Project

General

Profile

« Previous | Next » 

Revision 54b9de56

Added by Ermal Luçi over 15 years ago

Allow openvpn server to authenticate only based on username/password credentials.

View differences:

etc/inc/openvpn.inc
75 75 
	'p2p_tls' => "Peer to Peer ( SSL/TLS )",
76 76 
	'p2p_shared_key' => "Peer to Peer ( Shared Key )",
77 77 
	'server_tls' => "Remote Access ( SSL/TLS )",
78 
//	'server_user' => "Remote Access ( User Auth )",
78 
	'server_user' => "Remote Access ( User Auth )",
79 79 
	'server_tls_user' => "Remote Access ( SSL/TLS + User Auth )");
80 80 

  		




  81
  81
  
    
$openvpn_client_modes = array(


  		




  ......




  392
  392
  
    
				$sed .= ");";


  		




  393
  393
  
    
				mwexec("/bin/cat /etc/inc/openvpn.auth-user.php | /usr/bin/sed 's/\/\/<template>/{$sed}/g' >  {$g['varetc_path']}/openvpn/{$mode_id}.php");


  		




  394
  394
  
    
				mwexec("/bin/chmod a+x {$g['varetc_path']}/openvpn/{$mode_id}.php");


  		




  395
  
  
    
				$conf .= "auth-user-pass-verify {$g['varetc_path']}/openvpn//{$mode_id}.php via-env\n";


  		




  
  395
  
    
				$conf .= "auth-user-pass-verify {$g['varetc_path']}/openvpn/{$mode_id}.php via-env\n";


  		




  396
  396
  
    
				break;


  		




  397
  397
  
    
		}


  		




  398
  398
  
    

  		












  

    
      usr/local/www/vpn_openvpn_server.php
    
  





  173
  173
  
    
	else


  		




  174
  174
  
    
		$tls_mode = false;


  		




  175
  175
  
    

  		




  
  176
  
    
	if (!empty($pconfig['authmode'])) {


  		




  
  177
  
    
		foreach ($pconfig['authmode'] as $pauthmode) {


  		




  
  178
  
    
			if ($pauthmode != "local" && $pconfig['mode'] == "server_tls_user") 


  		




  
  179
  
    
				$input_errors[] = "Only 'Local authentication database'  is allowed with " . $openvpn_server_modes[$pconfig['mode']];


  		




  
  180
  
    
		}


  		




  
  181
  
    
	}


  		




  
  182
  
    

  		




  176
  183
  
    
	/* input validation */


  		




  177
  184
  
    
	if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))


  		




  178
  185
  
    
		$input_errors[] = $result;


  		




  ......




  382
  389
  
    
		case "server_user":


  		




  383
  390
  
    
                case "server_tls_user":


  		




  384
  391
  
    
			document.getElementById("authmodetr").style.display="";


  		




  385
  
  
    
			/* FALL THROUGH */


  		




  
  392
  
    
			document.getElementById("client_opts").style.display="";


  		




  
  393
  
    
			document.getElementById("remote_opts").style.display="none";


  		




  
  394
  
    
			break;


  		




  
  395
  
    
		case "server_tls":


  		




  
  396
  
    
			document.getElementById("authmodetr").style.display="none";


  		




  386
  397
  
    
		default:


  		




  387
  398
  
    
			document.getElementById("client_opts").style.display="";


  		




  388
  399
  
    
			document.getElementById("remote_opts").style.display="none";


  		












Also available in:  Unified diff