From 5ce63c3e8e028dfd59ee5f32a504772b458d717c Mon Sep 17 00:00:00 2001
From: jim-p <jim@pingle.org>
Date: Mon, 12 Apr 2010 13:54:07 -0400
Subject: Add/fix wording of descriptions in OpenVPN wizard. While I'm here,
 convert leading spaces to tabs.

---
 usr/local/www/wizards/openvpn_wizard.inc | 300 ++++++++++++++++---------------
 1 file changed, 152 insertions(+), 148 deletions(-)

(limited to 'usr/local/www/wizards/openvpn_wizard.inc')

diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc
index 2e01e6a..cba0d10 100644
--- a/usr/local/www/wizards/openvpn_wizard.inc
+++ b/usr/local/www/wizards/openvpn_wizard.inc
@@ -1,30 +1,30 @@
 <?php
 /*
-        Copyright (C) 2010 Ermal Luçi
-        All rights reserved.
-
-        Redistribution and use in source and binary forms, with or without
-        modification, are permitted provided that the following conditions are met:
-
-        1. Redistributions of source code must retain the above copyright notice,
-           this list of conditions and the following disclaimer.
-
-        2. Redistributions in binary form must reproduce the above copyright
-           notice, this list of conditions and the following disclaimer in the
-           documentation and/or other materials provided with the distribution.
-
-        THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-        INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-        AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-        AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-        OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-        SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-        INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-        CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-        ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-        POSSIBILITY OF SUCH DAMAGE.
-
-        pfSense_MODULE: openvpn
+	Copyright (C) 2010 Ermal Luçi
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+
+	pfSense_MODULE: openvpn
 */
 require_once("openvpn.inc");
 
@@ -46,7 +46,7 @@ function step2_stepbeforeformdisplay() {
 	global $pkg, $stepid;
 
 	$fields =& $pkg['step'][1]['fields']['field'];
-	
+
 	$found = false;
 	$authlist = auth_get_authserver_list();
 	$fields[1]['options']['option'] = array();
@@ -54,13 +54,13 @@ function step2_stepbeforeformdisplay() {
 		if ($auth['type'] != "ldap")
 			continue;
 		$found = true;
-               	$opts = array();
-               	$opts['name'] = $auth['name'];
-               	$opts['value'] = $auth['name'];
-               	$fields[1]['options']['option'][] = $opts;
+		$opts = array();
+		$opts['name'] = $auth['name'];
+		$opts['value'] = $auth['name'];
+		$fields[1]['options']['option'][] = $opts;
 	}
 	if ($found == false) {
-                $stepid = 2;
+		$stepid = 2;
 	}
 }
 
@@ -91,46 +91,46 @@ function step3_submitphpaction() {
 }
 
 function step4_stepbeforeformdisplay() {
-        global $pkg, $stepid;
+	global $pkg, $stepid;
 
-        $fields =& $pkg['step'][3]['fields']['field'];
+	$fields =& $pkg['step'][3]['fields']['field'];
 
 	$found = false;
-        $authlist = auth_get_authserver_list();
-       	$fields[1]['options']['option'] = array();
-       	foreach ($authlist as $i => $auth) {
-               	if ($auth['type'] != "radius")
-                       	continue;
+	$authlist = auth_get_authserver_list();
+	$fields[1]['options']['option'] = array();
+	foreach ($authlist as $i => $auth) {
+		if ($auth['type'] != "radius")
+			continue;
 		$found = true;
-               	$opts = array();
-               	$opts['name'] = $auth['name'];
-               	$opts['value'] = $auth['name'];
-               	$fields[1]['options']['option'][] = $opts;
-        }
+		$opts = array();
+		$opts['name'] = $auth['name'];
+		$opts['value'] = $auth['name'];
+		$fields[1]['options']['option'][] = $opts;
+	}
 	if ($found == false)
-                $stepid = 4;
+		$stepid = 4;
 }
 
 function step4_submitphpaction() {
-        global $stepid;
+	global $stepid;
 
 	if (isset($_POST['next'])) {
-                $_POST['uselist'] = "";
-                $stepid++;
-        }
+		$_POST['uselist'] = "";
+		$stepid++;
+	}
 }
 
 function step5_submitphpaction() {
 	global $stepid, $savemsg, $config;
 
