diff options
| author | jim-p <jimp@pfsense.org> | 2010-08-13 14:15:08 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2010-08-13 14:15:08 -0400 |
| commit | a22d475f113d9f46fcb5015ea76901cb30ff4a3e (patch) | |
| tree | 6f399cd57f7c5d6dc54c340454e50afc44b44333 /usr | |
| parent | dc291feb70c4142d112177a9e1fdac3bb2d31f69 (diff) | |
| download | pfsense-a22d475f113d9f46fcb5015ea76901cb30ff4a3e.zip pfsense-a22d475f113d9f46fcb5015ea76901cb30ff4a3e.tar.gz | |
Let the user choose the IPsec CA instead of assuming.
Diffstat (limited to 'usr')
| -rw-r--r-- | usr/local/www/vpn_ipsec_phase1.php | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index 529cf73..7c3300c 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -96,6 +96,7 @@ if (isset($p1index) && $a_phase1[$p1index]) { $pconfig['pskey'] = $a_phase1[$p1index]['pre-shared-key']; } else { $pconfig['certref'] = $a_phase1[$p1index]['certref']; + $pconfig['caref'] = $a_phase1[$p1index]['caref']; } $pconfig['descr'] = $a_phase1[$p1index]['descr']; @@ -142,8 +143,8 @@ if ($_POST) { $reqdfields = explode(" ", "pskey"); $reqdfieldsn = array(gettext("Pre-Shared Key")); } else { - $reqdfields = explode(" ", "certref"); - $reqdfieldsn = array(gettext("My Certificate")); + $reqdfields = explode(" ", "caref certref"); + $reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate")); } if (!$pconfig['mobile']) { $reqdfields[] = "remotegw"; @@ -292,6 +293,7 @@ if ($_POST) { $ph1ent['pre-shared-key'] = $pconfig['pskey']; $ph1ent['private-key'] = base64_encode($pconfig['privatekey']); $ph1ent['certref'] = $pconfig['certref']; + $ph1ent['caref'] = $pconfig['caref']; $ph1ent['authentication_method'] = $pconfig['authentication_method']; $ph1ent['proposal_check'] = $pconfig['proposal_check']; $ph1ent['descr'] = $pconfig['descr']; @@ -374,24 +376,28 @@ function methodsel_change() { document.getElementById('opt_psk').style.display = 'none'; document.getElementById('opt_peerid').style.display = ''; document.getElementById('opt_cert').style.display = ''; + document.getElementById('opt_ca').style.display = ''; break; case 'xauth_rsa_server': case 'rsasig': document.getElementById('opt_psk').style.display = 'none'; document.getElementById('opt_peerid').style.display = ''; document.getElementById('opt_cert').style.display = ''; + document.getElementById('opt_ca').style.display = ''; break; <?php if ($pconfig['mobile']) { ?> case 'pre_shared_key': document.getElementById('opt_psk').style.display = 'none'; document.getElementById('opt_peerid').style.display = 'none'; document.getElementById('opt_cert').style.display = 'none'; + document.getElementById('opt_ca').style.display = 'none'; break; <?php } ?> default: /* psk modes*/ document.getElementById('opt_psk').style.display = ''; document.getElementById('opt_peerid').style.display = ''; document.getElementById('opt_cert').style.display = 'none'; + document.getElementById('opt_ca').style.display = 'none'; break; } } @@ -710,6 +716,25 @@ function dpdchkbox_change() { </span> </td> </tr> + <tr id="opt_ca"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("My Certificate Authority"); ?></td> + <td width="78%" class="vtable"> + <select name='caref' class="formselect"> + <?php + foreach ($config['system']['ca'] as $ca): + $selected = ""; + if ($pconfig['caref'] == $ca['refid']) + $selected = "selected"; + ?> + <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['name'];?></option> + <?php endforeach; ?> + </select> + <br> + <span class="vexpl"> + <?=gettext("Select a certificate authority previously configured in the Certificate Manager"); ?>. + </span> + </td> + </tr> <tr> <td colspan="2" class="list" height="12"></td> </tr> |
