Revision 54b9de56
Added by Ermal Luçi over 15 years ago
etc/inc/openvpn.inc | ||
---|---|---|
75 | 75 |
'p2p_tls' => "Peer to Peer ( SSL/TLS )", |
76 | 76 |
'p2p_shared_key' => "Peer to Peer ( Shared Key )", |
77 | 77 |
'server_tls' => "Remote Access ( SSL/TLS )", |
78 |
// 'server_user' => "Remote Access ( User Auth )",
|
|
78 |
'server_user' => "Remote Access ( User Auth )", |
|
79 | 79 |
'server_tls_user' => "Remote Access ( SSL/TLS + User Auth )"); |
80 | 80 |
|
81 | 81 |
$openvpn_client_modes = array( |
... | ... | |
392 | 392 |
$sed .= ");"; |
393 | 393 |
mwexec("/bin/cat /etc/inc/openvpn.auth-user.php | /usr/bin/sed 's/\/\/<template>/{$sed}/g' > {$g['varetc_path']}/openvpn/{$mode_id}.php"); |
394 | 394 |
mwexec("/bin/chmod a+x {$g['varetc_path']}/openvpn/{$mode_id}.php"); |
395 |
$conf .= "auth-user-pass-verify {$g['varetc_path']}/openvpn//{$mode_id}.php via-env\n";
|
|
395 |
$conf .= "auth-user-pass-verify {$g['varetc_path']}/openvpn/{$mode_id}.php via-env\n"; |
|
396 | 396 |
break; |
397 | 397 |
} |
398 | 398 |
|
usr/local/www/vpn_openvpn_server.php | ||
---|---|---|
173 | 173 |
else |
174 | 174 |
$tls_mode = false; |
175 | 175 |
|
176 |
if (!empty($pconfig['authmode'])) { |
|
177 |
foreach ($pconfig['authmode'] as $pauthmode) { |
|
178 |
if ($pauthmode != "local" && $pconfig['mode'] == "server_tls_user") |
|
179 |
$input_errors[] = "Only 'Local authentication database' is allowed with " . $openvpn_server_modes[$pconfig['mode']]; |
|
180 |
} |
|
181 |
} |
|
182 |
|
|
176 | 183 |
/* input validation */ |
177 | 184 |
if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port')) |
178 | 185 |
$input_errors[] = $result; |
... | ... | |
382 | 389 |
case "server_user": |
383 | 390 |
case "server_tls_user": |
384 | 391 |
document.getElementById("authmodetr").style.display=""; |
385 |
/* FALL THROUGH */ |
|
392 |
document.getElementById("client_opts").style.display=""; |
|
393 |
document.getElementById("remote_opts").style.display="none"; |
|
394 |
break; |
|
395 |
case "server_tls": |
|
396 |
document.getElementById("authmodetr").style.display="none"; |
|
386 | 397 |
default: |
387 | 398 |
document.getElementById("client_opts").style.display=""; |
388 | 399 |
document.getElementById("remote_opts").style.display="none"; |
Also available in: Unified diff
Allow openvpn server to authenticate only based on username/password credentials.