-        if (empty($_POST['name']) || empty($_POST['ip']) || empty($_POST['port']) ||
-            empty($_POST['secret'])) {
+	if (empty($_POST['name']) || empty($_POST['ip']) || empty($_POST['port']) ||
+	    empty($_POST['secret'])) {
 		$stepid--;
-                $savemsg = "Please enter all information for authentication server.";
+		$savemsg = "Please enter all information for authentication server.";
 	} else if (count(($authcfg = auth_get_authserver($_POST['name']))) > 0) {
 		$stepid--;
 		$savemsg = "Please choose a different name because an authentication server with this name already exists.";
-        } else {
+	} else {
 		$config['ovpnserver']['step2']['uselist'] = "on";
 		$_POST['uselist'] = "on";
 	}
@@ -148,11 +148,11 @@ function step6_submitphpaction() {
 	global $stepid, $config;
 
 	if (isset($_POST['next'])) {
-                $_POST['uselist'] = "";
-                $stepid++;
-        } else {
+		$_POST['uselist'] = "";
+		$stepid++;
+	} else {
 		$config['ovpnserver']['step6']['uselist'] = "on";
-                $_POST['uselist'] = "on";
+		$_POST['uselist'] = "on";
 	}
 }
 
@@ -160,32 +160,32 @@ function step7_submitphpaction() {
 	global $stepid, $savemsg, $_POST, $config;
 
 	if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
-            empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
-            empty($_POST['organization']) || empty($_POST['email'])) {
+	    empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
+	    empty($_POST['organization']) || empty($_POST['email'])) {
 		$stepid--;
-                $savemsg = "Please enter all information for the new Certificate Authority.";
-        } else {
+		$savemsg = "Please enter all information for the new Certificate Authority.";
+	} else {
 		$config['ovpnserver']['step6']['uselist'] = "on";
 		$_POST['uselist'] = "on";
 	}
 }
 
 function step8_stepbeforeformdisplay() {
-        global $stepid, $config;
+	global $stepid, $config;
 
-        if (count($config['system']['cert']) < 1 ||
+	if (count($config['system']['cert']) < 1 ||
 		(count($config['system']['cert']) == 1 && stristr($config['system']['cert'][0]['name'], "webconf"))) {
 		$stepid++;
-        }
+	}
 }
 
 function step8_submitphpaction() {
 	global $stepid, $_POST;
 
 	if (isset($_POST['next'])) {
-                $_POST['uselist'] = "";
-                $stepid++;
-        }
+		$_POST['uselist'] = "";
+		$stepid++;
+	}
 }
 
 function step9_stepbeforeformdisplay() {
@@ -194,18 +194,18 @@ function step9_stepbeforeformdisplay() {
 	$pconfig = $config['ovpnserver'];
 
 	if (isset($pconfig['step6']['uselist'])) {
-                $country = $pconfig['step6']['country'];
-                $state = $pconfig['step6']['state'];
-                $city = $pconfig['step6']['city'];
-                $org = $pconfig['step6']['organization'];
-        } else {
+		$country = $pconfig['step6']['country'];
+		$state = $pconfig['step6']['state'];
+		$city = $pconfig['step6']['city'];
+		$org = $pconfig['step6']['organization'];
+	} else {
 		$ca = lookup_ca($pconfig['step6']['authcertca']);
 		$cavl = cert_get_subject_array($ca['crt']);
 		$country = $cavl[0]['v'];
 		$state = $cavl[1]['v'];
 		$city = $cavl[2]['v'];
 		$org = $cavl[3]['v'];
-        }
+	}
 	$fields =& $pkg['step'][$stepid]['fields']['field'];
 
 	foreach ($fields as $idx => $field) {
@@ -229,12 +229,12 @@ function step9_stepbeforeformdisplay() {
 function step9_submitphpaction() {
 	global $stepid, $savemsg, $_POST, $config;
 
-        if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
+	if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
 	    empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
 	    empty($_POST['organization']) || empty($_POST['email'])) {
 		$stepid--;
-                $savemsg = "Please enter all information for the new certificate.";
-        } else {
+		$savemsg = "Please enter all information for the new certificate.";
+	} else {
 		$config['ovpnserver']['step9']['uselist'] = "on";
 		$_POST['uselist'] = "on";
 	}
@@ -245,21 +245,21 @@ function step10_stepbeforeformdisplay() {
 
 	foreach ($pkg['step'][$stepid]['fields']['field'] as $idx => $field) {
 		if ($field['name'] == "crypto") {
-                        $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
 			$cipherlist = openvpn_get_cipherlist();
 			foreach ($cipherlist as $name => $desc) {
 				$opt = array();
-                                $opt['name'] = $desc;
-                                $opt['value'] = $name;
-                        $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+				$opt['name'] = $desc;
+				$opt['value'] = $name;
+			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
 			}
 		} else if ($field['name'] == "nbttype") {
-                        $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
 			foreach ($netbios_nodetypes as $type => $name) {
 				$opt = array();
 				$opt['name'] = $name;
 				$opt['value'] = $type;
-                        $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
 			}
 		} else if ($field['name'] == "localport") {
 			if (count($config['openvpn']['openvpn-server']) < 1)
@@ -271,27 +271,31 @@ function step10_stepbeforeformdisplay() {
 function step10_submitphpaction() {
 	global $savemsg, $stepid;
 
