diff options
| author | jim-p <jim@pingle.org> | 2010-04-12 13:54:07 -0400 |
|---|---|---|
| committer | jim-p <jim@pingle.org> | 2010-04-12 13:55:29 -0400 |
| commit | 5ce63c3e8e028dfd59ee5f32a504772b458d717c (patch) | |
| tree | 1ca1b342c99a396461edc0f3bddde920a7d8f200 /usr/local/www/wizards/openvpn_wizard.inc | |
| parent | eca1f1ead81747afc1226610b4d2fe30e718706a (diff) | |
| download | pfsense-5ce63c3e8e028dfd59ee5f32a504772b458d717c.zip pfsense-5ce63c3e8e028dfd59ee5f32a504772b458d717c.tar.gz | |
Add/fix wording of descriptions in OpenVPN wizard.
While I'm here, convert leading spaces to tabs.
Diffstat (limited to 'usr/local/www/wizards/openvpn_wizard.inc')
| -rw-r--r-- | usr/local/www/wizards/openvpn_wizard.inc | 300 |
1 files changed, 152 insertions, 148 deletions
diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index 2e01e6a..cba0d10 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -1,30 +1,30 @@ <?php /* - Copyright (C) 2010 Ermal Luçi - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - - pfSense_MODULE: openvpn + Copyright (C) 2010 Ermal Luçi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + + pfSense_MODULE: openvpn */ require_once("openvpn.inc"); @@ -46,7 +46,7 @@ function step2_stepbeforeformdisplay() { global $pkg, $stepid; $fields =& $pkg['step'][1]['fields']['field']; - + $found = false; $authlist = auth_get_authserver_list(); $fields[1]['options']['option'] = array(); @@ -54,13 +54,13 @@ function step2_stepbeforeformdisplay() { if ($auth['type'] != "ldap") continue; $found = true; - $opts = array(); - $opts['name'] = $auth['name']; - $opts['value'] = $auth['name']; - $fields[1]['options']['option'][] = $opts; + $opts = array(); + $opts['name'] = $auth['name']; + $opts['value'] = $auth['name']; + $fields[1]['options']['option'][] = $opts; } if ($found == false) { - $stepid = 2; + $stepid = 2; } } @@ -91,46 +91,46 @@ function step3_submitphpaction() { } function step4_stepbeforeformdisplay() { - global $pkg, $stepid; + global $pkg, $stepid; - $fields =& $pkg['step'][3]['fields']['field']; + $fields =& $pkg['step'][3]['fields']['field']; $found = false; - $authlist = auth_get_authserver_list(); - $fields[1]['options']['option'] = array(); - foreach ($authlist as $i => $auth) { - if ($auth['type'] != "radius") - continue; + $authlist = auth_get_authserver_list(); + $fields[1]['options']['option'] = array(); + foreach ($authlist as $i => $auth) { + if ($auth['type'] != "radius") + continue; $found = true; - $opts = array(); - $opts['name'] = $auth['name']; - $opts['value'] = $auth['name']; - $fields[1]['options']['option'][] = $opts; - } + $opts = array(); + $opts['name'] = $auth['name']; + $opts['value'] = $auth['name']; + $fields[1]['options']['option'][] = $opts; + } if ($found == false) - $stepid = 4; + $stepid = 4; } function step4_submitphpaction() { - global $stepid; + global $stepid; if (isset($_POST['next'])) { - $_POST['uselist'] = ""; - $stepid++; - } + $_POST['uselist'] = ""; + $stepid++; + } } function step5_submitphpaction() { global $stepid, $savemsg, $config; - if (empty($_POST['name']) || empty($_POST['ip']) || empty($_POST['port']) || - empty($_POST['secret'])) { + if (empty($_POST['name']) || empty($_POST['ip']) || empty($_POST['port']) || + empty($_POST['secret'])) { $stepid--; - $savemsg = "Please enter all information for authentication server."; + $savemsg = "Please enter all information for authentication server."; } else if (count(($authcfg = auth_get_authserver($_POST['name']))) > 0) { $stepid--; $savemsg = "Please choose a different name because an authentication server with this name already exists."; - } else { + } else { $config['ovpnserver']['step2']['uselist'] = "on"; $_POST['uselist'] = "on"; } @@ -148,11 +148,11 @@ function step6_submitphpaction() { global $stepid, $config; if (isset($_POST['next'])) { - $_POST['uselist'] = ""; - $stepid++; - } else { + $_POST['uselist'] = ""; + $stepid++; + } else { $config['ovpnserver']['step6']['uselist'] = "on"; - $_POST['uselist'] = "on"; + $_POST['uselist'] = "on"; } } @@ -160,32 +160,32 @@ function step7_submitphpaction() { global $stepid, $savemsg, $_POST, $config; if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || - empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) || - empty($_POST['organization']) || empty($_POST['email'])) { + empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) || + empty($_POST['organization']) || empty($_POST['email'])) { $stepid--; - $savemsg = "Please enter all information for the new Certificate Authority."; - } else { + $savemsg = "Please enter all information for the new Certificate Authority."; + } else { $config['ovpnserver']['step6']['uselist'] = "on"; $_POST['uselist'] = "on"; } } function step8_stepbeforeformdisplay() { - global $stepid, $config; + global $stepid, $config; - if (count($config['system']['cert']) < 1 || + if (count($config['system']['cert']) < 1 || (count($config['system']['cert']) == 1 && stristr($config['system']['cert'][0]['name'], "webconf"))) { $stepid++; - } + } } function step8_submitphpaction() { global $stepid, $_POST; if (isset($_POST['next'])) { - $_POST['uselist'] = ""; - $stepid++; - } + $_POST['uselist'] = ""; + $stepid++; + } } function step9_stepbeforeformdisplay() { @@ -194,18 +194,18 @@ function step9_stepbeforeformdisplay() { $pconfig = $config['ovpnserver']; if (isset($pconfig['step6']['uselist'])) { - $country = $pconfig['step6']['country']; - $state = $pconfig['step6']['state']; - $city = $pconfig['step6']['city']; - $org = $pconfig['step6']['organization']; - } else { + $country = $pconfig['step6']['country']; + $state = $pconfig['step6']['state']; + $city = $pconfig['step6']['city']; + $org = $pconfig['step6']['organization']; + } else { $ca = lookup_ca($pconfig['step6']['authcertca']); $cavl = cert_get_subject_array($ca['crt']); $country = $cavl[0]['v']; $state = $cavl[1]['v']; $city = $cavl[2]['v']; $org = $cavl[3]['v']; - } + } $fields =& $pkg['step'][$stepid]['fields']['field']; foreach ($fields as $idx => $field) { @@ -229,12 +229,12 @@ function step9_stepbeforeformdisplay() { function step9_submitphpaction() { global $stepid, $savemsg, $_POST, $config; - if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || + if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) || empty($_POST['organization']) || empty($_POST['email'])) { $stepid--; - $savemsg = "Please enter all information for the new certificate."; - } else { + $savemsg = "Please enter all information for the new certificate."; + } else { $config['ovpnserver']['step9']['uselist'] = "on"; $_POST['uselist'] = "on"; } @@ -245,21 +245,21 @@ function step10_stepbeforeformdisplay() { foreach ($pkg['step'][$stepid]['fields']['field'] as $idx => $field) { if ($field['name'] == "crypto") { - $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array(); + $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array(); $cipherlist = openvpn_get_cipherlist(); foreach ($cipherlist as $name => $desc) { $opt = array(); - $opt['name'] = $desc; - $opt['value'] = $name; - $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt; + $opt['name'] = $desc; + $opt['value'] = $name; + $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt; } } else if ($field['name'] == "nbttype") { - $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array(); + $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array(); foreach ($netbios_nodetypes as $type => $name) { $opt = array(); $opt['name'] = $name; $opt['value'] = $type; - $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt; + $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt; } } else if ($field['name'] == "localport") { if (count($config['openvpn']['openvpn-server']) < 1) @@ -271,27 +271,31 @@ function step10_stepbeforeformdisplay() { function step10_submitphpaction() { global $savemsg, $stepid; + /* Default OpenVPN port to 1194 if left empty. */ + if (empty($_POST['localport'])) + $_POST['localport'] = 1194; + /* input validation */ - if ($result = openvpn_validate_port($_POST['localport'], 'Local port')) - $input_errors[] = $result; + if ($result = openvpn_validate_port($_POST['localport'], 'Local port')) + $input_errors[] = $result; - if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel network')) - $input_errors[] = $result; + if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel network')) + $input_errors[] = $result; - if ($result = openvpn_validate_cidr($_POST['remotenet'], 'Remote network')) - $input_errors[] = $result; + if ($result = openvpn_validate_cidr($_POST['remotenet'], 'Remote network')) + $input_errors[] = $result; - if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local network')) - $input_errors[] = $result; + if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local network')) + $input_errors[] = $result; $portused = openvpn_port_used($_POST['protocol'], $_POST['localport']); if ($portused != 0) - $input_errors[] = "The specified 'Local port' is in use. Please select another value"; - + $input_errors[] = "The specified 'Local port' is in use. Please select another value"; + if (!isset($_POST['generatetlskey']) && isset($_POST['tlsauthentication'])) if (!strstr($_POST['tlssharedkey'], "-----BEGIN OpenVPN Static key V1-----") || !strstr($_POST['tlssharedkey'], "-----END OpenVPN Static key V1-----")) - $input_errors[] = "The field 'TLS Authentication Key' does not appear to be valid"; + $input_errors[] = "The field 'TLS Authentication Key' does not appear to be valid"; if (!empty($_POST['dnsserver1']) && !is_ipaddr(trim($_POST['dnsserver1']))) $input_errors[] = "The field 'DNS Server #1' must contain a valid IP address"; @@ -313,7 +317,7 @@ function step10_submitphpaction() { $input_errors[] = "The field 'WINS Server #2' must contain a valid IP address"; if ($_POST['concurrentcon'] && !is_numeric($_POST['concurrentcon'])) - $input_errors[] = "The field 'Concurrent connections' must be numeric."; + $input_errors[] = "The field 'Concurrent connections' must be numeric."; if (empty($_POST['tunnelnet'])) $input_errors[] = "You must specify a 'Tunnel network'."; @@ -331,8 +335,8 @@ function step12_submitphpaction() { if (!is_array($config['ovpnserver'])) { $message = "No configuration found please retry again."