diff options
| author | Phil Davis <phil.davis@inf.org> | 2017-01-31 19:40:19 +0545 |
|---|---|---|
| committer | Renato Botelho <renato@netgate.com> | 2017-01-31 13:33:50 -0200 |
| commit | 4181014a130f981b1758d3f3e6a46d6b047c5890 (patch) | |
| tree | 9915d9ca37fede5438b937b54bb0b4c27930a385 /src | |
| parent | 75e181961370b788ef7b3f92ea156c9b1e1f4e46 (diff) | |
| download | pfsense-4181014a130f981b1758d3f3e6a46d6b047c5890.zip pfsense-4181014a130f981b1758d3f3e6a46d6b047c5890.tar.gz | |
Required fields for VPN pages
(cherry picked from commit 1bbdab13e436f5f2b9e381886be4d9c2d1a4e44f)
Diffstat (limited to 'src')
| -rw-r--r-- | src/usr/local/www/vpn_ipsec_keys_edit.php | 6 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_ipsec_mobile.php | 4 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_ipsec_phase1.php | 30 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_ipsec_phase2.php | 12 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_l2tp.php | 14 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_l2tp_users_edit.php | 7 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_openvpn_client.php | 24 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_openvpn_csc.php | 2 | ||||
| -rw-r--r-- | src/usr/local/www/vpn_openvpn_server.php | 33 |
9 files changed, 68 insertions, 64 deletions
diff --git a/src/usr/local/www/vpn_ipsec_keys_edit.php b/src/usr/local/www/vpn_ipsec_keys_edit.php index aaba313..63c11b0 100644 --- a/src/usr/local/www/vpn_ipsec_keys_edit.php +++ b/src/usr/local/www/vpn_ipsec_keys_edit.php @@ -165,21 +165,21 @@ $section = new Form_Section('Edit Pre-Shared-Secret'); $section->addInput(new Form_Input( 'ident', - 'Identifier', + '*Identifier', 'text', $pconfig['ident'] ))->setHelp('This can be either an IP address, fully qualified domain name or an e-mail address.'); $section->addInput(new Form_Select( 'type', - 'Secret type', + '*Secret type', $pconfig['type'], $ipsec_preshared_key_type ))->setWidth(2); $section->addInput(new Form_Input( 'psk', - 'Pre-Shared Key', + '*Pre-Shared Key', 'text', $pconfig['psk'] )); diff --git a/src/usr/local/www/vpn_ipsec_mobile.php b/src/usr/local/www/vpn_ipsec_mobile.php index b2780d9..b4715c6 100644 --- a/src/usr/local/www/vpn_ipsec_mobile.php +++ b/src/usr/local/www/vpn_ipsec_mobile.php @@ -480,7 +480,7 @@ foreach (auth_get_authserver_list() as $authServer) { $section->addInput(new Form_Select( 'user_source', - 'User Authentication', + '*User Authentication', explode(",", $pconfig['user_source']), $authServers, true @@ -488,7 +488,7 @@ $section->addInput(new Form_Select( $section->addInput(new Form_Select( 'group_source', - 'Group Authentication', + '*Group Authentication', $pconfig['group_source'], array( 'none' => gettext('none'), diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php index 34795f9..aa25eeb 100644 --- a/src/usr/local/www/vpn_ipsec_phase1.php +++ b/src/usr/local/www/vpn_ipsec_phase1.php @@ -697,21 +697,21 @@ $section->addInput(new Form_Checkbox( $section->addInput(new Form_Select( 'iketype', - 'Key Exchange version', + '*Key Exchange version', $pconfig['iketype'], array("ikev1" => "IKEv1", "ikev2" => "IKEv2", "auto" => gettext("Auto")) ))->setHelp('Select the Internet Key Exchange protocol version to be used. Auto uses IKEv2 when initiator, and accepts either IKEv1 or IKEv2 as responder.'); $section->addInput(new Form_Select( 'protocol', - 'Internet Protocol', + '*Internet Protocol', $pconfig['protocol'], array("inet" => "IPv4", "inet6" => "IPv6") ))->setHelp('Select the Internet Protocol family.'); $section->addInput(new Form_Select( 'interface', - 'Interface', + '*Interface', $pconfig['interface'], build_interface_list() ))->setHelp('Select the interface for the local endpoint of this phase1 entry.'); @@ -719,7 +719,7 @@ $section->addInput(new Form_Select( if (!