From 2a1ad3e188a7d0f31d41e7f5e2953566196fdcd1 Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@pfsense.org>
Date: Wed, 1 Jul 2009 01:40:30 -0400
Subject: Do not duplicate key lines

---
 .../openvpn-client-export.inc                      | 24 +++++++++++++---------
 1 file changed, 14 insertions(+), 10 deletions(-)

(limited to 'config/openvpn-client-export')

diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 08f8390b..85122988 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -84,7 +84,7 @@ function openvpn_client_pem_to_pk12($outpath, $outpass, $crtpath, $keypath, $cap
 		unlink($capath);
 }
 
-function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken) {
+function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys = false) {
 	global $config;
 
 	// lookup server settings
@@ -140,15 +140,19 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke
 
 	// add key settings
 	$prefix = openvpn_client_export_prefix($srvid);
-	if ($usetoken) {
-		$conf .= "ca {$prefix}-ca.crt\n";
-		$conf .= "cryptoapicert \"SUBJ:{$user['name']}\"\n";
-	} else {
-		$conf .= "pkcs12 {$prefix}.p12\n";
+	if(!$nokeys) {
+		if ($usetoken) {
+			$conf .= "ca {$prefix}-ca.crt\n";
+			$conf .= "cryptoapicert \"SUBJ:{$user['name']}\"\n";
+		} else {
+			$conf .= "pkcs12 {$prefix}.p12\n";
+		}
 	}
 
-	if ($settings['tls'])
-		$conf .= "tls-auth {$prefix}-tls.key\n";
+	if(!$nokeys) {
+		if ($settings['tls'])
+			$conf .= "tls-auth {$prefix}-tls.key\n";
+	}
 
 	// add optional settings
 	if ($settings['compression'])
@@ -203,7 +207,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $uset
 	// write cofiguration file
 	$prefix = openvpn_client_export_prefix($srvid);
 	$cfgfile = "{$confdir}/{$prefix}-config.ovpn";
-	$conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken);
+	$conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, false);
 	if (!$conf)
 		return false;
 	file_put_contents($cfgfile, $conf);
@@ -293,7 +297,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead
 
 	// write cofiguration file
 	$prefix = openvpn_client_export_prefix($srvid);
-	$conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken);
+	$conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, true);
 	if (!$conf)
 		return false;
 
-- 
cgit v1.2.3