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}"); - exit; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}"); + exit; } if ($pconfig['step1']['type'] == "local") { @@ -344,7 +348,7 @@ function step12_submitphpaction() { $auth['type'] = $pconfig['step1']['type']; $auth['refid'] = uniqid(); $auth['name'] = $pconfig['step2']['authtype']; - + if ($auth['type'] == "ldap") { $auth['host'] = $pconfig['step2']['ip']; $auth['ldap_port'] = $pconfig['step2']['port']; @@ -372,12 +376,12 @@ function step12_submitphpaction() { $config['system']['authserver'][] = $auth; } else if (!isset($pconfig['step2']['uselist']) && empty($pconfig['step2']['authserv'])) { $message = "Please choose an authentication server ."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}"); - exit; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}"); + exit; } else if (!($auth = auth_get_authserver($pconfig['step2']['authserv']))) { $message = "Not a valid authentication server has been specified."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}"); - exit; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}"); + exit; } if (isset($pconfig['step6']['uselist'])) { @@ -399,55 +403,55 @@ function step12_submitphpaction() { $config['system']['ca'][] = $ca; } else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step6']['authcertca'])) { $message = "Please choose a Certificate Authority."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}"); - exit; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}"); + exit; } else if (!($ca = lookup_ca($pconfig['step6']['authcertca']))) { $message = "Not a valid Certificate Authority specified."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}"); - exit; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}"); + exit; } if (isset($pconfig['step9']['uselist'])) { - $cert = array(); - $cert['refid'] = uniqid(); - $cert['name'] = $pconfig['step9']['certname']; - $dn = array( - 'countryName' => $pconfig['step9']['country'], - 'stateOrProvinceName' => $pconfig['step9']['state'], - 'localityName' => $pconfig['step9']['city'], - 'organizationName' => $pconfig['step9']['organization'], - 'emailAddress' => $pconfig['step9']['email'], - 'commonName' => $pconfig['step9']['certname']); - - cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); - - $config['system']['cert'][] = $cert; + $cert = array(); + $cert['refid'] = uniqid(); + $cert['name'] = $pconfig['step9']['certname']; + $dn = array( + 'countryName' => $pconfig['step9']['country'], + 'stateOrProvinceName' => $pconfig['step9']['state'], + 'localityName' => $pconfig['step9']['city'], + 'organizationName' => $pconfig['step9']['organization'], + 'emailAddress' => $pconfig['step9']['email'], + 'commonName' => $pconfig['step9']['certname']); + + cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn); + if (!is_array($config['system']['cert'])) + $config['system']['cert'] = array(); + + $config['system']['cert'][] = $cert; } else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step9']['authcertname'])) { $message = "Please choose a Certificate."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}"); - exit; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}"); + exit; } else if (!($cert = lookup_cert($pconfig['step9']['authcertname']))) { - $message = "Not a valid Certificate specified."; - header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}"); - exit; - } + $message = "Not a valid Certificate specified."; + header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}"); + exit; + } $server = array(); $server['vpnid'] = openvpn_vpnid_next(); switch ($auth['type']) { case "ldap": - $server['authmode'] = $auth['name']; - $server['mode'] = "server_user"; - break; - case "radius": - $server['authmode'] = $auth['name']; - $server['mode'] = "server_user"; - break; - default: - $server['authmode'] = "Local Database"; - $server['mode'] = "server_tls_user"; - break; + $server['authmode'] = $auth['name']; + $server['mode'] = "server_user"; + break; + case "radius": + $server['authmode'] = $auth['name']; + $server['mode'] = "server_user"; + break; + default: + $server['authmode'] = "Local Database"; + $server['mode'] = "server_tls_user"; + break; } $server['caref'] = $ca['refid']; $server['certref'] = $cert['refid']; @@ -522,17 +526,17 @@ function step12_submitphpaction() { $config['filter']['rule'][] = $rule; } if (isset($pconfig['step11']['ovpnallow'])) { - $rule = array(); - $rule['descr'] = gettext("OpenVPN {$server['description']} wizard rules."); - $rule['source']['any'] = TRUE; - $rule['destination']['any'] = TRUE; - $rule['interface'] = "openvpn"; - //$rule['protocol'] = $server['protocol']; - $rule['type'] = "pass"; - $rule['enabled'] = "on"; - $config['filter']['rule'][] = $rule; - } - + $rule = array(); + $rule['descr'] = gettext("OpenVPN {$server['description']} wizard rules."); + $rule['source']['any'] = TRUE; + $rule['destination']['any'] = TRUE; + $rule['interface'] = "openvpn"; + //$rule['protocol'] = $server['protocol']; + $rule['type'] = "pass"; + $rule['enabled'] = "on"; + $config['filter']['rule'][] = $rule; + } + if (!is_array($config['openvpn']['openvpn-server'])) $config['openvpn']['openvpn-server'] = array(); |