$pconfig['mobile']) { $section->addInput(new Form_Input( 'remotegw', - 'Remote Gateway', + '*Remote Gateway', 'text', $pconfig['remotegw'] ))->setHelp('Enter the public IP address or host name of the remote gateway.'); @@ -738,19 +738,19 @@ $section = new Form_Section('Phase 1 Proposal (Authentication)'); $section->addInput(new Form_Select( 'authentication_method', - 'Authentication Method', + '*Authentication Method', $pconfig['authentication_method'], build_auth_method_list() ))->setHelp('Must match the setting chosen on the remote side.'); $section->addInput(new Form_Select( 'mode', - 'Negotiation mode', + '*Negotiation mode', $pconfig['mode'], array("main" => gettext("Main"), "aggressive" => gettext("Aggressive")) ))->setHelp('Aggressive is more flexible, but less secure.'); -$group = new Form_Group('My identifier'); +$group = new Form_Group('*My identifier'); $group->add(new Form_Select( 'myid_type', @@ -768,7 +768,7 @@ $group->add(new Form_Input( $section->add($group); -$group = new Form_Group('Peer identifier'); +$group = new Form_Group('*Peer identifier'); $group->addClass('peeridgroup'); $group->add(new Form_Select( @@ -793,21 +793,21 @@ $section->add($group); $section->addInput(new Form_Input( 'pskey', - 'Pre-Shared Key', + '*Pre-Shared Key', 'text', $pconfig['pskey'] ))->setHelp('Enter the Pre-Shared Key string.'); $section->addInput(new Form_Select( 'certref', - 'My Certificate', + '*My Certificate', $pconfig['certref'], build_cert_list() ))->setHelp('Select a certificate previously configured in the Certificate Manager.'); $section->addInput(new Form_Select( 'caref', - 'Peer Certificate Authority', + '*Peer Certificate Authority', $pconfig['caref'], build_ca_list() ))->setHelp('Select a certificate authority previously configured in the Certificate Manager.'); @@ -816,7 +816,7 @@ $form->add($section); $section = new Form_Section('Phase 1 Proposal (Algorithms)'); -$group = new Form_Group('Encryption Algorithm'); +$group = new Form_Group('*Encryption Algorithm'); $group->add(new Form_Select( 'ealgo', @@ -836,21 +836,21 @@ $section->add($group); $section->addInput(new Form_Select( 'halgo', - 'Hash Algorithm', + '*Hash Algorithm', $pconfig['halgo'], $p1_halgos ))->setHelp('Must match the setting chosen on the remote side.'); $section->addInput(new Form_Select( 'dhgroup', - 'DH Group', + '*DH Group', $pconfig['dhgroup'], $p1_dhgroups ))->setHelp('Must match the setting chosen on the remote side.'); $section->addInput(new Form_Input( 'lifetime', - 'Lifetime (Seconds)', + '*Lifetime (Seconds)', 'number', $pconfig['lifetime'] )); diff --git a/src/usr/local/www/vpn_ipsec_phase2.php b/src/usr/local/www/vpn_ipsec_phase2.php index 134fce6..109e96b 100644 --- a/src/usr/local/www/vpn_ipsec_phase2.php +++ b/src/usr/local/www/vpn_ipsec_phase2.php @@ -540,12 +540,12 @@ $section->addInput(new Form_Checkbox( $section->addInput(new Form_Select( 'mode', - 'Mode', + '*Mode', $pconfig['mode'], $p2_modes )); -$group = new Form_Group('Local Network'); +$group = new Form_Group('*Local Network'); $group->addClass('opt_localid'); $subnetarray = get_configured_interface_with_descr(); @@ -596,7 +596,7 @@ $group->setHelp('If NAT/BINAT is required on this network specify the address to $section->add($group); if (!isset($pconfig['mobile'])) { - $group = new Form_Group('Remote Network'); + $group = new Form_Group('*Remote Network'); $group->addClass('opt_remoteid'); $group->add(new Form_Select( @@ -628,7 +628,7 @@ $section = new Form_Section('Phase 2 Proposal (SA/Key Exchange)'); $section->addInput(new Form_Select( 'proto', - 'Protocol', + '*Protocol', $pconfig['proto'], $p2_protos ))->setHelp('ESP is encryption, AH is authentication only.'); @@ -637,7 +637,7 @@ $i = 0; $rows = count($p2_ealgos) - 1; foreach ($p2_ealgos as $algo => $algodata) { - $group = new Form_Group($i == 0 ? 'Encryption Algorithms':''); + $group = new Form_Group($i == 0 ? '*Encryption Algorithms':''); $group->addClass('encalg'); // Note: ID attribute of each element created is to be unique. Not being used, suppressing it. @@ -675,7 +675,7 @@ foreach ($p2_ealgos as $algo => $algodata) { $section->add($group); } -$group = new Form_Group('Hash Algorithms'); +$group = new Form_Group('*Hash Algorithms'); foreach ($p2_halgos as $algo => $algoname) { // Note: ID attribute of each element created is to be unique. Not being used, suppressing it. diff --git a/src/usr/local/www/vpn_l2tp.php b/src/usr/local/www/vpn_l2tp.php index 3a65ed1..8f19300 100644 --- a/src/usr/local/www/vpn_l2tp.php +++ b/src/usr/local/www/vpn_l2tp.php @@ -244,14 +244,14 @@ $section->addClass('toggle-l2tp-enable'); $section->addInput(new Form_Select( 'interface', - 'Interface', + '*Interface', $pconfig['interface'], $iflist )); $section->addInput(new Form_Input( 'localip', - 'Server address', + '*Server address', 'text', $pconfig['localip'] ))->setHelp('Enter the IP address the L2TP server should give to clients for use as their "gateway". ' . '<br />' . @@ -260,14 +260,14 @@ $section->addInput(new Form_Input( $section->addInput(new Form_IpAddress( 'remoteip', - 'Remote address range', + '*Remote address range', $pconfig['remoteip'] ))->addMask(l2tp_subnet, $pconfig['l2tp_subnet']) ->setHelp('Specify the starting address for the client IP address subnet.'); $section->addInput(new Form_Select( 'n_l2tp_units', - 'Number of L2TP users', + '*Number of L2TP users', $pconfig['n_l2tp_units'], array_combine(range(1, 255, 1), range(1, 255, 1)) )); @@ -281,7 +281,7 @@ $section->addPassword(new Form_Input( $section->addInput(new Form_Select( 'paporchap', - 'Authentication type', + '*Authentication type', $pconfig['paporchap'], array( 'chap' => 'CHAP', @@ -325,13 +325,13 @@ $section->addInput(new Form_Checkbox( $section->addInput(new Form_IpAddress( 'radiusserver', - 'Server', + '*Server', $pconfig['radiusserver'] ))->setHelp('Enter the IP address of the RADIUS server.'); $section->addPassword(new Form_Input( 'radiussecret', - 'Secret', + '*Secret', 'password', $pconfig['radiussecret'] ))->setHelp('Enter the shared secret that will be used to authenticate to the RADIUS server.'); diff --git a/src/usr/local/www/vpn_l2tp_users_edit.php b/src/usr/local/www/vpn_l2tp_users_edit.php index 2db2c16..d3d7c28 100644 --- a/src/usr/local/www/vpn_l2tp_users_edit.php +++ b/src/usr/local/www/vpn_l2tp_users_edit.php @@ -93,6 +93,9 @@ if (isset($_POST['id']) && is_numericint($_POST['id'])) { if (isset($id) && $a_secret[$id]) { $pconfig['usernamefld'] = $a_secret[$id]['name']; $pconfig['ip'] = $a_secret[$id]['ip']; + $pwd_required = ""; +} else { + $pwd_required = "*"; } if ($_POST) { @@ -178,14 +181,14 @@ $section = new Form_Section("User"); $section->addInput(new Form_Input( 'usernamefld', - 'Username', + '*Username', 'text', $pconfig['usernamefld'] )); $pwd = new Form_Input( 'passwordfld', - 'Password', + $pwd_required . 