Revision c86c14dc
Added by Phil Davis over 9 years ago
| src/usr/local/www/vpn_ipsec.php | ||
|---|---|---|
| 314 | 314 |
</td> |
| 315 | 315 |
<td onclick="fr_toggle(<?=$i?>)" id="frd<?=$i?>"> |
| 316 | 316 |
<?php |
| 317 |
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") |
|
| 317 |
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") {
|
|
| 318 | 318 |
echo "V1"; |
| 319 |
else
|
|
| 319 |
} else {
|
|
| 320 | 320 |
echo "V2"; |
| 321 |
} |
|
| 321 | 322 |
?> |
| 322 | 323 |
</td> |
| 323 | 324 |
<td> |
| ... | ... | |
| 326 | 327 |
$iflabels = get_configured_interface_with_descr(); |
| 327 | 328 |
|
| 328 | 329 |
$carplist = get_configured_carp_interface_list(); |
| 329 |
foreach ($carplist as $cif => $carpip) |
|
| 330 |
foreach ($carplist as $cif => $carpip) {
|
|
| 330 | 331 |
$iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")";
|
| 332 |
} |
|
| 331 | 333 |
|
| 332 | 334 |
$aliaslist = get_configured_ip_aliases_list(); |
| 333 |
foreach ($aliaslist as $aliasip => $aliasif) |
|
| 335 |
foreach ($aliaslist as $aliasip => $aliasif) {
|
|
| 334 | 336 |
$iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
|
| 337 |
} |
|
| 335 | 338 |
|
| 336 | 339 |
$grouplist = return_gateway_groups_array(); |
| 337 | 340 |
foreach ($grouplist as $name => $group) {
|
| 338 |
if($group[0]['vip'] != "")
|
|
| 341 |
if ($group[0]['vip'] != "") {
|
|
| 339 | 342 |
$vipif = $group[0]['vip']; |
| 340 |
else
|
|
| 343 |
} else {
|
|
| 341 | 344 |
$vipif = $group[0]['int']; |
| 345 |
} |
|
| 342 | 346 |
$iflabels[$name] = "GW Group {$name}";
|
| 343 | 347 |
} |
| 344 | 348 |
$if = htmlspecialchars($iflabels[$ph1ent['interface']]); |
| 345 |
} |
|
| 346 |
else |
|
| 349 |
} else {
|
|
| 347 | 350 |
$if = "WAN"; |
| 351 |
} |
|
| 348 | 352 |
|
| 349 |
if (!isset($ph1ent['mobile'])) |
|
| 353 |
if (!isset($ph1ent['mobile'])) {
|
|
| 350 | 354 |
echo $if."<br />".$ph1ent['remote-gateway']; |
| 351 |
else
|
|
| 355 |
} else {
|
|
| 352 | 356 |
echo $if."<br /><strong>" . gettext("Mobile Client") . "</strong>";
|
| 357 |
} |
|
| 353 | 358 |
?> |
| 354 | 359 |
</td> |
| 355 | 360 |
<td onclick="fr_toggle(<?=$i?>)" id="frd<?=$i?>"> |
| 356 | 361 |
<?=$spans?> |
| 357 | 362 |
<?php |
| 358 |
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") |
|
| 363 |
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") {
|
|
| 359 | 364 |
echo "{$ph1ent['mode']}";
|
| 365 |
} |
|
| 360 | 366 |
?> |
| 361 | 367 |
<?=$spane?> |
| 362 | 368 |
</td> |
| ... | ... | |
| 364 | 370 |
<?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name']?> |
| 365 | 371 |
<?php |
| 366 | 372 |
if ($ph1ent['encryption-algorithm']['keylen']) {
|
| 367 |
if ($ph1ent['encryption-algorithm']['keylen']=="auto")
|
|
| 373 |
if ($ph1ent['encryption-algorithm']['keylen'] == "auto") {
|
|
| 368 | 374 |
echo " (" . gettext("auto") . ")";
|
| 369 |
else
|
|
| 375 |
} else {
|
|
| 370 | 376 |
echo " ({$ph1ent['encryption-algorithm']['keylen']} " . gettext("bits") . ")";
|
| 377 |
} |
|
| 371 | 378 |
} |
| 372 | 379 |
?> |
| 373 | 380 |
</td> |
| ... | ... | |
| 393 | 400 |
<td colspan="2"></td> |
| 394 | 401 |
<td colspan="7" class="contains-table"> |
