summaryrefslogtreecommitdiffstats
path: root/usr
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2010-08-13 14:15:08 -0400
committerjim-p <jimp@pfsense.org>2010-08-13 14:15:08 -0400
commita22d475f113d9f46fcb5015ea76901cb30ff4a3e (patch)
tree6f399cd57f7c5d6dc54c340454e50afc44b44333 /usr
parentdc291feb70c4142d112177a9e1fdac3bb2d31f69 (diff)
downloadpfsense-a22d475f113d9f46fcb5015ea76901cb30ff4a3e.zip
pfsense-a22d475f113d9f46fcb5015ea76901cb30ff4a3e.tar.gz
Let the user choose the IPsec CA instead of assuming.
Diffstat (limited to 'usr')
-rw-r--r--usr/local/www/vpn_ipsec_phase1.php29
1 files changed, 27 insertions, 2 deletions
diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php
index 529cf73..7c3300c 100644
--- a/usr/local/www/vpn_ipsec_phase1.php
+++ b/usr/local/www/vpn_ipsec_phase1.php
@@ -96,6 +96,7 @@ if (isset($p1index) && $a_phase1[$p1index]) {
$pconfig['pskey'] = $a_phase1[$p1index]['pre-shared-key'];
} else {
$pconfig['certref'] = $a_phase1[$p1index]['certref'];
+ $pconfig['caref'] = $a_phase1[$p1index]['caref'];
}
$pconfig['descr'] = $a_phase1[$p1index]['descr'];
@@ -142,8 +143,8 @@ if ($_POST) {
$reqdfields = explode(" ", "pskey");
$reqdfieldsn = array(gettext("Pre-Shared Key"));
} else {
- $reqdfields = explode(" ", "certref");
- $reqdfieldsn = array(gettext("My Certificate"));
+ $reqdfields = explode(" ", "caref certref");
+ $reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
}
if (!$pconfig['mobile']) {
$reqdfields[] = "remotegw";
@@ -292,6 +293,7 @@ if ($_POST) {
$ph1ent['pre-shared-key'] = $pconfig['pskey'];
$ph1ent['private-key'] = base64_encode($pconfig['privatekey']);
$ph1ent['certref'] = $pconfig['certref'];
+ $ph1ent['caref'] = $pconfig['caref'];
$ph1ent['authentication_method'] = $pconfig['authentication_method'];
$ph1ent['proposal_check'] = $pconfig['proposal_check'];
$ph1ent['descr'] = $pconfig['descr'];
@@ -374,24 +376,28 @@ function methodsel_change() {
document.getElementById('opt_psk').style.display = 'none';
document.getElementById('opt_peerid').style.display = '';
document.getElementById('opt_cert').style.display = '';
+ document.getElementById('opt_ca').style.display = '';
break;
case 'xauth_rsa_server':
case 'rsasig':
document.getElementById('opt_psk').style.display = 'none';
document.getElementById('opt_peerid').style.display = '';
document.getElementById('opt_cert').style.display = '';
+ document.getElementById('opt_ca').style.display = '';
break;
<?php if ($pconfig['mobile']) { ?>
case 'pre_shared_key':
document.getElementById('opt_psk').style.display = 'none';
document.getElementById('opt_peerid').style.display = 'none';
document.getElementById('opt_cert').style.display = 'none';
+ document.getElementById('opt_ca').style.display = 'none';
break;
<?php } ?>
default: /* psk modes*/
document.getElementById('opt_psk').style.display = '';
document.getElementById('opt_peerid').style.display = '';
document.getElementById('opt_cert').style.display = 'none';
+ document.getElementById('opt_ca').style.display = 'none';
break;
}
}
@@ -710,6 +716,25 @@ function dpdchkbox_change() {
</span>
</td>
</tr>
+ <tr id="opt_ca">
+ <td width="22%" valign="top" class="vncellreq"><?=gettext("My Certificate Authority"); ?></td>
+ <td width="78%" class="vtable">
+ <select name='caref' class="formselect">
+ <?php
+ foreach ($config['system']['ca'] as $ca):
+ $selected = "";
+ if ($pconfig['caref'] == $ca['refid'])
+ $selected = "selected";
+ ?>
+ <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['name'];?></option>
+ <?php endforeach; ?>
+ </select>
+ <br>
+ <span class="vexpl">
+ <?=gettext("Select a certificate authority previously configured in the Certificate Manager"); ?>.
+ </span>
+ </td>
+ </tr>
<tr>
<td colspan="2" class="list" height="12"></td>
</tr>
OpenPOWER on IntegriCloud