diff options
author | Phil Davis <phil.davis@inf.org> | 2015-05-30 20:46:56 +0545 |
---|---|---|
committer | Phil Davis <phil.davis@inf.org> | 2015-05-30 20:46:56 +0545 |
commit | 7304c0234042868d91ab484d839a8c69087871be (patch) | |
tree | d930dfdd85bb91b5501e00f98492aa9805b9ca72 /etc/inc | |
parent | 417008f782aeab859f9e6fb98940105e86af4cdc (diff) | |
download | pfsense-7304c0234042868d91ab484d839a8c69087871be.zip pfsense-7304c0234042868d91ab484d839a8c69087871be.tar.gz |
Allow option to specify just 1 of user and pass in OpenVPN .up file
As per comment in https://redmine.pfsense.org/issues/3633 sometimes the
server end only requires a password, no username. Usually 1 long string
that serves as the hard-to-guess authentication. OpenVPN expects
something to be on the first line of the ".up" file - traditionally
called the username. It also insists on the second line being present,
but is happy with it being empty - this is the authentication
information traditionally called "password".
Let the user put the single piece of authentication information in
either the Username or Password field on the web GUI - whichever they
feel comfortable calling it. In the ".up" file it has to always be the
first line to keep OpenVPN happy.
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/openvpn.inc | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 927a3ec..23ae85c 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -789,11 +789,21 @@ function openvpn_reconfigure($mode, $settings) { } } - if ($settings['auth_user'] && $settings['auth_pass']) { + if ($settings['auth_user'] || $settings['auth_pass']) { $up_file = "{$g['varetc_path']}/openvpn/{$mode_id}.up"; $conf .= "auth-user-pass {$up_file}\n"; - $userpass = "{$settings['auth_user']}\n"; - $userpass .= "{$settings['auth_pass']}\n"; + if ($settings['auth_user']) { + $userpass = "{$settings['auth_user']}\n"; + } else { + $userpass = ""; + } + if ($settings['auth_pass']) { + $userpass .= "{$settings['auth_pass']}\n"; + } + // If only auth_pass is given, then it acts like a user name and we put a blank line where pass would normally go. + if (!($settings['auth_user'] && $settings['auth_pass'])) { + $userpass .= "\n"; + } file_put_contents($up_file, $userpass); } |