diff options
author | Ermal LUÇI <eri@pfsense.org> | 2014-12-30 22:45:20 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2014-12-30 23:28:30 +0100 |
commit | 7f69cbe7d442650671fe29a2d4804fbd77bc9855 (patch) | |
tree | 44e0223cda4320738ca3027561bf82781b3852fc | |
parent | 565dcf3c3c6299695058d616cdad95a5d300288e (diff) | |
download | pfsense-7f69cbe7d442650671fe29a2d4804fbd77bc9855.zip pfsense-7f69cbe7d442650671fe29a2d4804fbd77bc9855.tar.gz |
Use base64 encoded secrets which Fixes #4158
-rw-r--r-- | etc/inc/vpn.inc | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 4e168b0..d0fb807 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -487,7 +487,7 @@ EOD; $myid = isset($ph1ent['mobile']) ? trim($myid_data) . " " : ""; $peerid = ($peerid_data != "allusers") ? trim($peerid_data) : ""; if (!empty($ph1ent['pre-shared-key'])) - $pskconf .= $myid . $peerid . " : PSK \"" . trim($ph1ent['pre-shared-key']) . "\"\n"; + $pskconf .= $myid . $peerid . " : PSK 00" . base64_encode(trim($ph1ent['pre-shared-key'])) . "\n"; } } } @@ -496,7 +496,7 @@ EOD; if (is_array($config['system']) && is_array($config['system']['user'])) { foreach ($config['system']['user'] as $user) { if (!empty($user['ipsecpsk'])) { - $pskconf .= "{$myid} {$user['name']} : PSK \"{$user['ipsecpsk']}\"\n"; + $pskconf .= "{$myid} {$user['name']} : PSK 00" . base64_encode($user['ipsecpsk']) . "\n"; } } unset($user); @@ -506,8 +506,8 @@ EOD; if (is_array($ipseccfg['mobilekey'])) { foreach ($ipseccfg['mobilekey'] as $key) { if ($key['ident'] == "allusers") - $key['ident'] = ''; - $pskconf .= "{$myid} {$key['ident']} : PSK \"{$key['pre-shared-key']}\"\n"; + $key['ident'] = '%any'; + $pskconf .= "{$myid} {$key['ident']} : PSK 00" . base64_encode($key['pre-shared-key']) . "\n"; } unset($key); } |