summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjim-p <jim@pingle.org>2009-05-08 13:40:07 -0400
committerjim-p <jim@pingle.org>2009-05-08 13:40:07 -0400
commit89e6e210158ca4ca24d2ddbc02ccab72175875a5 (patch)
tree31a1f299e9c68ebf607460d20e08f8d2dc17f2ac
parent98c0c87ae42c54147077f12a05d9eab506e8d053 (diff)
downloadpfsense-89e6e210158ca4ca24d2ddbc02ccab72175875a5.zip
pfsense-89e6e210158ca4ca24d2ddbc02ccab72175875a5.tar.gz
Fix OpenVPN automatic shared key generation.
Diffstat
-rw-r--r--usr/local/www/vpn_openvpn_client.php7
-rw-r--r--usr/local/www/vpn_openvpn_server.php7
2 files changed, 8 insertions, 6 deletions
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php
index 5dd6c9a..0aef437 100644
--- a/usr/local/www/vpn_openvpn_client.php
+++ b/usr/local/www/vpn_openvpn_client.php
@@ -158,6 +158,9 @@ if ($_POST) {
if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'Remote network'))
$input_errors[] = $result;
+ if ($pconfig['autokey_enable'])
+ $pconfig['shared_key'] = openvpn_create_key();
+
if (!$tls_mode && !$pconfig['autokey_enable'])
if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") ||
!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
@@ -168,7 +171,7 @@ if ($_POST) {
!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
$input_errors[] = "The field 'TLS Authentication Key' does not appear to be valid";
- if (!$tls_mode) {
+ if (!$tls_mode && !$pconfig['autokey_enable']) {
$reqdfields = array('shared_key');
$reqdfieldsn = array('Shared key');
} else {
@@ -211,8 +214,6 @@ if ($_POST) {
$client['tls'] = base64_encode($pconfig['tls']);
}
} else {
- if ($pconfig['autokey_enable'])
- $pconfig['shared_key'] = openvpn_create_key();
$client['shared_key'] = base64_encode($pconfig['shared_key']);
}
$client['crypto'] = $pconfig['crypto'];
diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php
index afdc168..7979070 100644
--- a/usr/local/www/vpn_openvpn_server.php
+++ b/usr/local/www/vpn_openvpn_server.php
@@ -181,6 +181,9 @@ if ($_POST) {
if (($portused != $vpnid) && ($portused != 0))
$input_errors[] = "The specified 'Local port' is in use. Please select another value";
+ if ($pconfig['autokey_enable'])
+ $pconfig['shared_key'] = openvpn_create_key();
+
if (!$tls_mode && !$pconfig['autokey_enable'])
if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") ||
!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
@@ -228,7 +231,7 @@ if ($_POST) {
if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
$input_errors[] = "The field 'Concurrent connections' must be numeric.";
- if (!$tls_mode) {
+ if (!$tls_mode && !$pconfig['autokey_enable']) {
$reqdfields = array('shared_key');
$reqdfieldsn = array('Shared key');
} else {
@@ -267,8 +270,6 @@ if ($_POST) {
$server['certref'] = $pconfig['certref'];
$server['dh_length'] = $pconfig['dh_length'];
} else {
- if ($pconfig['autokey_enable'])
- $pconfig['shared_key'] = openvpn_create_key();
$server['shared_key'] = base64_encode($pconfig['shared_key']);
}
$server['crypto'] = $pconfig['crypto'];
OpenPOWER on IntegriCloud