From 762a24a382ca93d2b78c8917c6cfe9d271c098c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ermal=20Lu=E7i?= Date: Tue, 23 Feb 2010 19:04:39 +0000 Subject: Add proxy authentication capabilities to OpenVPN client. --- etc/inc/openvpn.inc | 12 +++++-- usr/local/www/vpn_openvpn_client.php | 65 ++++++++++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+), 2 deletions(-) diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index a67d1bb..7033254 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -446,8 +446,16 @@ function openvpn_reconfigure($mode,& $settings) { $conf .= "ifconfig $ip2 $ip1\n"; } - if ($settings['proxy_addr']) - $conf .= "http-proxy {$settings['proxy_addr']} {$settings['proxy_port']}\n"; + if ($settings['proxy_addr']) { + $conf .= "http-proxy {$settings['proxy_addr']} {$settings['proxy_port']}"; + if ($settings['proxy_authtype'] != "none") { + $conf .= " {$g['varetc_path']}/openvpn/{$mode_id}.pas {$settings['proxy_authtype']}"; + $proxypas = "{$settings['proxy_user']}\n"; + $proxypas .= "{$settings['proxy_passwd']}\n"; + file_put_contents("{$g['varetc_path']}/openvpn/{$mode_id}.pas", $proxypas); + } + $conf .= " \n"; + } } // Add a remote network route if set diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index f1f48fd..0083fd2 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -90,6 +90,9 @@ if($_GET['act']=="edit"){ $pconfig['resolve_retry'] = $a_client[$id]['resolve_retry']; $pconfig['proxy_addr'] = $a_client[$id]['proxy_addr']; $pconfig['proxy_port'] = $a_client[$id]['proxy_port']; + $pconfig['proxy_user'] = $a_client[$id]['proxy_user']; + $pconfig['proxy_passwd'] = $a_client[$id]['proxy_passwd']; + $pconfig['proxy_authtype'] = $a_client[$id]['proxy_authtype']; $pconfig['description'] = $a_client[$id]['description']; $pconfig['custom_options'] = $a_client[$id]['custom_options']; $pconfig['ns_cert_type'] = $a_client[$id]['ns_cert_type']; @@ -156,6 +159,11 @@ if ($_POST) { if ($result = openvpn_validate_port($pconfig['proxy_port'], 'Proxy port')) $input_errors[] = $result; + + if ($pconfig['proxy_authtype'] != "none") { + if (empty($pconfig['proxy_user']) || empty($pconfig['proxy_passwd'])) + $input_errors[] = "User name and password are required for proxy with authentication."; + } } if($pconfig['tunnel_network']) @@ -207,6 +215,9 @@ if ($_POST) { $client['resolve_retry'] = $pconfig['resolve_retry']; $client['proxy_addr'] = $pconfig['proxy_addr']; $client['proxy_port'] = $pconfig['proxy_port']; + $client['proxy_authtype'] = $pconfig['proxy_authtype']; + $client['proxy_user'] = $pconfig['proxy_user']; + $client['proxy_passwd'] = $pconfig['proxy_passwd']; $client['description'] = $pconfig['description']; $client['mode'] = $pconfig['mode']; $client['custom_options'] = $pconfig['custom_options']; @@ -277,6 +288,15 @@ function autokey_change() { document.getElementById("autokey_opts").style.display=""; } +function useproxy_changed() { + + if ($('proxy_authtype').value != 'none') { + $('proxy_authtype_opts').show(); + } else { + $('proxy_authtype_opts').hide(); + } +} + function tlsauth_change() { @@ -459,6 +479,50 @@ function autotls_change() { + + + + + + + +
+ +  Authentication method :  + + + +
+
+ + + + + + + + + + + + + Server host name resolution @@ -797,6 +861,7 @@ function autotls_change() { mode_change(); autokey_change(); tlsauth_change(); +useproxy_changed(); //--> -- cgit v1.1