+	/* Default OpenVPN port to 1194 if left empty. */
+	if (empty($_POST['localport']))
+		$_POST['localport'] = 1194;
+
 	/* input validation */
-        if ($result = openvpn_validate_port($_POST['localport'], 'Local port'))
-                $input_errors[] = $result;
+	if ($result = openvpn_validate_port($_POST['localport'], 'Local port'))
+		$input_errors[] = $result;
 
-        if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel network'))
-                $input_errors[] = $result;
+	if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel network'))
+		$input_errors[] = $result;
 
-        if ($result = openvpn_validate_cidr($_POST['remotenet'], 'Remote network'))
-                $input_errors[] = $result;
+	if ($result = openvpn_validate_cidr($_POST['remotenet'], 'Remote network'))
+		$input_errors[] = $result;
 
-        if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local network'))
-                $input_errors[] = $result;
+	if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local network'))
+		$input_errors[] = $result;
 
 	$portused = openvpn_port_used($_POST['protocol'], $_POST['localport']);
 	if ($portused != 0)
-                $input_errors[] = "The specified 'Local port' is in use. Please select another value";
-	
+		$input_errors[] = "The specified 'Local port' is in use. Please select another value";
+
 	if (!isset($_POST['generatetlskey']) && isset($_POST['tlsauthentication']))
 		if (!strstr($_POST['tlssharedkey'], "-----BEGIN OpenVPN Static key V1-----") ||
 			!strstr($_POST['tlssharedkey'], "-----END OpenVPN Static key V1-----"))
-                        $input_errors[] = "The field 'TLS Authentication Key' does not appear to be valid";
+			$input_errors[] = "The field 'TLS Authentication Key' does not appear to be valid";
 
 	if (!empty($_POST['dnsserver1']) && !is_ipaddr(trim($_POST['dnsserver1'])))
 		$input_errors[] = "The field 'DNS Server #1' must contain a valid IP address";
@@ -313,7 +317,7 @@ function step10_submitphpaction() {
 		$input_errors[] = "The field 'WINS Server #2' must contain a valid IP address";
 
 	if ($_POST['concurrentcon'] && !is_numeric($_POST['concurrentcon']))
-                $input_errors[] = "The field 'Concurrent connections' must be numeric.";
+		$input_errors[] = "The field 'Concurrent connections' must be numeric.";
 
 	if (empty($_POST['tunnelnet']))
 		$input_errors[] = "You must specify a 'Tunnel network'.";
@@ -331,8 +335,8 @@ function step12_submitphpaction() {
 
 	if (!is_array($config['ovpnserver'])) {
 		$message = "No configuration found please retry again.";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}");
-                exit;
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}");
+		exit;
 	}
 
 	if ($pconfig['step1']['type'] == "local") {
@@ -344,7 +348,7 @@ function step12_submitphpaction() {
 		$auth['type'] = $pconfig['step1']['type'];
 		$auth['refid'] = uniqid();
 		$auth['name'] = $pconfig['step2']['authtype'];
-		
+
 		if ($auth['type'] == "ldap") {
 			$auth['host'] = $pconfig['step2']['ip'];
 			$auth['ldap_port'] = $pconfig['step2']['port'];
@@ -372,12 +376,12 @@ function step12_submitphpaction() {
 		$config['system']['authserver'][] = $auth;
 	} else if (!isset($pconfig['step2']['uselist']) && empty($pconfig['step2']['authserv'])) {
 		$message = "Please choose an authentication server .";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}");
-                exit;
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}");
+		exit;
 	} else if (!($auth = auth_get_authserver($pconfig['step2']['authserv']))) {
 		$message = "Not a valid authentication server has been specified.";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}");
-                exit;
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=1&message={$message}");
+		exit;
 	}
 
