From 0ee1b513a3fbb0fffa5460ec04065b2568b6da27 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Sat, 30 Jun 2012 21:14:16 -0400
Subject: Move this common code into a function.

---
 .../openvpn-client-export.inc                      | 111 +++++----------------
 1 file changed, 25 insertions(+), 86 deletions(-)

(limited to 'config/openvpn-client-export')

diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 886ebb85..b018d006 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -95,10 +95,8 @@ function openvpn_client_pem_to_pk12($outpath, $outpass, $crtpath, $keypath, $cap
 		unlink($capath);
 }
 
-function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys = false, $proxy, $zipconf = false, $outpass = "", $skiptls=false, $doslines=false, $advancedoptions = "") {
-	global $config, $input_errors, $g;
-
-	$nl = ($doslines) ? "\r\n" : "\n";
+function openvpn_client_export_validate_config($srvid, $usrid, $crtid) {
+	global $config, $g, $input_errors;
 
 	// lookup server settings
 	$settings = $config['openvpn']['openvpn-server'][$srvid];
@@ -150,6 +148,21 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
 	} else
 		$nokeys = true;
 
+	return array($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys);
+}
+
+function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys = false, $proxy, $zipconf = false, $outpass = "", $skiptls=false, $doslines=false, $advancedoptions = "") {
+	global $config, $input_errors, $g;
+
+	$nl = ($doslines) ? "\r\n" : "\n";
+
+	$validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
+	if ($validconfig) {
+		list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
+	} else {
+		return false;
+	}
+
 	// determine basic variables
 	if ($useaddr == "serveraddr") {
 		$interface = $settings['interface'];
@@ -298,55 +311,13 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
 	if (!file_exists($workdir . "/template/openvpn-install.exe"))
 		openvpn_client_export_install();
 
-	// lookup server settings
-	$settings = $config['openvpn']['openvpn-server'][$srvid];
-	if (empty($settings)) {
-		$input_errors[] = "Could not find a valid server config for id: {$srvid}";
-		return false;
-	}
-	if ($settings['disable']) {
-		$input_errors[] = "This server is disabled.";
-		return false;
-	}
-
-	$nokeys = false;
-
-	// lookup server certificate info
-	$server_cert = lookup_cert($settings['certref']);
-	$server_ca = lookup_ca($server_cert['caref']);
-	if (!$server_cert || !$server_ca) {
-		$input_errors[] = "Could not find a valid certificate.";
+	$validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
+	if ($validconfig) {
+		list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
+	} else {
 		return false;
 	}
 
-	// lookup user info
-	if ($usrid) {
-		$user = $config['system']['user'][$usrid];
-		if (!$user) {
-			$input_errors[] = "Could not find the details about userid: {$usrid}";
-			return false;
-		}
-	}
-
-	// lookup user certificate info
-	if ($settings['mode'] == "server_tls_user") {
-		if ($settings['authmode'] == "Local Database") {
-			$cert = $user['cert'][$crtid];
-		} else {
-			$cert = $config['cert'][$crtid];
-		}
-		if (!$cert)
-			return false;
-		// If $cert is not an array, it's a certref not a cert.
-		if (!is_array($cert))
-			$cert = lookup_cert($cert);
-	} elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
-		$cert = $config['cert'][$crtid];
-		if (!$cert)
-			return false;
-	} else
-		$nokeys = true;
-
 	// create template directory
 	$tempdir = $g['tmp_path'] . "/openvpn-export-".uniqid();
 	mkdir($tempdir, 0700, true);
@@ -439,45 +410,13 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead
 	$tempdir = $g['tmp_path'] . "/openvpn-export-" . $uniq;
 	$zipfile = $g['tmp_path'] . "/{$uniq}-Viscosity.visc.zip";
 
-	// lookup server settings
-	$settings = $config['openvpn']['openvpn-server'][$srvid];
-	if (empty($settings))
+	$validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
+	if ($validconfig) {
+		list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
+	} else {
 		return false;
-	if ($settings['disable'])
-		return false;
-
-	// lookup server certificate info
-	$server_cert = lookup_cert($settings['certref']);
-	$server_ca = lookup_ca($server_cert['caref']);
-	if (!$server_cert || !$server_ca)
-		return false;
-
-	// lookup user info
-	if ($usrid) {
-		$user = $config['system']['user'][$usrid];
-		if (!$user)
-			return false;
 	}
 
-	// lookup user certificate info
-	if ($settings['mode'] == "server_tls_user") {
-		if ($settings['authmode'] == "Local Database") {
-			$cert = $user['cert'][$crtid];
-		} else {
-			$cert = $config['cert'][$crtid];
-		}
-		if (!$cert)
-			return false;
-		// If $cert is not an array, it's a certref not a cert.
-		if (!is_array($cert))
-			$cert = lookup_cert($cert);
-	} elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) {
-		$cert = $config['cert'][$crtid];
-		if (!$cert)
-			return false;
-	} else
-		$nokeys = true;
-
 	// create template directory
 	mkdir($tempdir, 0700, true);
 	mkdir($tempdir . "/Viscosity.visc", 0700, true);
-- 
cgit v1.2.3