'Password', 'text', $pconfig['passwordfld'] ); diff --git a/src/usr/local/www/vpn_openvpn_client.php b/src/usr/local/www/vpn_openvpn_client.php index 2f9ffb0..23598e2 100644 --- a/src/usr/local/www/vpn_openvpn_client.php +++ b/src/usr/local/www/vpn_openvpn_client.php @@ -481,28 +481,28 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'mode', - 'Server mode', + '*Server mode', $pconfig['mode'], $openvpn_client_modes )); $section->addInput(new Form_Select( 'protocol', - 'Protocol', + '*Protocol', $pconfig['protocol'], array_combine($openvpn_prots, $openvpn_prots) )); $section->addInput(new Form_Select( 'dev_mode', - 'Device mode', + '*Device mode', empty($pconfig['dev_mode']) ? 'tun':$pconfig['dev_mode'], array_combine($openvpn_dev_mode, $openvpn_dev_mode) )); $section->addInput(new Form_Select( 'interface', - 'Interface', + '*Interface', $pconfig['interface'], openvpn_build_if_list() )); @@ -517,14 +517,14 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Input( 'server_addr', - 'Server host or address', + '*Server host or address', 'text', $pconfig['server_addr'] )); $section->addInput(new Form_Input( 'server_port', - 'Server port', + '*Server port', 'number', $pconfig['server_port'] )); @@ -619,7 +619,7 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Textarea( 'tls', - 'Key', + '*Key', $pconfig['tls'] ))->setHelp('Paste the shared key here'); @@ -631,13 +631,13 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'caref', - 'Peer Certificate Authority', + '*Peer Certificate Authority', $pconfig['caref'], $list )); } else { $section->addInput(new Form_StaticText( - 'Peer Certificate Authority', + '*Peer Certificate Authority', sprintf('No Certificate Authorities defined. One may be created here: %s', '<a href="system_camanager.php">System > Cert. Manager</a>') )); } @@ -665,7 +665,7 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Textarea( 'shared_key', - 'Shared Key', + '*Shared Key', $pconfig['shared_key'] ))->setHelp('Paste the shared key here'); @@ -680,14 +680,14 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'crypto', - 'Encryption Algorithm', + '*Encryption Algorithm', $pconfig['crypto'], openvpn_get_cipherlist() )); $section->addInput(new Form_Select( 'digest', - 'Auth digest algorithm', + '*Auth digest algorithm', $pconfig['digest'], openvpn_get_digestlist() ))->setHelp('Leave this set to SHA1 unless all clients are set to match. SHA1 is the default for OpenVPN. '); diff --git a/src/usr/local/www/vpn_openvpn_csc.php b/src/usr/local/www/vpn_openvpn_csc.php index 083f447..22b1cd7 100644 --- a/src/usr/local/www/vpn_openvpn_csc.php +++ b/src/usr/local/www/vpn_openvpn_csc.php @@ -364,7 +364,7 @@ if ($act == "new" || $act == "edit"): $section->addInput(new Form_Input( 'common_name', - 'Common name', + '*Common name', 'text', $pconfig['common_name'] ))->setHelp('Enter the client\'s X.509 common name.'); diff --git a/src/usr/local/www/vpn_openvpn_server.php b/src/usr/local/www/vpn_openvpn_server.php index 1e65784..88c9278 100644 --- a/src/usr/local/www/vpn_openvpn_server.php +++ b/src/usr/local/www/vpn_openvpn_server.php @@ -650,7 +650,7 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'mode', - 'Server mode', + '*Server mode', $pconfig['mode'], openvpn_build_mode_list() )); @@ -671,7 +671,7 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'authmode', - 'Backend for authentication', + '*Backend for authentication', $authmodes, $options, true @@ -679,28 +679,28 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'protocol', - 'Protocol', + '*Protocol', $pconfig['protocol'], array_combine($openvpn_prots, $openvpn_prots) )); $section->addInput(new Form_Select( 'dev_mode', - 'Device mode', + '*Device mode', empty($pconfig['dev_mode']) ? 