diff options
| author | Ermal <eri@pfsense.org> | 2013-12-19 09:10:50 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2013-12-19 09:10:50 +0000 |
| commit | b95b40a1356d194ef62148c485153f5555913619 (patch) | |
| tree | 7bd29652c26edde3d463af6bdc9e6656addc4d2f /usr/local/sbin | |
| parent | 5e28dad4a34bc3b8da8134b23c85a8f922ebb401 (diff) | |
| download | pfsense-b95b40a1356d194ef62148c485153f5555913619.zip pfsense-b95b40a1356d194ef62148c485153f5555913619.tar.gz | |
Move also tls-verify to fcgicli to avoid forking php process. Maybe even this should be done as a plugin to avoid overhead of forking.
Diffstat (limited to 'usr/local/sbin')
| -rwxr-xr-x | usr/local/sbin/ovpn_auth_verify | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/usr/local/sbin/ovpn_auth_verify b/usr/local/sbin/ovpn_auth_verify index b109e7b..4cf7f69 100755 --- a/usr/local/sbin/ovpn_auth_verify +++ b/usr/local/sbin/ovpn_auth_verify @@ -1,7 +1,12 @@ #!/bin/sh -password = $(echo '$password' | /usr/bin/sed 's/&/%26/g') -RESULT = $(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.auth-user.php -d "username=$username&password=$password&cn=$common_name&strictcn=$2&authcfg=$1&modeid=$3") +if [ "$1" = "tls" ]; then + RESULT = $(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.tls-verify.php -d "servercn=$2&depth=$3&certsubject=$4&certdepth=$5" +else + password = $(echo '$password' | /usr/bin/sed 's/&/%26/g') + RESULT = $(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.auth-user.php -d "username=$username&password=$password&cn=$common_name&strictcn=$3&authcfg=$2&modeid=$4") +fi + if [ "${RESULT} = "OK" ]; then exit 0 fi |
