diff options
author | PiBa-NL <pba_2k3@yahoo.com> | 2014-02-09 19:23:25 +0100 |
---|---|---|
committer | PiBa-NL <pba_2k3@yahoo.com> | 2014-02-09 19:23:25 +0100 |
commit | 5f242576d3269c1bcfa17ff9fe16600067170dff (patch) | |
tree | 8d59a66336e4a46de03818a19a03f0406af4d868 | |
parent | d292bd8d60b1e01702b3654e8bb3ac8fd66c88e6 (diff) | |
download | pfsense-5f242576d3269c1bcfa17ff9fe16600067170dff.zip pfsense-5f242576d3269c1bcfa17ff9fe16600067170dff.tar.gz |
openvpn, allow for entering client user credentials in the WebGUI
-rw-r--r-- | etc/inc/openvpn.inc | 8 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_client.php | 44 |
2 files changed, 50 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index c9f67d5..66ddf7e 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -682,6 +682,14 @@ function openvpn_reconfigure($mode, $settings) { $conf .= "ifconfig-ipv6 {$ipv6_2} {$prefix}\n"; } + if ($settings['auth_user'] && $settings['auth_pass']) { + $up_file = "{$g['varetc_path']}/openvpn/{$mode_id}.up"; + $conf .= "auth-user-pass {$up_file}\n"; + $userpass = "{$settings['auth_user']}\n"; + $userpass .= "{$settings['auth_pass']}\n"; + file_put_contents($up_file, $userpass); + } + if ($settings['proxy_addr']) { $conf .= "http-proxy {$settings['proxy_addr']} {$settings['proxy_port']}"; if ($settings['proxy_authtype'] != "none") { diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 5604b32..11edd21 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -96,10 +96,15 @@ if($_GET['act']=="new"){ $pconfig['digest'] = "SHA1"; } +global $simplefields; +$simplefields = array('auth_user','auth_pass'); + if($_GET['act']=="edit"){ if (isset($id) && $a_client[$id]) { - + foreach($simplefields as $stat) + $pconfig[$stat] = $a_client[$id][$stat]; + $pconfig['disable'] = isset($a_client[$id]['disable']); $pconfig['mode'] = $a_client[$id]['mode']; $pconfig['protocol'] = $a_client[$id]['protocol']; @@ -251,7 +256,10 @@ if ($_POST) { if (!$input_errors) { $client = array(); - + + foreach($simplefields as $stat) + update_if_changed($stat, $client[$stat], $_POST[$stat]); + if ($vpnid) $client['vpnid'] = $vpnid; else @@ -628,6 +636,38 @@ if ($savemsg) <td colspan="2" class="list" height="12"></td> </tr> <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("User Authentication Settings"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("User name/pass"); ?></td> + <td width="78%" class="vtable"> + <?=gettext("Leave empty when no user name and password are needed."); ?> + <br> + <table border="0" cellpadding="2" cellspacing="0"> + <tr> + <td align="right" width="25%"> + <span class="vexpl"> + <?=gettext("Username"); ?> : + </span> + </td> + <td> + <input name="auth_user" id="auth_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['auth_user']);?>" /> + </td> + </tr> + <tr> + <td align="right" width="25%"> + <span class="vexpl"> + <?=gettext("Password"); ?> : + </span> + </td> + <td> + <input name="auth_pass" id="auth_pass" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['auth_pass']);?>" /> + </td> + </tr> + </table> + </td> + </tr> + <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td> </tr> <tr id="tls"> |