| 395 | 402 |
<?php |
| 396 |
if (isset($_POST["tdph2-{$i}-visible"]))
|
|
| 403 |
if (isset($_POST["tdph2-{$i}-visible"])) {
|
|
| 397 | 404 |
$tdph2_visible = htmlspecialchars($_POST["tdph2-{$i}-visible"]);
|
| 398 |
else
|
|
| 405 |
} else {
|
|
| 399 | 406 |
$tdph2_visible = 0; |
| 407 |
} |
|
| 400 | 408 |
?> |
| 401 | 409 |
<input type="hidden" name="tdph2-<?=$i?>-visible" id="tdph2-<?=$i?>-visible" value="<?=$tdph2_visible?>" /> |
| 402 | 410 |
<div id="shph2but-<?=$i?>" <?=($tdph2_visible == '1' ? 'style="display:none"' : '')?>> |
| ... | ... | |
| 404 | 412 |
$phase2count=0; |
| 405 | 413 |
|
| 406 | 414 |
foreach ($a_phase2 as $ph2ent) {
|
| 407 |
if ($ph2ent['ikeid'] != $ph1ent['ikeid']) |
|
| 415 |
if ($ph2ent['ikeid'] != $ph1ent['ikeid']) {
|
|
| 408 | 416 |
continue; |
| 417 |
} |
|
| 409 | 418 |
$phase2count++; |
| 410 | 419 |
} |
| 411 | 420 |
$fr_prefix = "frp2{$i}";
|
| ... | ... | |
| 431 | 440 |
<tbody class="p2-entries"> |
| 432 | 441 |
<?php $j = 0; foreach ($a_phase2 as $ph2index => $ph2ent): ?> |
| 433 | 442 |
<?php |
| 434 |
if ($ph2ent['ikeid'] != $ph1ent['ikeid']) |
|
| 443 |
if ($ph2ent['ikeid'] != $ph1ent['ikeid']) {
|
|
| 435 | 444 |
continue; |
| 445 |
} |
|
| 436 | 446 |
|
| 437 | 447 |
$fr_c = $fr_prefix . "c" . $j; |
| 438 | 448 |
$fr_d = $fr_prefix . "d" . $j; |
| ... | ... | |
| 440 | 450 |
$iconfn = "pass"; |
| 441 | 451 |
$entryStatus = (isset($ph2ent['disabled']) || isset($ph1ent['disabled']) ? 'disabled' : 'enabled'); |
| 442 | 452 |
|
| 443 |
if ($entryStatus == 'disabled') |
|
| 453 |
if ($entryStatus == 'disabled') {
|
|
| 444 | 454 |
$iconfn .= "_d"; |
| 445 |
|
|
| 455 |
} |
|
| 446 | 456 |
?> |
| 447 | 457 |
<tr id="<?=$fr_prefix . $j?>" ondblclick="document.location='vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid']?>'" class="<?= $entryStatus ?>"> |
| 448 | 458 |
<td> |
| ... | ... | |
| 455 | 465 |
<td id="<?=$fr_d?>" onclick="fr_toggle('<?=$j?>', '<?=$fr_prefix?>')">
|
| 456 | 466 |
<?=$ph2ent['mode']?> |
| 457 | 467 |
</td> |
| 458 |
<?php if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")): ?> |
|
| 468 |
<?php if (($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")): ?>
|
|
| 459 | 469 |
<td id="<?=$fr_d?>" onclick="fr_toggle('<?=$j?>', '<?=$fr_prefix?>')">
|
| 460 | 470 |
<?=ipsec_idinfo_to_text($ph2ent['localid']); ?> |
| 461 | 471 |
</td> |
| ... | ... | |
| 471 | 481 |
<td id="<?=$fr_d?>" onclick="fr_toggle('<?=$j?>', '<?=$fr_prefix?>')">
|
| 472 | 482 |
<?php |
| 473 | 483 |
foreach ($ph2ent['encryption-algorithm-option'] as $k => $ph2ea) {
|
| 474 |
if ($k) |
|
| 484 |
if ($k) {
|
|
| 475 | 485 |
echo ", "; |
| 486 |
} |
|
| 476 | 487 |
echo $p2_ealgos[$ph2ea['name']]['name']; |
| 477 | 488 |
if ($ph2ea['keylen']) {
|
| 478 |
if ($ph2ea['keylen']=="auto")
|
|
| 489 |
if ($ph2ea['keylen'] == "auto") {
|
|
| 479 | 490 |
echo " (" . gettext("auto") . ")";
|
| 480 |
else
|
|
| 491 |
} else {
|
|
| 481 | 492 |
echo " ({$ph2ea['keylen']} " . gettext("bits") . ")";
|
| 493 |
} |
|
| 482 | 494 |
} |
| 483 | 495 |
} |
| 484 | 496 |
?> |
| ... | ... | |
| 487 | 499 |
<?php |
| 488 | 500 |
if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm-option'])) {
