diff options
author | Phil Davis <phil.davis@inf.org> | 2015-05-30 20:46:56 +0545 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2015-05-30 12:08:03 -0300 |
commit | 3b9dfaf2f92c16998f54ee1b909e3df690831f94 (patch) | |
tree | 63c7783699a56c125f14caf344ae49a73024b976 /etc | |
parent | 19a12e06aad2c44d3cc407245ca5a895ad60e637 (diff) | |
download | pfsense-3b9dfaf2f92c16998f54ee1b909e3df690831f94.zip pfsense-3b9dfaf2f92c16998f54ee1b909e3df690831f94.tar.gz |
Allow option to specify just 1 of user and pass in OpenVPN .up file
As per comment in https://redmine.pfsense.org/issues/3633 sometimes the
server end only requires a password, no username. Usually 1 long string
that serves as the hard-to-guess authentication. OpenVPN expects
something to be on the first line of the ".up" file - traditionally
called the username. It also insists on the second line being present,
but is happy with it being empty - this is the authentication
information traditionally called "password".
Let the user put the single piece of authentication information in
either the Username or Password field on the web GUI - whichever they
feel comfortable calling it. In the ".up" file it has to always be the
first line to keep OpenVPN happy.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/openvpn.inc | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 73bbf1d..d7edb63 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -718,11 +718,21 @@ function openvpn_reconfigure($mode, $settings) { $conf .= "ifconfig-ipv6 {$ipv6_2} {$prefix}\n"; } - if ($settings['auth_user'] && $settings['auth_pass']) { + if ($settings['auth_user'] || $settings['auth_pass']) { $up_file = "{$g['varetc_path']}/openvpn/{$mode_id}.up"; $conf .= "auth-user-pass {$up_file}\n"; - $userpass = "{$settings['auth_user']}\n"; - $userpass .= "{$settings['auth_pass']}\n"; + if ($settings['auth_user']) { + $userpass = "{$settings['auth_user']}\n"; + } else { + $userpass = ""; + } + if ($settings['auth_pass']) { + $userpass .= "{$settings['auth_pass']}\n"; + } + // If only auth_pass is given, then it acts like a user name and we put a blank line where pass would normally go. + if (!($settings['auth_user'] && $settings['auth_pass'])) { + $userpass .= "\n"; + } file_put_contents($up_file, $userpass); } |