Project

General

Profile

« Previous | Next » 

Revision 54b9de56

Added by Ermal Luçi over 15 years ago

Allow openvpn server to authenticate only based on username/password credentials.

View differences:

etc/inc/openvpn.inc
75 75
	'p2p_tls' => "Peer to Peer ( SSL/TLS )",
76 76
	'p2p_shared_key' => "Peer to Peer ( Shared Key )",
77 77
	'server_tls' => "Remote Access ( SSL/TLS )",
78
//	'server_user' => "Remote Access ( User Auth )",
78
	'server_user' => "Remote Access ( User Auth )",
79 79
	'server_tls_user' => "Remote Access ( SSL/TLS + User Auth )");
80 80

  
81 81
$openvpn_client_modes = array(
......
392 392
				$sed .= ");";
393 393
				mwexec("/bin/cat /etc/inc/openvpn.auth-user.php | /usr/bin/sed 's/\/\/<template>/{$sed}/g' >  {$g['varetc_path']}/openvpn/{$mode_id}.php");
394 394
				mwexec("/bin/chmod a+x {$g['varetc_path']}/openvpn/{$mode_id}.php");
395
				$conf .= "auth-user-pass-verify {$g['varetc_path']}/openvpn//{$mode_id}.php via-env\n";
395
				$conf .= "auth-user-pass-verify {$g['varetc_path']}/openvpn/{$mode_id}.php via-env\n";
396 396
				break;
397 397
		}
398 398

  
usr/local/www/vpn_openvpn_server.php
173 173
	else
174 174
		$tls_mode = false;
175 175

  
176
	if (!empty($pconfig['authmode'])) {
177
		foreach ($pconfig['authmode'] as $pauthmode) {
178
			if ($pauthmode != "local" && $pconfig['mode'] == "server_tls_user") 
179
				$input_errors[] = "Only 'Local authentication database'  is allowed with " . $openvpn_server_modes[$pconfig['mode']];
180
		}
181
	}
182

  
176 183
	/* input validation */
177 184
	if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
178 185
		$input_errors[] = $result;
......
382 389
		case "server_user":
383 390
                case "server_tls_user":
384 391
			document.getElementById("authmodetr").style.display="";
385
			/* FALL THROUGH */
392
			document.getElementById("client_opts").style.display="";
393
			document.getElementById("remote_opts").style.display="none";
394
			break;
395
		case "server_tls":
396
			document.getElementById("authmodetr").style.display="none";
386 397
		default:
387 398
			document.getElementById("client_opts").style.display="";
388 399
			document.getElementById("remote_opts").style.display="none";

Also available in: Unified diff