summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/etc/inc/openvpn.inc9
-rw-r--r--src/usr/local/www/vpn_openvpn_client.php4
-rw-r--r--src/usr/local/www/vpn_openvpn_server.php24
3 files changed, 26 insertions, 11 deletions
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc
index 7c50d72..9dc5579 100644
--- a/src/etc/inc/openvpn.inc
+++ b/src/etc/inc/openvpn.inc
@@ -208,9 +208,10 @@ function openvpn_build_cert_list($include_none = false, $prioritize_server_certs
$list = array();
}
+ $non_server_list = array();
+
if ($prioritize_server_certs) {
$list[' '] = "===== Server Certificates =====";
- $non_server_list = array();
$non_server_list[' '] = "===== Non-Server Certificates =====";
}
@@ -250,11 +251,7 @@ function openvpn_build_cert_list($include_none = false, $prioritize_server_certs
}
}
- if ($prioritize_server_certs) {
- $list = array_merge($list, $non_server_list);
- }
-
- return($list);
+ return(array('server' => $list, 'non-server' => $non_server_list));
}
function openvpn_build_bridge_list() {
diff --git a/src/usr/local/www/vpn_openvpn_client.php b/src/usr/local/www/vpn_openvpn_client.php
index 496f6e0..19a9609 100644
--- a/src/usr/local/www/vpn_openvpn_client.php
+++ b/src/usr/local/www/vpn_openvpn_client.php
@@ -616,11 +616,13 @@ if($act=="new" || $act=="edit") :
$pconfig['shared_key']
))->setHelp('Paste your shared key here');
+ $cl = openvpn_build_cert_list(true);
+
$section->addInput(new Form_Select(
'certref',
'Client Certificate',
$pconfig['certref'],
- openvpn_build_cert_list(true)
+ $cl['server']
));
$section->addInput(new Form_Select(
diff --git a/src/usr/local/www/vpn_openvpn_server.php b/src/usr/local/www/vpn_openvpn_server.php
index 746eac6..4a475b4 100644
--- a/src/usr/local/www/vpn_openvpn_server.php
+++ b/src/usr/local/www/vpn_openvpn_server.php
@@ -747,24 +747,29 @@ if($act=="new" || $act=="edit") :
));
}
- $certhelp = "";
+ $certhelp = '<span id="certtype"></span>';
if (count($a_cert)) {
if (!empty(trim($pconfig['certref']))) {
$thiscert = lookup_cert($pconfig['certref']);
$purpose = cert_get_purpose($thiscert['crt'], true);
if ($purpose['server'] != "Yes") {
- $certhelp = gettext("Warning: The previously saved server was not created as an SSL Server certificate and may not work properly.");
+ $certhelp = '<span id="certtype" class="text-danger">' . gettext("Warning: The selected server certificate was not created as an SSL Server certificate and may not work as expected") . ' </span>';
}
}
} else {
- $certhelp = sprintf('No Certificates defined. You may create one here: %s', '<a href="system_camanager.php">System &gt; Cert Manager</a>');
+ $certhelp = sprintf('%s%s%s$s', '<span id="certtype">', gettext('No Certificates defined. You may create one here: '), '<a href="system_camanager.php">System &gt; Cert Manager</a>', '</span>');
}
+ $cl = openvpn_build_cert_list(false, true);
+
+ //Save the number of server certs for use at run-time
+ $servercerts = count($cl['server']);
+
$section->addInput(new Form_Select(
'certref',
'Server certificate',
$pconfig['certref'],
- openvpn_build_cert_list(false, true)
+ $cl['server'] + $cl['non-server']
))->setHelp($certhelp);
$section->addInput(new Form_Select(
@@ -1569,6 +1574,17 @@ events.push(function(){
tuntap_change();
});
+ // Certref
+ $('#certref').on('change', function() {
+ var errmsg = "";
+
+ if ($(this).find(":selected").index() >= "<?=$servercerts?>") {
+ var errmsg = '<span class="text-danger">' + "<?=gettext('Warning: The selected server certificate was not created as an SSL Server certificate and may not work as expected')?>" + '</span>';
+ }
+
+ $('#certtype').html(errmsg);
+ });
+
// ---------- Set initial page display state ----------------------------------------------------------------------
mode_change();
autokey_change();
OpenPOWER on IntegriCloud