From 05dd30063ea497b34bd0e1899ed975ed382cdf80 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 22 Jan 2013 16:14:38 -0500
Subject: Update OpenVPN Client Export again, rearrange options to make them
 more clear/easy to follow. Also bump version and promote package status to
 reflect how stable it has become.

---
 .../openvpn-client-export.inc                      | 43 ++++++-----
 .../openvpn-client-export.xml                      |  2 +-
 .../openvpn-client-export/vpn_openvpn_export.php   | 84 +++++++++++++++-------
 3 files changed, 84 insertions(+), 45 deletions(-)

(limited to 'config/openvpn-client-export')

diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index c2d3dd40..9e23d3ca 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -170,6 +170,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese
 	global $config, $input_errors, $g;
 
 	$nl = ($doslines) ? "\r\n" : "\n";
+	$conf = "";
 
 	$validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
 	if ($validconfig) {
@@ -195,25 +196,31 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese
 		$server_host = $useaddr;
 
 	$server_port = $settings['local_port'];
-	$proto = (strtoupper($settings['protocol']) == 'UDP' ? 'udp' : "tcp-client");
+	$proto = (strtoupper($settings['protocol']) == 'UDP' ? 'udp' : "tcp");
+	if (($expformat == "inlineios") && ($proto == "tcp-client"))
+		$proto = "tcp";
 
 	$cipher = $settings['crypto'];
 
 	// add basic settings
 	$devmode = empty($settings['dev_mode']) ? "tun" : $settings['dev_mode'];
-	$conf  = "dev {$devmode}{$nl}";
-	if(! empty($settings['tunnel_networkv6'])) {
+	if (($expformat != "inlinedroid") && ($expformat != "inlineios"))
+		$conf .= "dev {$devmode}{$nl}";
+	if(!empty($settings['tunnel_networkv6']) && ($expformat != "inlinedroid") && ($expformat != "inlineios")) {
 		$conf .= "tun-ipv6{$nl}";
 	}
 	$conf .= "persist-tun{$nl}";
 	$conf .= "persist-key{$nl}";
-	$conf .= "proto {$proto}{$nl}";
+
+//	if ((($expformat != "inlinedroid") && ($expformat != "inlineios")) && ($proto == "tcp"))
+//		$conf .= "proto tcp-client{$nl}";
 	$conf .= "cipher {$cipher}{$nl}";
 	$conf .= "tls-client{$nl}";
 	$conf .= "client{$nl}";
-	$conf .= "resolv-retry infinite{$nl}";
-	$conf .= "remote {$server_host} {$server_port}{$nl}";
-	if (!empty($servercn) && ($expformat != "inline")) {
+	if (($expformat != "inlinedroid") && ($expformat != "inlineios"))
+		$conf .= "resolv-retry infinite{$nl}";
+	$conf .= "remote {$server_host} {$server_port} {$proto}{$nl}";
+	if (!empty($servercn) && ($expformat != "inlineios")) {
 		$qw = ($quoteservercn) ? "\"" : "";
 		$conf .= "tls-remote {$qw}{$servercn}{$qw}{$nl}";
 	}
@@ -263,11 +270,11 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese
 		} elseif ($usetoken) {
 			$conf .= "ca {$cafile}{$nl}";
 			$conf .= "cryptoapicert \"SUBJ:{$user['name']}\"{$nl}";
-		} elseif ($expformat != "inline") {
+		} elseif (substr($expformat, 0, 6) != "inline") {
 			$conf .= "pkcs12 {$prefix}.p12{$nl}";
 		}
 	} else if ($settings['mode'] == "server_user") {
-		if ($expformat != "inline")
+		if (substr($expformat, 0, 6) != "inline")
 			$conf .= "ca {$cafile}{$nl}";
 	}
 
@@ -280,7 +287,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese
 			$conf .= "tls-auth /config/openvpn/keys/ta.key 1{$nl}";
 		elseif ($expformat == "snom")
 			$conf .= "tls-auth /openvpn/ta.key 1{$nl}";
-		elseif ($expformat != "inline")
+		elseif (substr($expformat, 0, 6) != "inline")
 			$conf .= "tls-auth {$prefix}-tls.key 1{$nl}";
 	}
 
@@ -363,17 +370,19 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese
 			return $g['tmp_path'] . "/{$prefix}-config.zip";
 			break;
 		case "inline":
+		case "inlinedroid":
+		case "inlineios":
 			// Inline CA
-			$conf .= "<ca>{$nl}" . base64_decode($server_ca['crt']) . "</ca>{$nl}";
+			$conf .= "<ca>{$nl}" . trim(base64_decode($server_ca['crt'])) . "{$nl}</ca>{$nl}";
 			if ($settings['mode'] != "server_user") {
 				// Inline Cert
-				$conf .= "<cert>{$nl}" . base64_decode($cert['crt']) . "</cert>{$nl}";
+				$conf .= "<cert>{$nl}" . trim(base64_decode($cert['crt'])) . "{$nl}</cert>{$nl}";
 				// Inline Key
-				$conf .= "<key>{$nl}" . base64_decode($cert['prv']) . "</key>{$nl}";
+				$conf .= "<key>{$nl}" . trim(base64_decode($cert['prv'])) . "{$nl}</key>{$nl}";
 			}
 			// Inline TLS
 			if ($settings['tls']) {
-				$conf .= "<tls-auth>{$nl}" . base64_decode($settings['tls']) . "</tls-auth>{$nl} key-direction 1{$nl}";
+				$conf .= "<tls-auth>{$nl}" . trim(base64_decode($settings['tls'])) . "{$nl}</tls-auth>{$nl} key-direction 1{$nl}";
 			}
 			return $conf;
 			break;
@@ -708,8 +717,7 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco
 	$cipher = $settings['crypto'];
 
