summaryrefslogtreecommitdiffstats
path: root/src/etc/inc/openvpn.inc
diff options
context:
space:
mode:
Diffstat (limited to 'src/etc/inc/openvpn.inc')
-rw-r--r--src/etc/inc/openvpn.inc86
1 files changed, 59 insertions, 27 deletions
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc
index d69bfbf..9dc5579 100644
--- a/src/etc/inc/openvpn.inc
+++ b/src/etc/inc/openvpn.inc
@@ -131,8 +131,9 @@ function openvpn_build_mode_list() {
$list = array();
- foreach ($openvpn_server_modes as $name => $desc)
+ foreach ($openvpn_server_modes as $name => $desc) {
$list[$name] = $desc;
+ }
return($list);
}
@@ -143,24 +144,28 @@ function openvpn_build_if_list() {
$interfaces = get_configured_interface_with_descr();
$carplist = get_configured_carp_interface_list();
- foreach ($carplist as $cif => $carpip)
+ foreach ($carplist as $cif => $carpip) {
$interfaces[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
+ }
$aliaslist = get_configured_ip_aliases_list();
- foreach ($aliaslist as $aliasip => $aliasif)
+ foreach ($aliaslist as $aliasip => $aliasif) {
$interfaces[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
+ }
$grouplist = return_gateway_groups_array();
foreach ($grouplist as $name => $group) {
- if($group['ipprotocol'] != inet)
+ if ($group['ipprotocol'] != inet) {
continue;
+ }
- if($group[0]['vip'] != "")
+ if ($group[0]['vip'] != "") {
$vipif = $group[0]['vip'];
- else
+ } else {
$vipif = $group[0]['int'];
+ }
$interfaces[$name] = "GW Group {$name}";
}
@@ -168,8 +173,9 @@ function openvpn_build_if_list() {
$interfaces['lo0'] = "Localhost";
$interfaces['any'] = "any";
- foreach ($interfaces as $iface => $ifacename)
+ foreach ($interfaces as $iface => $ifacename) {
$list[$iface] = $ifacename;
+ }
return($list);
}
@@ -183,8 +189,9 @@ function openvpn_build_crl_list() {
$caname = "";
$ca = lookup_ca($crl['caref']);
- if ($ca)
+ if ($ca) {
$caname = " (CA: {$ca['descr']})";
+ }
$list[$crl['refid']] = $crl['descr'] . $caname;
}
@@ -192,7 +199,7 @@ function openvpn_build_crl_list() {
return($list);
}
-function openvpn_build_cert_list($include_none = false) {
+function openvpn_build_cert_list($include_none = false, $prioritize_server_certs = false) {
global $a_cert;
if ($include_none) {
@@ -201,28 +208,50 @@ function openvpn_build_cert_list($include_none = false) {
$list = array();
}
- foreach ($a_cert as $cert) {
- $caname = "";
- $inuse = "";
- $revoked = "";
- $ca = lookup_ca($cert['caref']);
+ $non_server_list = array();
- if ($ca)
- $caname = " (CA: {$ca['descr']})";
+ if ($prioritize_server_certs) {
+ $list[' '] = "===== Server Certificates =====";
+ $non_server_list[' '] = "===== Non-Server Certificates =====";
+ }
- if ($pconfig['certref'] == $cert['refid'])
- $selected = "selected";
+ foreach ($a_cert as $cert) {
+ $properties = array();
+ $propstr = "";
+ $ca = lookup_ca($cert['caref']);
+ $purpose = cert_get_purpose($cert['crt'], true);
- if (cert_in_use($cert['refid']))
- $inuse = " *In Use";
+ if ($purpose['server'] == "Yes") {
+ $properties[] = "Server: Yes";
+ } elseif ($prioritize_server_certs) {
+ $properties[] = "Server: NO";
+ }
+ if ($ca) {
+ $properties[] = "CA: {$ca['descr']}";
+ }
+ if (cert_in_use($cert['refid'])) {
+ $properties[] = "In Use";
+ }
+ if (is_cert_revoked($cert)) {
+ $properties[] = "Revoked";
+ }
- if (is_cert_revoked($cert))
- $revoked = " *Revoked";
+ if (!empty($properties)) {
+ $propstr = " (" . implode(", ", $properties) . ")";
+ }
- $list[$cert['refid']] = $cert['descr'] . $caname . $inuse . $revoked;
+ if ($prioritize_server_certs) {
+ if ($purpose['server'] == "Yes") {
+ $list[$cert['refid']] = $cert['descr'] . $propstr;
+ } else {
+ $non_server_list[$cert['refid']] = $cert['descr'] . $propstr;
+ }
+ } else {
+ $list[$cert['refid']] = $cert['descr'] . $propstr;
+ }
}
- return($list);
+ return(array('server' => $list, 'non-server' => $non_server_list));
}
function openvpn_build_bridge_list() {
@@ -232,16 +261,19 @@ function openvpn_build_bridge_list() {
$serverbridge_interface = array_merge($serverbridge_interface, get_configured_interface_with_descr());
$carplist = get_configured_carp_interface_list();
- foreach ($carplist as $cif => $carpip)
+ foreach ($carplist as $cif => $carpip) {
$serverbridge_interface[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
+ }
$aliaslist = get_configured_ip_aliases_list();
- foreach ($aliaslist as $aliasip => $aliasif)
+ foreach ($aliaslist as $aliasip => $aliasif) {
$serverbridge_interface[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
+ }
- foreach ($serverbridge_interface as $iface => $ifacename)
+ foreach ($serverbridge_interface as $iface => $ifacename) {
$list[$iface] = htmlspecialchars($ifacename);
+ }
return($list);
}
OpenPOWER on IntegriCloud