diff options
author | Bryan Haase <bryan.haase@gmail.com> | 2011-07-22 08:18:55 -0500 |
---|---|---|
committer | Bryan Haase <bryan.haase@gmail.com> | 2011-07-22 08:18:55 -0500 |
commit | 64f3141f5fdb26e5d68cc4e3a93390062d50c462 (patch) | |
tree | e9ad7772043c439cebc1cdfe359669fbd5d1e47c | |
parent | cdfd39e2b9df28910e4b339c9589ab5377a5933c (diff) | |
download | pfsense-64f3141f5fdb26e5d68cc4e3a93390062d50c462.zip pfsense-64f3141f5fdb26e5d68cc4e3a93390062d50c462.tar.gz |
Ipsec xAuth patch
-rw-r--r-- | etc/inc/upgrade_config.inc | 2 | ||||
-rw-r--r-- | etc/inc/vpn.inc | 16 | ||||
-rwxr-xr-x | usr/local/www/vpn_ipsec_mobile.php | 1 |
3 files changed, 18 insertions, 1 deletions
diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index 1abc8c5..f1bb57d 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1139,7 +1139,7 @@ function upgrade_046_to_047() { if (isset($config['ipsec']['mobileclients']['enable'])) { $config['ipsec']['client']['enable'] = true; - $config['ipsec']['client']['user_source'] = 'system'; + $config['ipsec']['client']['enable'] = $config['ipsec']['mobileclients']['user_source']; $config['ipsec']['client']['group_source'] = 'system'; } diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 89c1a5e..47bced9 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -419,6 +419,22 @@ function vpn_ipsec_configure($ipchg = false) $racoonconf .= "}\n\n"; } /* end mode_cfg section */ + + /* begin ldapcfg */ + $authcfg = $config['system']['authserver'][0]; + $racoonconf .= "ldapcfg {\n"; + $racoonconf .= "\tversion 3;\n"; + $racoonconf .= "\thost \"".$authcfg['host']."\";\n"; + $lport = "389"; + if ($authcfg['port'] != "") {$lport = $authcfg['port'];}; + $racoonconf .= "\tport ".$lport.";\n"; + $racoonconf .= "\tbase \"".$authcfg['ldap_basedn']."\";\n"; + $racoonconf .= "\tsubtree on;\n"; + $racoonconf .= "\tbind_dn \"".$authcfg['ldap_binddn']."\";\n"; + $racoonconf .= "\tbind_pw \"".$authcfg['ldap_bindpw']."\";\n"; + $racoonconf .= "\tattr_user \"".$authcfg['ldap_attr_user']."\";\n"; + $racoonconf .= "}\n\n"; + /* end ldapcfg */ /* begin remote sections */ if (is_array($a_phase1) && count($a_phase1)) { diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index b4b1b05..281ee5e 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -355,6 +355,7 @@ function login_banner_change() { <td width="78%" class="vtable"> <?=gettext("Source"); ?>: <select name="user_source" class="formselect" id="user_source"> + <option value="ldap"><?=gettext("ldap"); ?></option> <option value="system"><?=gettext("system"); ?></option> </select> </td> |