 	if (isset($pconfig['step6']['uselist'])) {
@@ -399,55 +403,55 @@ function step12_submitphpaction() {
 		$config['system']['ca'][] = $ca;
 	} else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step6']['authcertca'])) {
 		$message = "Please choose a Certificate Authority.";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}");
-                exit;
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}");
+		exit;
 	} else if (!($ca = lookup_ca($pconfig['step6']['authcertca']))) {
 		$message = "Not a valid Certificate Authority specified.";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}");
-                exit;
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}");
+		exit;
 	}
 
 	if (isset($pconfig['step9']['uselist'])) {
-                $cert = array();
-                $cert['refid'] = uniqid();
-                $cert['name'] = $pconfig['step9']['certname'];
-                $dn = array(
-                        'countryName' => $pconfig['step9']['country'],
-                        'stateOrProvinceName' => $pconfig['step9']['state'],
-                        'localityName' => $pconfig['step9']['city'],
-                        'organizationName' => $pconfig['step9']['organization'],
-                        'emailAddress' => $pconfig['step9']['email'],
-                        'commonName' => $pconfig['step9']['certname']);
-
-                cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn);
-                if (!is_array($config['system']['cert']))
-                        $config['system']['cert'] = array();
-
-                $config['system']['cert'][] = $cert;
+		$cert = array();
+		$cert['refid'] = uniqid();
+		$cert['name'] = $pconfig['step9']['certname'];
+		$dn = array(
+			'countryName' => $pconfig['step9']['country'],
+			'stateOrProvinceName' => $pconfig['step9']['state'],
+			'localityName' => $pconfig['step9']['city'],
+			'organizationName' => $pconfig['step9']['organization'],
+			'emailAddress' => $pconfig['step9']['email'],
+			'commonName' => $pconfig['step9']['certname']);
+
+		cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn);
+		if (!is_array($config['system']['cert']))
+			$config['system']['cert'] = array();
+
+		$config['system']['cert'][] = $cert;
 	} else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step9']['authcertname'])) {
 		$message = "Please choose a Certificate.";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}");
-                exit;
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}");
+		exit;
 	} else if (!($cert = lookup_cert($pconfig['step9']['authcertname']))) {
-                $message = "Not a valid Certificate specified.";
-                header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}");
-                exit;
-        }
+		$message = "Not a valid Certificate specified.";
+		header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}");
+		exit;
+	}
 	$server = array();
 	$server['vpnid'] = openvpn_vpnid_next();
 	switch ($auth['type']) {
 		case "ldap":
-                	$server['authmode'] = $auth['name'];
-                        $server['mode'] = "server_user";
-                        break;
-                case "radius":
-                        $server['authmode'] = $auth['name'];
-                        $server['mode'] = "server_user";
-                        break;
-                default:
-                        $server['authmode'] = "Local Database";
-                        $server['mode'] = "server_tls_user";
-                        break;
+			$server['authmode'] = $auth['name'];
+			$server['mode'] = "server_user";
+			break;
+		case "radius":
+			$server['authmode'] = $auth['name'];
+			$server['mode'] = "server_user";
+			break;
+		default:
+			$server['authmode'] = "Local Database";
+			$server['mode'] = "server_tls_user";
+			break;
 	}
 	$server['caref'] = $ca['refid'];
 	$server['certref'] = $cert['refid'];
@@ -522,17 +526,17 @@ function step12_submitphpaction() {
 		$config['filter']['rule'][] = $rule;
 	}
 	if (isset($pconfig['step11']['ovpnallow'])) {
-                $rule = array();
-                $rule['descr'] = gettext("OpenVPN {$server['description']} wizard rules.");
-                $rule['source']['any'] = TRUE;
-                $rule['destination']['any'] = TRUE;
-                $rule['interface'] = "openvpn";
-                //$rule['protocol'] = $server['protocol'];
-                $rule['type'] = "pass";
-                $rule['enabled'] = "on";
-                $config['filter']['rule'][] = $rule;
-        }
-	
+		$rule = array();
+		$rule['descr'] = gettext("OpenVPN {$server['description']} wizard rules.");
+		$rule['source']['any'] = TRUE;
+		$rule['destination']['any'] = TRUE;
+		$rule['interface'] = "openvpn";
+		//$rule['protocol'] = $server['protocol'];
+		$rule['type'] = "pass";
+		$rule['enabled'] = "on";
+		$config['filter']['rule'][] = $rule;
+	}
+
 	if (!is_array($config['openvpn']['openvpn-server']))
 		$config['openvpn']['openvpn-server'] = array();
 
-- 
cgit v1.1