Actually fix even the openvpn auth user script with proper checks. I thought this was fixes already!
Fixes #4340 encode username same as with password to avoid issues with special chars.
Fixes #4177 convert password to base64 to be submitted to avoid issues with special chars in shell and HTTP GET parameter passing. Probably should add POST support to fcgicli.
Fix lineup of copyright lines
and module names and other bits of formatting and typos in headercomment sections.
Welcome 2015
Remove exit from as much as possible backend code
Change copyright statement to reflect reality
remove old DISABLE_PHP_LINT_CHECKING, which dates way back to the CVS days and hasn't been relevant in years.
replaced <br>, <br/> with <br /> in ANSI encoded files. Converted these files to UTF-8
Use php function to get hostname instead of exec()
Use closelog to explicitly close open resource.
Migrate openvpn authentication to use fcgicli rather than forking a php process. Maybe should could consider to write a short library todo this
Make it more clear what is the username during syslog
Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100
Use appropriate syslog priorities.
Ticket #1052. Enforce certificates if they are present for authenticating to ldap. Allow to select a CA under ldap type authentication backend to be used for this.
nuke trailing carriage returns
Ticket #1037. Move environment manipulation to the authentication script since escaping slashes is not so easz on dynamic built paths.
Remove trailing carriage return
Add backend code to verify username against cn on login if set by user. Needs GUI code to set the option yet. Ticket #887
Add the neccesary foo for radius.inc to work.
Add copyrights of myself.
Take care of local authentication. Also when the user authenticates do not serach on other authentication sources.
Allow the GUI auth API to be used for doing authentication against authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
Do not allow login for expired and disabled users. Fix this even in openvpn authentication script. While here clean up the code quite a bit.
Revert "fix OpenVPN user auth"
This reverts commit f67a48ccda79386b5628e746e43bdf55a4f54ed6.
fix OpenVPN user auth
Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additions
Use the correct syslog LOG_ERR constant and make this file executable.
Minor re-work of OpenVPN configuration. Use operational modes to determinewhat configuration options are appropriate. The operational mode dictatesthe authentication method. They are defines as follows ...
Peer to Peer ( SSL/TLS )Peer to Peer ( Shared Key )...