Project

General

Profile

Actions
Copy link

Bug #5138

closed

TLS Authentication and Peer CRL field issues on vpn_openvpn_client.php

Added by Chris Buechler over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
pfSense - 2.3
Start date:
09/15/2015
Due date:
% Done:

100%

Estimated time:
Spent time:
1.00 h

Description

Browse to vpn_openvpn_client.php, hit "Add client".

1) when you uncheck "Automatically generate a shared TLS authentication key", it doesn't display the box where you can paste in the key.
2) switch "Server mode" to "Peer to Peer (Shared key)", and the "Automatically generate" box is checked, but the box where you paste the key in is also displayed. Where the auto generate box is checked, the "Shared Key" box shouldn't appear. It toggles fine from there, it's just the initial change from SSL/TLS to Shared Key where it's wrong.
3) after switching "Server mode" to shared key, the "Peer Certificate Revocation list" option still shows up. That's only relevant with SSL/TLS mode and should be hidden after switching it to shared key.

Actions
Copy link
 #1

Updated by Anonymous over 8 years ago

  • Status changed from Confirmed to Feedback
  • Assignee changed from Anonymous to Chris Buechler

Fixed javascript
Added missing client cert control

Actions
Copy link
 #2

Updated by Anonymous over 8 years ago

  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Jim Pingle over 8 years ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Chris Buechler to Anonymous

Still a couple problems here:

1) "Peer Certificate Authority" and "Peer Certificate Revocation list" should be hidden when Shared Key mode is selected
2) The "Shared Key" entry box is still displayed when it first appears even though "Automatically generate a shared key" is checked by default. Uncheck/recheck "Automatically generate a shared key" and it hides like it should.

Actions
Copy link
 #4

Updated by Anonymous over 8 years ago

  • Status changed from Assigned to Feedback
  • Assignee changed from Anonymous to Chris Buechler

Javascript was simplified, fixed and commented so that I can understand it. Appears to be in agreement with 2.2 now.

Actions
Copy link
 #5

Updated by Anonymous over 8 years ago

Actions
Copy link
 #6

Updated by Jim Pingle over 8 years ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Chris Buechler to Anonymous

Closer, but there still appears to be a couple issues.

1) When set for an SSL/TLS type both "TLS authentication" and "Auto Generate" (for shared key) appear. The state of the entry boxes is OK, but for SSL/TLS types only the TLS Authentication box should appear.

2) The coloring of the options is a bit weird, they are blending into the surrounding options in certain states. With all things expanded it looks OK but when some parts are hidden they appear to be grouped with unrelated options.

Actions
Copy link
 #7

Updated by Anonymous over 8 years ago

  • Assignee changed from Anonymous to Jared Dillard

Checkbox action resolved (per CMB) so passing hte display issue over to you.

Actions
Copy link
 #8

Updated by Jared Dillard over 8 years ago

Fix for the background color issue is applied in changeset pfsense:fbd9fabb0a86d8ed40047c52c8ad7719e7e9097d.

Actions
Copy link
 #9

Updated by Jared Dillard over 8 years ago

  • Status changed from Assigned to Feedback
  • Assignee changed from Jared Dillard to Jim Pingle

Looks like Steve Beaver fixed the action issues and I fixed the background color issue. Should just need to be reviewed.

Actions
Copy link
 #10

Updated by Jim Pingle over 8 years ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Jim Pingle to Anonymous

Fields are still not right...

Peer to Peer (SSL/TLS) Shows:
  • "Enable authentication of TLS packets." (OK)
  • "Automatically generate a shared TLS authentication key" (OK)
  • Auto Generate / "Automatically generate a shared key" (Should not be there)
Peer to Peer (Shared Key) Shows:
  • "Automatically generate a shared TLS authentication key" (Should not be there)
  • Auto Generate / "Automatically generate a shared key" (OK)
Remote Access (SSL/TLS) Shows:
  • "Enable authentication of TLS packets." (OK)
  • "Automatically generate a shared TLS authentication key" (OK)
  • Auto Generate / "Automatically generate a shared key" (Should not be there)
Remote Access (User Auth) Shows:
  • "Enable authentication of TLS packets." (OK)
  • "Automatically generate a shared TLS authentication key" (OK)
  • Auto Generate / "Automatically generate a shared key" (Should not be there)
Remote Access (SSL/TLS + User Auth) Shows:
  • "Enable authentication of TLS packets." (OK)
  • "Automatically generate a shared TLS authentication key" (OK)
  • Auto Generate (Should not be there) -- the right side bit appears to be hidden in this mode, but the left side header is still there.

The alternating colors was indeed fixed by that other commit/ticket.

Actions
Copy link
 #11

Updated by Anonymous over 8 years ago

  • Status changed from Assigned to Closed

Most recent comments pertain to vpn_openvpn_server.php so have been moved to a new ticket: #5189

Actions
Copy link

Also available in: Atom PDF