diff options
-rw-r--r-- | etc/inc/openvpn.auth-user.php | 2 | ||||
-rwxr-xr-x | usr/local/sbin/ovpn_auth_verify | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/etc/inc/openvpn.auth-user.php b/etc/inc/openvpn.auth-user.php index b7be6ac..3f199e3 100644 --- a/etc/inc/openvpn.auth-user.php +++ b/etc/inc/openvpn.auth-user.php @@ -85,7 +85,7 @@ openlog("openvpn", LOG_ODELAY, LOG_AUTH); if (isset($_GET)) { $authmodes = explode(",", $_GET['authcfg']); $username = $_GET['username']; - $password = urldecode($_GET['password']); + $password = base64_decode(str_replace('%3D', '=', $_GET['password'])); $common_name = $_GET['cn']; $modeid = $_GET['modeid']; $strictusercn = $_GET['strictcn'] == "false" ? false : true; diff --git a/usr/local/sbin/ovpn_auth_verify b/usr/local/sbin/ovpn_auth_verify index c1e147f..5f19b9e 100755 --- a/usr/local/sbin/ovpn_auth_verify +++ b/usr/local/sbin/ovpn_auth_verify @@ -1,10 +1,12 @@ #!/bin/sh +password="asdfsad +%$" if [ "$1" = "tls" ]; then RESULT=$(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.tls-verify.php -d "servercn=$2&depth=$3&certdepth=$4&certsubject=$5") else # Single quoting $password breaks getting the value from the variable. - password=$(echo ${password} | /usr/bin/sed -e 's/&/%26/g' -e 's/ /%20/g') + password=$(echo ${password} | openssl enc -base64 | sed -e 's/=/%3D/g') + echo "(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.auth-user.php -d username=$username&password=$password&cn=$common_name&strictcn=$3&authcfg=$2&modeid=$4')" RESULT=$(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.auth-user.php -d "username=$username&password=$password&cn=$common_name&strictcn=$3&authcfg=$2&modeid=$4") fi |