|
| 489 | 501 |
foreach ($ph2ent['hash-algorithm-option'] as $k => $ph2ha) {
|
| 490 |
if ($k) |
|
| 502 |
if ($k) {
|
|
| 491 | 503 |
echo ", "; |
| 504 |
} |
|
| 492 | 505 |
echo $p2_halgos[$ph2ha]; |
| 493 | 506 |
} |
| 494 | 507 |
} |
| ... | ... | |
| 570 | 583 |
}); |
| 571 | 584 |
|
| 572 | 585 |
$('[id^=Xdel_]').click(function (event) {
|
| 573 |
if(confirm("<?=gettext('Are you sure you wish to delete this P1 entry?')?>")) {
|
|
| 586 |
if (confirm("<?=gettext('Are you sure you wish to delete this P1 entry?')?>")) {
|
|
| 574 | 587 |
$('#' + event.target.id.slice(1)).click();
|
| 575 | 588 |
} |
| 576 | 589 |
}); |
| 577 | 590 |
|
| 578 | 591 |
$('[id^=Xdelp2_]').click(function (event) {
|
| 579 |
if(confirm("<?=gettext('Are you sure you wish to delete this P2 entry?')?>")) {
|
|
| 592 |
if (confirm("<?=gettext('Are you sure you wish to delete this P2 entry?')?>")) {
|
|
| 580 | 593 |
$('#' + event.target.id.slice(1)).click();
|
| 581 | 594 |
} |
| 582 | 595 |
}); |
| src/usr/local/www/vpn_ipsec_keys.php | ||
|---|---|---|
| 110 | 110 |
?> |
| 111 | 111 |
|
| 112 | 112 |
<?php |
| 113 |
if ($savemsg) |
|
| 113 |
if ($savemsg) {
|
|
| 114 | 114 |
print_info_box($savemsg); |
| 115 |
} |
|
| 115 | 116 |
|
| 116 |
if (is_subsystem_dirty('ipsec'))
|
|
| 117 |
if (is_subsystem_dirty('ipsec')) {
|
|
| 117 | 118 |
print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
|
| 118 |
|
|
| 119 |
} |
|
| 119 | 120 |
?> |
| 120 | 121 |
|
| 121 | 122 |
<?php |
| ... | ... | |
| 143 | 144 |
<tr> |
| 144 | 145 |
<td> |
| 145 | 146 |
<?php |
| 146 |
if ($secretent['ident'] == 'allusers') |
|
| 147 |
if ($secretent['ident'] == 'allusers') {
|
|
| 147 | 148 |
echo gettext("ANY USER");
|
| 148 |
else
|
|
| 149 |
} else {
|
|
| 149 | 150 |
echo htmlspecialchars($secretent['ident']); |
| 151 |
} |
|
| 150 | 152 |
?> |
| 151 | 153 |
</td> |
| 152 | 154 |
<td> |
| 153 | 155 |
<?php |
| 154 |
if (empty($secretent['type'])) |
|
| 156 |
if (empty($secretent['type'])) {
|
|
| 155 | 157 |
echo 'PSK'; |
| 156 |
else
|
|
| 158 |
} else {
|
|
| 157 | 159 |
echo htmlspecialchars($secretent['type']); |
| 160 |
} |
|
| 158 | 161 |
?> |
| 159 | 162 |
</td> |
| 160 | 163 |
<td> |
| ... | ... | |
| 173 | 176 |
</td> |
| 174 | 177 |
<td> |
| 175 | 178 |
<?php |
| 176 |
if (empty($secretent['type'])) |
|
| 179 |
if (empty($secretent['type'])) {
|
|
| 177 | 180 |
echo 'PSK'; |
| 178 |
else
|
|
| 181 |
} else {
|
|
| 179 | 182 |
echo htmlspecialchars($secretent['type']); |
| 183 |
} |
|
| 180 | 184 |
?> |
| 181 | 185 |
</td> |
| 182 | 186 |
<td> |
| src/usr/local/www/vpn_ipsec_keys_edit.php | ||
|---|---|---|
| 188 | 188 |
$pconfig['psk'] |
| 189 | 189 |
)); |
| 190 | 190 |
|
| 191 |
if (isset($id) && $a_secret[$id]) |
|
| 192 |
{
|
|
| 191 |
if (isset($id) && $a_secret[$id]) {
|
|
| 193 | 192 |
$form->addGlobal(new Form_Input( |
| 194 | 193 |
'id', |
| 195 | 194 |
false, |
| src/usr/local/www/vpn_ipsec_mobile.php | ||
|---|---|---|
| 369 | 369 |
|
| 370 | 370 |
function dns_domain_change() {
|
| 371 | 371 |
|
| 372 |
if (document.iform.dns_domain_enable.checked) |
|
| 372 |
if (document.iform.dns_domain_enable.checked) {
|
|
| 373 | 373 |
