Project

General

Profile

« Previous | Next » 

Revision 6db02381

Added by Jim Pingle over 14 years ago

Allow selecting an OpenVPN Server CRL if we are in an SSL mode.

View differences:

etc/inc/openvpn.inc
506 506 
			openvpn_add_keyfile($cert['prv'], $conf, $mode_id, "key");
507 507 
			if ($mode == 'server')
508 508 
				$conf .= "dh {$g['etc_path']}/dh-parameters.{$settings['dh_length']}\n";
509 
			if ($settings['crl'])
510 
				openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify");
509 
			if (!empty($settings['crlref'])) {
510 
				$crl = lookup_crl($settings['crlref']);
511 
				openvpn_add_keyfile($crl['text'], $conf, $mode_id, "crl-verify");
512 
			}
511 513 
			if ($settings['tls']) {
512 514 
				if (stristr($settings['mode'], "server"))
513 515 
					$tlsopt = 0;
usr/local/www/vpn_openvpn_server.php
99 99 
				$pconfig['tls'] = base64_decode($a_server[$id]['tls']);
100 100 
			}
101 101 
			$pconfig['caref'] = $a_server[$id]['caref'];
102 
			$pconfig['crlref'] = $a_server[$id]['crlref'];
102 103 
			$pconfig['certref'] = $a_server[$id]['certref'];
103 104 
			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
104 105 
		} else
......
291 292 
				$server['tls'] = base64_encode($pconfig['tls']);
292 293 
			}
293 294 
			$server['caref'] = $pconfig['caref'];
295 
			$server['crlref'] = $pconfig['crlref'];
294 296 
			$server['certref'] = $pconfig['certref'];
295 297 
			$server['dh_length'] = $pconfig['dh_length'];
296 298 
		} else {
......
374 376 
		case "server_tls_user":
375 377 
			document.getElementById("tls").style.display="";
376 378 
			document.getElementById("tls_ca").style.display="";
379 
			document.getElementById("tls_crl").style.display="";
377 380 
			document.getElementById("tls_cert").style.display="";
378 381 
			document.getElementById("tls_dh").style.display="";
379 382 
			document.getElementById("psk").style.display="none";
......
381 384 
		case "p2p_shared_key":
382 385 
			document.getElementById("tls").style.display="none";
383 386 
			document.getElementById("tls_ca").style.display="none";
387 
			document.getElementById("tls_crl").style.display="none";
384 388 
			document.getElementById("tls_cert").style.display="none";
385 389 
			document.getElementById("tls_dh").style.display="none";
386 390 
			document.getElementById("psk").style.display="";
......
708 712 
							</select>
709 713 
							</td>
710 714 
					</tr>
715 
					<tr id="tls_crl">
716 
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Revocation List"); ?></td>
717 
							<td width="78%" class="vtable">
718 
							<select name='crlref' class="formselect">
719 
								<option value="">None</option>
720 
							<?php
721 
								foreach ($config['crl'] as $crl):
722 
									if (is_crl_internal($crl) && (count($crl['cert']) <= 0))
723 
										continue;
724 
									$selected = "";
725 
									if ($pconfig['crlref'] == $crl['refid'])
726 
										$selected = "selected";
727 
							?>
728 
								<option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['name'];?></option>
729 
							<?php endforeach; ?>
730 
							</select>
731 
							</td>
732 
					</tr>
711 733 
					<tr id="tls_cert">
712 734 
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Certificate"); ?></td>
713 735 
							<td width="78%" class="vtable">

Also available in: Unified diff