diff options
Diffstat (limited to 'src/etc/inc/openvpn.inc')
-rw-r--r-- | src/etc/inc/openvpn.inc | 86 |
1 files changed, 59 insertions, 27 deletions
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc index d69bfbf..9dc5579 100644 --- a/src/etc/inc/openvpn.inc +++ b/src/etc/inc/openvpn.inc @@ -131,8 +131,9 @@ function openvpn_build_mode_list() { $list = array(); - foreach ($openvpn_server_modes as $name => $desc) + foreach ($openvpn_server_modes as $name => $desc) { $list[$name] = $desc; + } return($list); } @@ -143,24 +144,28 @@ function openvpn_build_if_list() { $interfaces = get_configured_interface_with_descr(); $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) + foreach ($carplist as $cif => $carpip) { $interfaces[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")"; + } $aliaslist = get_configured_ip_aliases_list(); - foreach ($aliaslist as $aliasip => $aliasif) + foreach ($aliaslist as $aliasip => $aliasif) { $interfaces[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + } $grouplist = return_gateway_groups_array(); foreach ($grouplist as $name => $group) { - if($group['ipprotocol'] != inet) + if ($group['ipprotocol'] != inet) { continue; + } - if($group[0]['vip'] != "") + if ($group[0]['vip'] != "") { $vipif = $group[0]['vip']; - else + } else { $vipif = $group[0]['int']; + } $interfaces[$name] = "GW Group {$name}"; } @@ -168,8 +173,9 @@ function openvpn_build_if_list() { $interfaces['lo0'] = "Localhost"; $interfaces['any'] = "any"; - foreach ($interfaces as $iface => $ifacename) + foreach ($interfaces as $iface => $ifacename) { $list[$iface] = $ifacename; + } return($list); } @@ -183,8 +189,9 @@ function openvpn_build_crl_list() { $caname = ""; $ca = lookup_ca($crl['caref']); - if ($ca) + if ($ca) { $caname = " (CA: {$ca['descr']})"; + } $list[$crl['refid']] = $crl['descr'] . $caname; } @@ -192,7 +199,7 @@ function openvpn_build_crl_list() { return($list); } -function openvpn_build_cert_list($include_none = false) { +function openvpn_build_cert_list($include_none = false, $prioritize_server_certs = false) { global $a_cert; if ($include_none) { @@ -201,28 +208,50 @@ function openvpn_build_cert_list($include_none = false) { $list = array(); } - foreach ($a_cert as $cert) { - $caname = ""; - $inuse = ""; - $revoked = ""; - $ca = lookup_ca($cert['caref']); + $non_server_list = array(); - if ($ca) - $caname = " (CA: {$ca['descr']})"; + if ($prioritize_server_certs) { + $list[' '] = "===== Server Certificates ====="; + $non_server_list[' '] = "===== Non-Server Certificates ====="; + } - if ($pconfig['certref'] == $cert['refid']) - $selected = "selected"; + foreach ($a_cert as $cert) { + $properties = array(); + $propstr = ""; + $ca = lookup_ca($cert['caref']); + $purpose = cert_get_purpose($cert['crt'], true); - if (cert_in_use($cert['refid'])) - $inuse = " *In Use"; + if ($purpose['server'] == "Yes") { + $properties[] = "Server: Yes"; + } elseif ($prioritize_server_certs) { + $properties[] = "Server: NO"; + } + if ($ca) { + $properties[] = "CA: {$ca['descr']}"; + } + if (cert_in_use($cert['refid'])) { + $properties[] = "In Use"; + } + if (is_cert_revoked($cert)) { + $properties[] = "Revoked"; + } - if (is_cert_revoked($cert)) - $revoked = " *Revoked"; + if (!empty($properties)) { + $propstr = " (" . implode(", ", $properties) . ")"; + } - $list[$cert['refid']] = $cert['descr'] . $caname . $inuse . $revoked; + if ($prioritize_server_certs) { + if ($purpose['server'] == "Yes") { + $list[$cert['refid']] = $cert['descr'] . $propstr; + } else { + $non_server_list[$cert['refid']] = $cert['descr'] . $propstr; + } + } else { + $list[$cert['refid']] = $cert['descr'] . $propstr; + } } - return($list); + return(array('server' => $list, 'non-server' => $non_server_list)); } function openvpn_build_bridge_list() { @@ -232,16 +261,19 @@ function openvpn_build_bridge_list() { $serverbridge_interface = array_merge($serverbridge_interface, get_configured_interface_with_descr()); $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) + foreach ($carplist as $cif => $carpip) { $serverbridge_interface[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")"; + } $aliaslist = get_configured_ip_aliases_list(); - foreach ($aliaslist as $aliasip => $aliasif) + foreach ($aliaslist as $aliasip => $aliasif) { $serverbridge_interface[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + } - foreach ($serverbridge_interface as $iface => $ifacename) + foreach ($serverbridge_interface as $iface => $ifacename) { $list[$iface] = htmlspecialchars($ifacename); + } return($list); } |