diff options
| author | Ermal <eri@pfsense.org> | 2010-11-26 21:54:44 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2010-11-26 21:54:44 +0000 |
| commit | befad72821f522bf2c23a883f72ade8af48b8533 (patch) | |
| tree | 7ad22eb6e84e12ac5ebdc1130af5eafc3c7c63f7 /etc/inc/openvpn.auth-user.php | |
| parent | bad2989788835047d97667ae69b11885e2e3d493 (diff) | |
| download | pfsense-befad72821f522bf2c23a883f72ade8af48b8533.zip pfsense-befad72821f522bf2c23a883f72ade8af48b8533.tar.gz | |
Ticket #1037. Move environment manipulation to the authentication script since escaping slashes is not so easz on dynamic built paths.
Diffstat (limited to 'etc/inc/openvpn.auth-user.php')
| -rwxr-xr-x | etc/inc/openvpn.auth-user.php | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/etc/inc/openvpn.auth-user.php b/etc/inc/openvpn.auth-user.php index 460d681..9ca76cf 100755 --- a/etc/inc/openvpn.auth-user.php +++ b/etc/inc/openvpn.auth-user.php @@ -41,6 +41,7 @@ * in our config.xml file and check the credentials. */ +require_once("globals.inc"); require_once("config.inc"); require_once("radius.inc"); require_once("auth.inc"); @@ -95,6 +96,11 @@ if (!$username || !$password) { /* Replaced by a sed with propper variables used below(ldap parameters). */ //<template> +if (file_exists("{$g['varetc_path']}/openvpn/{$modeid}.ca")) { + putenv("LDAPTLS_CACERT={$g['varetc_path']}/openvpn/{$modeid}.ca"); + putenv("LDAPTLS_REQCERT=never"); +} + $authenticated = false; if (($strictusercn === true) && ($common_name != $username)) { @@ -121,4 +127,4 @@ syslog(LOG_WARNING, "user {$username} authenticated\n"); exit(0); -?>
\ No newline at end of file +?> |