 	// add basic settings
-	if ($expformat != "inline")
-		$conf  = "dev tun\n";
+	$conf  = "dev tun\n";
 	if(! empty($settings['tunnel_networkv6'])) {
 		$conf .= "tun-ipv6\n";
 	}
@@ -718,8 +726,7 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco
 	$conf .= "proto {$proto}\n";
 	$conf .= "cipher {$cipher}\n";
 	$conf .= "client\n";
-	if ($expformat != "inline")
-		$conf .= "resolv-retry infinite\n";
+	$conf .= "resolv-retry infinite\n";
 	$conf .= "remote {$server_host} {$server_port}\n";
 	if ($settings['local_network']) {
 		list($ip, $mask) = explode('/', $settings['local_network']);
diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml
index 9f3d7376..5b87c48e 100755
--- a/config/openvpn-client-export/openvpn-client-export.xml
+++ b/config/openvpn-client-export/openvpn-client-export.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8" ?>
 <packagegui>
 	<name>OpenVPN Client Export</name>
-	<version>0.29</version>
+	<version>1.0</version>
 	<title>OpenVPN Client Export</title>
 	<include_file>/usr/local/pkg/openvpn-client-export.inc</include_file>
 	<backup_file></backup_file>
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index c7e5d147..3f34dc51 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -140,7 +140,7 @@ if (!empty($act)) {
 
 	$quoteservercn = $_GET['quoteservercn'];
 	$usetoken = $_GET['usetoken'];
-	if ($usetoken && ($act == "confinline"))
+	if ($usetoken && (substr($act, 0, 10) == "confinline"))
 		$input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration.";
 	if ($usetoken && (($act == "conf_yealink_t28") || ($act == "conf_yealink_t38g") || ($act == "conf_yealink_t38g2") || ($act == "conf_snom")))
 		$input_errors[] = "You cannot use Microsoft Certificate Storage with a Yealink or SNOM configuration.";
@@ -200,6 +200,14 @@ if (!empty($act)) {
 				$exp_name = urlencode($exp_name."-config.ovpn");
 				$expformat = "inline";
 				break;
+			case "confinlinedroid":
+				$exp_name = urlencode($exp_name."-android-config.ovpn");
+				$expformat = "inlinedroid";
+				break;
+			case "confinlineios":
+				$exp_name = urlencode($exp_name."-ios-config.ovpn");
+				$expformat = "inlineios";
+				break;
 			default:
 				$exp_name = urlencode($exp_name."-config.ovpn");
 				$expformat = "baseconf";
@@ -222,7 +230,7 @@ if (!empty($act)) {
 	}
 
