diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2008-04-28 01:44:05 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2008-04-28 01:44:05 +0000 |
commit | a35aaa25f3138052aa6f6736976bdd5b16b36ea9 (patch) | |
tree | 6af71de4b339f77f2a31e3499f4daa42a6e0a796 /etc | |
parent | 96618247e2da2bb8837f4d7e7763b24046603f45 (diff) | |
download | pfsense-a35aaa25f3138052aa6f6736976bdd5b16b36ea9.zip pfsense-a35aaa25f3138052aa6f6736976bdd5b16b36ea9.tar.gz |
Creatae server certificate if needed.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/openvpn.inc | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index ee0c4f2..b04866b 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -80,7 +80,6 @@ function openvpn_get_ciphers($pkg) { } } - function openvpn_validate_port($value, $name) { $value = trim($value); if (!empty($value) && !(is_numeric($value) && ($value > 0) && ($value < 65535))) @@ -294,7 +293,27 @@ function openvpn_reconfigure($mode, $id) { global $g, $config; $settings = $config['installedpackages']["openvpn$mode"]['config'][$id]; + if ($settings['disable']) return; + + if(!$settings['server.key'] and $mode == "server") { + $cakeysize = $settings['keysize']; + $caname = $settings['cipherpki']; + $ovpncapath = $g['varetc_path']."/openvpn/certificates"; + $easyrsapath = $g['easyrsapath']; + $fd = fopen($ovpncapath . "/RUNME_2ND", "w"); + fwrite($fd, "cd $ovpncapath \n"); + fwrite($fd, "source $ovpncapath/$caname/vars \n"); + fwrite($fd, "$easyrsapath/pkitool --batch --server server \n"); + fwrite($fd, "openssl dhparam -out $ovpncapath/$caname/dh_params.dh $cakeysize \n"); + fclose($fd); + mwexec("/bin/tcsh $ovpncapath/RUNME_2ND"); + log_error("Server certificate for {$settings['description']} created."); + $config['installedpackages']["openvpn$mode"]['config'][$id]['server.key'] = file_get_contents("$ovpncapath/$caname/server.key"); + $config['installedpackages']["openvpn$mode"]['config'][$id]['server.crt'] = file_get_contents("$ovpncapath/$caname/server.crt"); + $config['installedpackages']["openvpn$mode"]['config'][$id]['dh_params.dh'] = file_get_contents("$ovpncapath/$caname/dh_params.dh"); + write_config(); + } $lport = 1194 + $id; @@ -461,6 +480,8 @@ EOD; $openvpn_conf .= "route $ip $mask\n"; } + + // Write the settings for the keys // Set the keys up $base_file = $g['varetc_path'] . "/openvpn/certificates/"; |