diff options
author | Ermal LUÇI <eri@pfsense.org> | 2015-02-10 20:50:38 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2015-02-10 20:50:46 +0100 |
commit | 8fa0a5349a2fb7516a5397417d73029738e8007b (patch) | |
tree | 53f4c12dfdeebee0dc283b5d0728d2743be3b901 /etc/inc/openvpn.auth-user.php | |
parent | ed56ce5a1d12b5a065e2c375a182adc1b2d8f91d (diff) | |
download | pfsense-8fa0a5349a2fb7516a5397417d73029738e8007b.zip pfsense-8fa0a5349a2fb7516a5397417d73029738e8007b.tar.gz |
Actually fix even the openvpn auth user script with proper checks. I thought this was fixes already!
Diffstat (limited to 'etc/inc/openvpn.auth-user.php')
-rw-r--r-- | etc/inc/openvpn.auth-user.php | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/etc/inc/openvpn.auth-user.php b/etc/inc/openvpn.auth-user.php index e212fb3..3a077b7 100644 --- a/etc/inc/openvpn.auth-user.php +++ b/etc/inc/openvpn.auth-user.php @@ -82,7 +82,7 @@ function getNasIP() /* setup syslog logging */ openlog("openvpn", LOG_ODELAY, LOG_AUTH); -if (isset($_GET)) { +if (isset($_GET['username'])) { $authmodes = explode(",", $_GET['authcfg']); $username = base64_decode(str_replace('%3D', '=', $_GET['username'])); $password = base64_decode(str_replace('%3D', '=', $_GET['password'])); @@ -98,7 +98,7 @@ if (isset($_GET)) { if (!$username || !$password) { syslog(LOG_ERR, "invalid user authentication environment"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -120,7 +120,7 @@ $authenticated = false; if (($strictusercn === true) && ($common_name != $username)) { syslog(LOG_WARNING, "Username does not match certificate common name ({$username} != {$common_name}), access denied.\n"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -132,7 +132,7 @@ if (($strictusercn === true) && ($common_name != $username)) { if (!is_array($authmodes)) { syslog(LOG_WARNING, "No authentication server has been selected to authenticate against. Denying authentication for user {$username}"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -155,7 +155,7 @@ foreach ($authmodes as $authmode) { if ($authenticated == false) { syslog(LOG_WARNING, "user '{$username}' could not authenticate.\n"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -198,7 +198,7 @@ if (!empty($content)) syslog(LOG_NOTICE, "user '{$username}' authenticated\n"); closelog(); -if (isset($_GET)) +if (isset($_GET['username'])) echo "OK"; else return (0); |