diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-06-21 16:00:23 -0500 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-06-21 16:01:44 -0500 |
commit | 62102a8b1a8d494c872dd31311f94aea99e97250 (patch) | |
tree | f55469cde22c8ab568632f1331f190eb2209ca65 /etc | |
parent | 3378289af3f39b231de2c26e298d85d3eca4c835 (diff) | |
download | pfsense-62102a8b1a8d494c872dd31311f94aea99e97250.zip pfsense-62102a8b1a8d494c872dd31311f94aea99e97250.tar.gz |
Specify $myid rather than %any here, otherwise user manager and mobile PSKs won't match. Ticket #4781
Conflicts:
etc/inc/vpn.inc
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/vpn.inc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0430ce3..0cd0213 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -628,12 +628,13 @@ EOD; } else { list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, 'local'); list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, 'peer', $rgmap); + + $myid = isset($ph1ent['mobile']) ? trim($myid_data) : "%any"; if (empty($peerid_data)) { continue; } - $myid = isset($ph1ent['mobile']) ? trim($myid_data) : "%any"; $peerid = ($peerid_data != 'allusers') ? trim($peerid_data) : ''; if (!empty($ph1ent['pre-shared-key'])) { if ($myid_type == 'fqdn' && !empty($myid_data)) { @@ -650,7 +651,7 @@ EOD; if (is_array($config['system']) && is_array($config['system']['user'])) { foreach ($config['system']['user'] as $user) { if (!empty($user['ipsecpsk'])) { - $pskconf .= "%any {$user['name']} : PSK 0s" . base64_encode($user['ipsecpsk']) . "\n"; + $pskconf .= "{$myid} {$user['name']} : PSK 0s" . base64_encode($user['ipsecpsk']) . "\n"; } } unset($user); @@ -665,7 +666,7 @@ EOD; if (empty($key['type'])) { $key['type'] = 'PSK'; } - $pskconf .= "%any {$key['ident']} : {$key['type']} 0s" . base64_encode($key['pre-shared-key']) . "\n"; + $pskconf .= "{$myid} {$key['ident']} : {$key['type']} 0s" . base64_encode($key['pre-shared-key']) . "\n"; } unset($key); } |