diff options
| author | jim-p <jimp@pfsense.org> | 2013-10-30 15:47:59 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2013-10-30 15:47:59 -0400 |
| commit | 97d5b59b41d6e598b81ad8e4117d0de1e1ec14fa (patch) | |
| tree | 1a3b1ad9f059452f87689eb20f2ca99f8132cf92 /usr | |
| parent | 204bec28359f7ef8bc0dee97b909839a0566daf8 (diff) | |
| download | pfsense-97d5b59b41d6e598b81ad8e4117d0de1e1ec14fa.zip pfsense-97d5b59b41d6e598b81ad8e4117d0de1e1ec14fa.tar.gz | |
Add an Authentication Digest Algorithm drop-down to OpenVPN server/client (SHA1 is the default since that is OpenVPN's default)
Diffstat (limited to 'usr')
| -rw-r--r-- | usr/local/www/vpn_openvpn_client.php | 23 | ||||
| -rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 23 |
2 files changed, 46 insertions, 0 deletions
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 4f0b6db..c122b79 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -92,6 +92,8 @@ if($_GET['act']=="new"){ $pconfig['autotls_enable'] = "yes"; $pconfig['interface'] = "wan"; $pconfig['server_port'] = 1194; + // OpenVPN Defaults to SHA1 + $pconfig['digest'] = "SHA1"; } if($_GET['act']=="edit"){ @@ -129,6 +131,8 @@ if($_GET['act']=="edit"){ } else $pconfig['shared_key'] = base64_decode($a_client[$id]['shared_key']); $pconfig['crypto'] = $a_client[$id]['crypto']; + // OpenVPN Defaults to SHA1 if unset + $pconfig['digest'] = !empty($a_client[$id]['digest']) ? $a_client[$id]['digest'] : "SHA1"; $pconfig['engine'] = $a_client[$id]['engine']; $pconfig['tunnel_network'] = $a_client[$id]['tunnel_network']; @@ -283,6 +287,7 @@ if ($_POST) { $client['shared_key'] = base64_encode($pconfig['shared_key']); } $client['crypto'] = $pconfig['crypto']; + $client['digest'] = $pconfig['digest']; $client['engine'] = $pconfig['engine']; $client['tunnel_network'] = $pconfig['tunnel_network']; @@ -762,6 +767,24 @@ if ($savemsg) </select> </td> </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td> + <td width="78%" class="vtable"> + <select name="digest" class="formselect"> + <?php + $digestlist = openvpn_get_digestlist(); + foreach ($digestlist as $name => $desc): + $selected = ''; + if ($name == $pconfig['digest']) + $selected = ' selected'; + ?> + <option value="<?=$name;?>"<?=$selected?>> + <?=htmlspecialchars($desc);?> + </option> + <?php endforeach; ?> + </select> + </td> + </tr> <tr id="engine"> <td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td> <td width="78%" class="vtable"> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index c8b70c3..e59e424 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -97,6 +97,8 @@ if($_GET['act']=="new"){ $pconfig['local_port'] = openvpn_port_next('UDP'); $pconfig['pool_enable'] = "yes"; $pconfig['cert_depth'] = 1; + // OpenVPN Defaults to SHA1 + $pconfig['digest'] = "SHA1"; } if($_GET['act']=="edit"){ @@ -133,6 +135,8 @@ if($_GET['act']=="edit"){ } else $pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']); $pconfig['crypto'] = $a_server[$id]['crypto']; + // OpenVPN Defaults to SHA1 if unset + $pconfig['digest'] = !empty($a_server[$id]['digest']) ? $a_server[$id]['digest'] : "SHA1"; $pconfig['engine'] = $a_server[$id]['engine']; $pconfig['tunnel_network'] = $a_server[$id]['tunnel_network']; @@ -381,6 +385,7 @@ if ($_POST) { $server['shared_key'] = base64_encode($pconfig['shared_key']); } $server['crypto'] = $pconfig['crypto']; + $server['digest'] = $pconfig['digest']; $server['engine'] = $pconfig['engine']; $server['tunnel_network'] = $pconfig['tunnel_network']; @@ -1060,6 +1065,24 @@ if ($savemsg) </select> </td> </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td> + <td width="78%" class="vtable"> + <select name="digest" class="formselect"> + <?php + $digestlist = openvpn_get_digestlist(); + foreach ($digestlist as $name => $desc): + $selected = ''; + if ($name == $pconfig['digest']) + $selected = ' selected'; + ?> + <option value="<?=$name;?>"<?=$selected?>> + <?=htmlspecialchars($desc);?> + </option> + <?php endforeach; ?> + </select> + </td> + </tr> <tr id="engine"> <td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td> <td width="78%" class="vtable"> |
