From 7304c0234042868d91ab484d839a8c69087871be Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Sat, 30 May 2015 20:46:56 +0545 Subject: Allow option to specify just 1 of user and pass in OpenVPN .up file As per comment in https://redmine.pfsense.org/issues/3633 sometimes the server end only requires a password, no username. Usually 1 long string that serves as the hard-to-guess authentication. OpenVPN expects something to be on the first line of the ".up" file - traditionally called the username. It also insists on the second line being present, but is happy with it being empty - this is the authentication information traditionally called "password". Let the user put the single piece of authentication information in either the Username or Password field on the web GUI - whichever they feel comfortable calling it. In the ".up" file it has to always be the first line to keep OpenVPN happy. --- etc/inc/openvpn.inc | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'etc/inc') diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 927a3ec..23ae85c 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -789,11 +789,21 @@ function openvpn_reconfigure($mode, $settings) { } } - if ($settings['auth_user'] && $settings['auth_pass']) { + if ($settings['auth_user'] || $settings['auth_pass']) { $up_file = "{$g['varetc_path']}/openvpn/{$mode_id}.up"; $conf .= "auth-user-pass {$up_file}\n"; - $userpass = "{$settings['auth_user']}\n"; - $userpass .= "{$settings['auth_pass']}\n"; + if ($settings['auth_user']) { + $userpass = "{$settings['auth_user']}\n"; + } else { + $userpass = ""; + } + if ($settings['auth_pass']) { + $userpass .= "{$settings['auth_pass']}\n"; + } + // If only auth_pass is given, then it acts like a user name and we put a blank line where pass would normally go. + if (!($settings['auth_user'] && $settings['auth_pass'])) { + $userpass .= "\n"; + } file_put_contents($up_file, $userpass); } -- cgit v1.1