-
- <?php else: ?>
- <form action="vpn_openvpn_export.php" method="post" enctype="multipart/form-data">
- <strong>Zipped Viscosity file:</strong>
- <input name="ulfile" type="file" class="formfld">
- </form>
- <?php endif; ?>
- <tr>
- <td colspan="2" class="list" height="12">&nbsp;</td>
- </tr>
-
-
<tr>
<td colspan="2" valign="top" class="listtopic">Client Install Packages</td>
</tr>