'tun':$pconfig['dev_mode'], array_combine($openvpn_dev_mode, $openvpn_dev_mode) )); $section->addInput(new Form_Select( 'interface', - 'Interface', + '*Interface', $pconfig['interface'], openvpn_build_if_list() )); $section->addInput(new Form_Input( 'local_port', - 'Local port', + '*Local port', 'number', $pconfig['local_port'], ['min' => '0'] @@ -735,8 +735,7 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Textarea( 'tls', - 'Key', - $pconfig['tls'] + '*Key', ))->setHelp('Paste the shared key here'); if (count($a_ca)) { @@ -748,13 +747,13 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'caref', - 'Peer Certificate Authority', + '*Peer Certificate Authority', $pconfig['caref'], $list )); } else { $section->addInput(new Form_StaticText( - 'Peer Certificate Authority', + '*Peer Certificate Authority', sprintf('No Certificate Authorities defined. One may be created here: %s', '<a href="system_camanager.php">System > Cert. Manager</a>') )); } @@ -793,14 +792,14 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'certref', - 'Server certificate', + '*Server certificate', $pconfig['certref'], $cl['server'] + $cl['non-server'] ))->setHelp($certhelp); $section->addInput(new Form_Select( 'dh_length', - 'DH Parameter length (bits)', + '*DH Parameter length (bits)', $pconfig['dh_length'], array_combine($openvpn_dh_lengths, $openvpn_dh_lengths) ))->setHelp(count($a_cert) ? '':sprintf('No Certificates defined. One may be created here: %s', '<a href="system_camanager.php">System > Cert. Manager</a>')); @@ -816,20 +815,20 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Textarea( 'shared_key', - 'Shared Key', + '*Shared Key', $pconfig['shared_key'] ))->setHelp('Paste the shared key here'); $section->addInput(new Form_Select( 'crypto', - 'Encryption Algorithm', + '*Encryption Algorithm', $pconfig['crypto'], openvpn_get_cipherlist() )); $section->addInput(new Form_Select( 'digest', - 'Auth digest algorithm', + '*Auth digest algorithm', $pconfig['digest'], openvpn_get_digestlist() ))->setHelp('Leave this set to SHA1 unless all clients are set to match. SHA1 is the default for OpenVPN. '); @@ -843,7 +842,7 @@ if ($act=="new" || $act=="edit"): $section->addInput(new Form_Select( 'cert_depth', - 'Certificate Depth', + '*Certificate Depth', $pconfig['cert_depth'], ["" => gettext("Do Not Check")] + $openvpn_cert_depths ))->setHelp('When a certificate-based client logs in, do not accept certificates below this depth. ' . @@ -1519,6 +1518,7 @@ events.push(function() { hideInput('serverbridge_interface', true); hideInput('serverbridge_dhcp_start', true); hideInput('serverbridge_dhcp_end', true); + setRequired('tunnel_network', true); if (sharedkey) { hideInput('local_network', true); hideInput('local_networkv6', true); @@ -1535,6 +1535,7 @@ events.push(function() { case "tap": hideCheckbox('no_tun_ipv6', true); hideInput('tunnel_network', false); + setRequired('tunnel_network', false); if (!p2p) { hideCheckbox('serverbridge_dhcp', false); |