 	if (empty($input_errors)) {
-		if (($act == "conf") || ($act == "confinline")) {
+		if (($act == "conf") || (substr($act, 0, 10) == "confinline")) {
 			$exp_size = strlen($exp_path);
 		} else {
 			$exp_size = filesize($exp_path);
@@ -232,7 +240,7 @@ if (!empty($act)) {
 		header("Content-Type: application/octet-stream");
 		header("Content-Disposition: attachment; filename={$exp_name}");
 		header("Content-Length: $exp_size");
-		if (($act == "conf") || ($act == "confinline")) {
+		if (($act == "conf") || (substr($act, 0, 10) == "confinline")) {
 			echo $exp_path;
 		} else {
 			readfile($exp_path);
@@ -408,19 +416,27 @@ function server_changed() {
 		cell1.className = "listr";
 		cell1.innerHTML = users[i][3];
 		cell2.className = "listr";
-		cell2.innerHTML = "<a href='javascript:download_begin(\"conf\"," + i + ", -1)'>Configuration</a>";
-		cell2.innerHTML += "<br/>";
-		cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ", -1)'>Inline Configuration</a>";
-		cell2.innerHTML += "<br/>";
-		cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ", -1)'>Configuration archive</a>";
-		cell2.innerHTML += "<br/>Windows Installers:<br/>";
+		cell2.innerHTML = "- Standard Configurations:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ", -1)'>Archive</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"conf\"," + i + ", -1)'>Config Only</a>";
+		cell2.innerHTML += "<br/>- Inline Configurations:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinlinedroid\"," + i + ", -1)'>Android</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinlineios\"," + i + ", -1)'>iOS</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ", -1)'>All Other Platforms</a>";
+		cell2.innerHTML += "<br/>- Windows Installers:<br/>";
 		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ", -1)'>2.2</a>";
 		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x86\"," + i + ", -1)'>2.3-x86</a>";
 //		cell2.innerHTML += "&nbsp;&nbsp; ";
 //		cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x64\"," + i + ", -1)'>2.3-x64</a>";
-		cell2.innerHTML += "<br/>";
+		cell2.innerHTML += "<br/>- Mac OSX:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"visc\"," + i + ", -1)'>Viscosity Bundle</a>";
 	}
 	for (j=0; j < certs.length; j++) {
@@ -437,22 +453,30 @@ function server_changed() {
 		cell1.className = "listr";
 		cell1.innerHTML = certs[j][1];
 		cell2.className = "listr";
-		cell2.innerHTML = "<a href='javascript:download_begin(\"conf\", -1," + j + ")'>Configuration</a>";
-		cell2.innerHTML += "<br/>";
-		cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\", -1," + j + ")'>Inline Configuration</a>";
-		cell2.innerHTML += "<br/>";
-		cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\", -1," + j + ")'>Configuration archive</a>";
-		cell2.innerHTML += "<br/>Windows Installers:<br/>";
+		cell2.innerHTML = "- Standard Configurations:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\", -1," + j + ")'>Archive</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"conf\", -1," + j + ")'>File Only</a>";
+		cell2.innerHTML += "<br/>- Inline Configurations:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinlinedroid\", -1," + j + ")'>Android</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinlineios\", -1," + j + ")'>iOS</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\", -1," + j + ")'>All Other Platforms</a>";
+		cell2.innerHTML += "<br/>- Windows Installers:<br/>";
 		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"inst\", -1," + j + ")'>2.2</a>";
 		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x86\", -1," + j + ")'>2.3-x86</a>";
 //		cell2.innerHTML += "&nbsp;&nbsp; ";
 //		cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x64\", -1," + j + ")'>2.3-x64</a>";
-		cell2.innerHTML += "<br/>";
+		cell2.innerHTML += "<br/>- Mac OSX:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"visc\", -1," + j + ")'>Viscosity Bundle</a>";
 		if (servers[index][2] == "server_tls") {
-			cell2.innerHTML += "<br/>Yealink SIP Handsets: <br/>";
+			cell2.innerHTML += "<br/>- Yealink SIP Handsets: <br/>";
 			cell2.innerHTML += "&nbsp;&nbsp; ";
 			cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t28\", -1," + j + ")'>T28</a>";
 			cell2.innerHTML += "&nbsp;&nbsp; ";
@@ -460,7 +484,7 @@ function server_changed() {
 			cell2.innerHTML += "&nbsp;&nbsp; ";
 			cell2.innerHTML += "<a href='javascript:download_begin(\"conf_yealink_t38g2\", -1," + j + ")'>T38G (2)</a>";
 			cell2.innerHTML += "<br/>";
-			cell2.innerHTML += "<a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>";
+			cell2.innerHTML += "- <a href='javascript:download_begin(\"conf_snom\", -1," + j + ")'>SNOM SIP Handset</a>";
 		}
 	}
 	if (servers[index][2] == 'server_user') {
@@ -473,19 +497,27 @@ function server_changed() {
 		cell1.className = "listr";
 		cell1.innerHTML = "none";
 		cell2.className = "listr";
-		cell2.innerHTML = "<a href='javascript:download_begin(\"conf\"," + i + ")'>Configuration</a>";
-		cell2.innerHTML += "<br/>";
-		cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ")'>Inline Configuration</a>";
-		cell2.innerHTML += "<br/>";
-		cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ")'>Configuration archive</a>";
-		cell2.innerHTML += "<br/>Windows Installers:<br/>";
+		cell2.innerHTML = "- Standard Configurations:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confzip\"," + i + ")'>Archive</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"conf\"," + i + ")'>File Only</a>";
+		cell2.innerHTML += "<br/>- Inline Configurations:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinlinedroid\"," + i + ")'>Android</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinlineios\"," + i + ")'>iOS</a>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
+		cell2.innerHTML += "<a href='javascript:download_begin(\"confinline\"," + i + ")'>All Other Platforms</a>";
+		cell2.innerHTML += "<br/>- Windows Installers:<br/>";
 		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"inst\"," + i + ")'>2.2</a>";
 		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x86\"," + i + ")'>2.3-x86</a>";
 //		cell2.innerHTML += "&nbsp;&nbsp; ";
 //		cell2.innerHTML += "<a href='javascript:download_begin(\"inst-2.3-x64\"," + i + ")'>2.3-x64</a>";
-		cell2.innerHTML += "<br/>";
+		cell2.innerHTML += "<br/>- Mac OSX:<br/>";
+		cell2.innerHTML += "&nbsp;&nbsp; ";
 		cell2.innerHTML += "<a href='javascript:download_begin(\"visc\"," + i + ")'>Viscosity Bundle</a>";
 	}
 }
-- 
cgit v1.2.3