Ipsec xAuth patch

author: Bryan Haase <bryan.haase@gmail.com> 2011-07-22 08:18:55 -0500
committer: Bryan Haase <bryan.haase@gmail.com> 2011-07-22 08:18:55 -0500
commit: 64f3141f5fdb26e5d68cc4e3a93390062d50c462 (patch)
tree: e9ad7772043c439cebc1cdfe359669fbd5d1e47c
parent: cdfd39e2b9df28910e4b339c9589ab5377a5933c (diff)
download: pfsense-64f3141f5fdb26e5d68cc4e3a93390062d50c462.zip
pfsense-64f3141f5fdb26e5d68cc4e3a93390062d50c462.tar.gz
3 files changed, 18 insertions, 1 deletions
diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc
index 1abc8c5..f1bb57d 100644
--- a/etc/inc/upgrade_config.inc
+++ b/etc/inc/upgrade_config.inc
@@ -1139,7 +1139,7 @@ function upgrade_046_to_047() {
 
 		if (isset($config['ipsec']['mobileclients']['enable'])) {
 			$config['ipsec']['client']['enable'] = true;
-			$config['ipsec']['client']['user_source'] = 'system';
+			$config['ipsec']['client']['enable'] = $config['ipsec']['mobileclients']['user_source'];
 			$config['ipsec']['client']['group_source'] = 'system';
 		}
 
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 89c1a5e..47bced9 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -419,6 +419,22 @@ function vpn_ipsec_configure($ipchg = false)
 				$racoonconf .= "}\n\n";
 			}
 			/* end mode_cfg section */
+			
+			 /* begin ldapcfg */
+                        $authcfg =  $config['system']['authserver'][0];
+                        $racoonconf .= "ldapcfg {\n";
+                        $racoonconf .= "\tversion 3;\n";
+                        $racoonconf .= "\thost \"".$authcfg['host']."\";\n";
+                        $lport = "389";
+                        if ($authcfg['port'] != "") {$lport = $authcfg['port'];};
+                        $racoonconf .= "\tport ".$lport.";\n";
+                        $racoonconf .= "\tbase \"".$authcfg['ldap_basedn']."\";\n";
+                        $racoonconf .= "\tsubtree on;\n";
+                        $racoonconf .= "\tbind_dn \"".$authcfg['ldap_binddn']."\";\n";
+                        $racoonconf .= "\tbind_pw \"".$authcfg['ldap_bindpw']."\";\n";
+                        $racoonconf .= "\tattr_user \"".$authcfg['ldap_attr_user']."\";\n";
+                        $racoonconf .= "}\n\n";
+             /* end ldapcfg */
 
 			/* begin remote sections */
 			if (is_array($a_phase1) && count($a_phase1)) {
diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php
index b4b1b05..281ee5e 100755
--- a/usr/local/www/vpn_ipsec_mobile.php
+++ b/usr/local/www/vpn_ipsec_mobile.php
@@ -355,6 +355,7 @@ function login_banner_change() {
 						<td width="78%" class="vtable">
 							<?=gettext("Source"); ?>:&nbsp;&nbsp;
 							<select name="user_source" class="formselect" id="user_source">
+								<option value="ldap"><?=gettext("ldap"); ?></option>
 								<option value="system"><?=gettext("system"); ?></option>
 							</select>
 						</td>
author	Bryan Haase <bryan.haase@gmail.com>	2011-07-22 08:18:55 -0500
committer	Bryan Haase <bryan.haase@gmail.com>	2011-07-22 08:18:55 -0500
commit	64f3141f5fdb26e5d68cc4e3a93390062d50c462 (patch)
tree	e9ad7772043c439cebc1cdfe359669fbd5d1e47c
parent	cdfd39e2b9df28910e4b339c9589ab5377a5933c (diff)
download	pfsense-64f3141f5fdb26e5d68cc4e3a93390062d50c462.zip pfsense-64f3141f5fdb26e5d68cc4e3a93390062d50c462.tar.gz