Restoring gray background to the right of some tables in GUI.
Misc OpenVPN CRL selection fixes.
Allow users to select SSL/TLS+User Auth with external authentication sources.
Don't test if a cert is in use here, you could in theory use a cert for a user and a server.
Fix link; use same message for missing certs.
Make the default openvpn cert authority message a bit relaxed and let user know about the wizard option as well
Switch back to dev_mode so existing configs aren't broken by the other changes.
Select the device mode to tun if variable device_mode not exist in the configuration
Added option to select the type of device for use in the tunnel openvpn
Add drop-down to select OpenVPN hardware crypto (finds usable devices from "openssl engine" list) for clients and servers.
Add a checkbox for duplicate-cn on OpenVPN servers.
Fix vip descriptions in openvpn and ipsec screens. Ticket #1042
Disable redirect gateway checkbox when using shared key (you can't push with shared key). Also re-run the code to hide the local network box if the gw redirect is checked when switching server modes, since there is no need to push a specific local network when pushing the default gateway.
Fix XSS issues
Various CRL fixes.
Warn a user when entering the OpenVPN client/server screens that they need a CA/Cert if none exist.
Replace \r from custom options otherwise it breaks config.
Fix formatting
Fix this logic.
Indicate in various places if a certificate is revoked.
Rename 'name' to 'descr' for CA, Certificates, and CRLs, to gain CDATA protection and standardize field names. Ticket #320.
Add GUI checkbox to enable strict username/common name matching for SSL/TLS+User Auth mode. Fixes #887
Allow selecting an OpenVPN Server CRL if we are in an SSL mode.
Properly segment the OpenVPN server list table so it will sort properly.
CA/CERT Move
Require an authentication backend if the user chooses an OpenVPN server mode that needs user auth. Failing to do so can result in a configuration error.
Fix typo
Use
Fix gettext implementation on vpn_openvpn_server.php
Implement gettext() calls on vpn_openvpn_server.php
Fix typo that prevented these two checkboxes from displaying the proper state when editing OpenVPN server settings.
Hide the inter-client comm. option for peer-to-peer openvpn connections.
Remove logs tab from OpenVPN, since it is now replaced by the Log icon.
Add status and log urls to OpenVPN pages.
Hide "Local Network" field when creating/editing an OpenVPN shared key server, because you can't push routes with shared key.
Fix OpenVPN server validation logic. It was failing if you tried to save a shared key server instance with an existing shared key.
add Logs tab
Fix description
Add back Dynamic IP checkbox for OpenVPN Servers.
Revert "Fix finding next OpenVPN port. Protocol should be lowercase." - This was wrong in the wizard, apparently, and not the main page.
This reverts commit a48613a65d8d04dfec2aeefdb37440bdd399cdab.
Fix finding next OpenVPN port. Protocol should be lowercase.
show port and proto
Show wizard tab for openvpn.
Ticket #413. Hanlde cases when no authentication is specified.
Check against proper value. Spotted-by: cmb
Overhaul the user login system to use the Servers tab as its base.
Fix quite a few problems down the way.
Allow openvpn server to authenticate only based on username/password credentials.
Allow the GUI auth API to be used for doing authentication against authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
Add support for authenticating users against server specified in the system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page.
Fix setting unsetting of disable option for OpenVPN.
fix typo
Ticket #296. Blacklist webConfigurator certificate from certificate list it will break at least Viscosity export utility.
fix typos
fix text
Add IP alias and 'any' support to OpenVPN. Feedback #69
Add carp support for OpenVPN. Ticket #69
Rework includes/require. This saves about 4 megabytes.Simplify get_memory(). Tested on mips/i386
Make sortable
Remove openvpn.inc from functions.inc since its just a subsystem that does not need to be present on all of the includes.
Add double click to edit
Requested-by: cmb
Add note about ; and add a push example
Break before Save
Oops, rename to avanced
Rename to custom_options to match the original setting name
Adding back openvpn advanced option which got lost in the -> 2.0 upgrade shuffle
Fix OpenVPN automatic shared key generation.
Fix detection of TLS/Shared Key mode for OpenVPNThe wrong variable was being checked, so the result was always false.
Apparent variable name typo, fixes Ticket #1904
Fix OpenVPN instance port change.It had been failing on any change, including valid unused choices.
Cleanup ipsec interfaces a bit and make sure they are displayed in tabs for consistency.
Use listbg as all other pages do
Use get_configured_interface_with_descr() for OpenVPN gui pages. Suggestedby Ermal.
Make it possible for pakages to insert additional tabbed pages into anexisting tab group. This requires that each page in the tab group calladd_package_tabs() with the tab group name before display_top_tabs() sopages can be inserted. While far from optimal, this system is really a...
Modify the OpenVPN server configuration to allow the DH parameter lengthto be specified. Upgraded 1.2.x configurations will default to 1024 bits.
Minor re-work of OpenVPN configuration. Use operational modes to determinewhat configuration options are appropriate. The operational mode dictatesthe authentication method. They are defines as follows ...
Peer to Peer ( SSL/TLS )Peer to Peer ( Shared Key )...
Correct problems with OpenVPN that prevented the lzo compression and passtos options from being set correctly in configuration files.
move CSS header to correct location
Add CSS header
Correctly validate required input fields for OpenVPN screens.
Correct some problems with the filter code where we were calling foreachon data that wasn't necessarily a valid array.
Modify the OpenVPN code to stop passing the array index around and thenimmediately obtaining a reference to the array entry. We already have a...
Set some important default values for the new OpenVPN interface screens.Add functions and interface code to handle local port conflict detectionand resolution.
Dump the per-configuration dh parameters data. It make no sense to keepthis information in the configuration as its not specific to the server.It only contains the parameters ( a safe large prime number ) that isused during a DH key exchange. Instead, we now use a system wide dh file...
Rework most of the OpenVPN support. The interfaces have been updated tonot use the pkg system and the configuration has been migrated to anopenvpn prefix. The centralized user and certificate manager is now usedto support the openvpn configurations. Most of the files removed in this...