From 21c776dd85331afd178dd322de6d092f3c427b9c Mon Sep 17 00:00:00 2001
From: jim-p <jim@pingle.org>
Date: Sat, 8 May 2010 12:12:04 -0400
Subject: Fix OpenVPN server validation logic. It was failing if you tried to
 save a shared key server instance with an existing shared key.

---
 usr/local/www/vpn_openvpn_server.php | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'usr/local/www/vpn_openvpn_server.php')

diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php
index f19a216..6a022b7 100644
--- a/usr/local/www/vpn_openvpn_server.php
+++ b/usr/local/www/vpn_openvpn_server.php
@@ -244,12 +244,14 @@ if ($_POST) {
 	if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
 		$input_errors[] = "The field 'Concurrent connections' must be numeric.";
 
-	if (!$tls_mode && !$pconfig['autokey_enable']) {
-		$reqdfields = array('shared_key');
-		$reqdfieldsn = array('Shared key');
-	} else {
+	/* If we are not in shared key mode, then we need the CA/Cert. */
+	if ($pconfig['mode'] != "p2p_shared_key") {
 		$reqdfields = explode(" ", "caref certref");
 		$reqdfieldsn = explode(",", "Certificate Authority,Certificate");;
+	} elseif (!$pconfig['autokey_enable']) {
+		/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
+		$reqdfields = array('shared_key');
+		$reqdfieldsn = array('Shared key');
 	}
 
 	$reqdfields[] = 'tunnel_network';
-- 
cgit v1.1