diff options
author | Ermal <eri@pfsense.org> | 2011-07-15 13:10:40 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-07-15 13:10:40 +0000 |
commit | fe2031ab18b967b31f95d865db07011a39ce6fcc (patch) | |
tree | 06759c005e263b681a21098a8273a84dc473beb1 /etc/inc/openvpn.auth-user.php | |
parent | e6bd231242cb43ad7e8fca8635d6adcb17f38186 (diff) | |
download | pfsense-fe2031ab18b967b31f95d865db07011a39ce6fcc.zip pfsense-fe2031ab18b967b31f95d865db07011a39ce6fcc.tar.gz |
Ticket #1052. Enforce certificates if they are present for authenticating to ldap. Allow to select a CA under ldap type authentication backend to be used for this.
Diffstat (limited to 'etc/inc/openvpn.auth-user.php')
-rwxr-xr-x | etc/inc/openvpn.auth-user.php | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/etc/inc/openvpn.auth-user.php b/etc/inc/openvpn.auth-user.php index 35d79cd..d36b5ff 100755 --- a/etc/inc/openvpn.auth-user.php +++ b/etc/inc/openvpn.auth-user.php @@ -96,11 +96,6 @@ if (!$username || !$password) { /* Replaced by a sed with propper variables used below(ldap parameters). */ //<template> -if (file_exists("{$g['varetc_path']}/openvpn/{$modeid}.ca")) { - putenv("LDAPTLS_CACERT={$g['varetc_path']}/openvpn/{$modeid}.ca"); - putenv("LDAPTLS_REQCERT=never"); -} - $authenticated = false; if (($strictusercn === true) && ($common_name != $username)) { @@ -127,4 +122,4 @@ syslog(LOG_WARNING, "user {$username} authenticated\n"); exit(0); -?>
\ No newline at end of file +?> |