document.iform.dns_domain.disabled = 0; |
| 374 |
else
|
|
| 374 |
} else {
|
|
| 375 | 375 |
document.iform.dns_domain.disabled = 1; |
| 376 |
} |
|
| 376 | 377 |
} |
| 377 | 378 |
|
| 378 | 379 |
function dns_split_change() {
|
| 379 | 380 |
|
| 380 |
if (document.iform.dns_split_enable.checked) |
|
| 381 |
if (document.iform.dns_split_enable.checked) {
|
|
| 381 | 382 |
document.iform.dns_split.disabled = 0; |
| 382 |
else
|
|
| 383 |
} else {
|
|
| 383 | 384 |
document.iform.dns_split.disabled = 1; |
| 385 |
} |
|
| 384 | 386 |
} |
| 385 | 387 |
|
| 386 | 388 |
function dns_server_change() {
|
| ... | ... | |
| 411 | 413 |
|
| 412 | 414 |
function pfs_group_change() {
|
| 413 | 415 |
|
| 414 |
if (document.iform.pfs_group_enable.checked) |
|
| 416 |
if (document.iform.pfs_group_enable.checked) {
|
|
| 415 | 417 |
document.iform.pfs_group.disabled = 0; |
| 416 |
else
|
|
| 418 |
} else {
|
|
| 417 | 419 |
document.iform.pfs_group.disabled = 1; |
| 420 |
} |
|
| 418 | 421 |
} |
| 419 | 422 |
|
| 420 | 423 |
function login_banner_change() {
|
| 421 | 424 |
|
| 422 |
if (document.iform.login_banner_enable.checked) |
|
| 425 |
if (document.iform.login_banner_enable.checked) {
|
|
| 423 | 426 |
document.iform.login_banner.disabled = 0; |
| 424 |
else
|
|
| 427 |
} else {
|
|
| 425 | 428 |
document.iform.login_banner.disabled = 1; |
| 429 |
} |
|
| 426 | 430 |
} |
| 427 | 431 |
|
| 428 | 432 |
//]]> |
| 429 | 433 |
</script> |
| 430 | 434 |
|
| 431 | 435 |
<?php |
| 432 |
if ($savemsg) |
|
| 436 |
if ($savemsg) {
|
|
| 433 | 437 |
print_info_box($savemsg); |
| 434 |
if (is_subsystem_dirty('ipsec'))
|
|
| 438 |
} |
|
| 439 |
if (is_subsystem_dirty('ipsec')) {
|
|
| 435 | 440 |
print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
|
| 436 |
foreach ($a_phase1 as $ph1ent) |
|
| 437 |
if (isset($ph1ent['mobile'])) |
|
| 441 |
} |
|
| 442 |
foreach ($a_phase1 as $ph1ent) {
|
|
| 443 |
if (isset($ph1ent['mobile'])) {
|
|
| 438 | 444 |
$ph1found = true; |
| 439 |
if ($pconfig['enable'] && !$ph1found) |
|
| 440 |
print_info_box_np(gettext("Support for IPsec Mobile clients is enabled but a Phase1 definition was not found") . ".<br />" . gettext("Please click Create to define one."),gettext("create"),gettext("Create Phase1"));
|
|
| 441 |
if ($input_errors) |
|
| 445 |
} |
|
| 446 |
} |
|
| 447 |
if ($pconfig['enable'] && !$ph1found) {
|
|
| 448 |
print_info_box_np(gettext("Support for IPsec Mobile clients is enabled but a Phase1 definition was not found") . ".<br />" . gettext("Please click Create to define one."), gettext("create"), gettext("Create Phase1"));
|
|
| 449 |
} |
|
| 450 |
if ($input_errors) {
|
|
| 442 | 451 |
print_input_errors($input_errors); |
| 452 |
} |
|
| 443 | 453 |
|
| 444 | 454 |
$tab_array = array(); |
| 445 | 455 |
$tab_array[0] = array(gettext("Tunnels"), false, "vpn_ipsec.php");
|
| ... | ... | |
| 464 | 474 |
|
| 465 | 475 |
$authServers = array(); |
| 466 | 476 |
|
| 467 |
foreach (auth_get_authserver_list() as $authServer) |
|
| 477 |
foreach (auth_get_authserver_list() as $authServer) {
|
|
| 468 | 478 |
$authServers[$authServer['name']] = $authServer['name']; // Value == name |
| 479 |
} |
|
| 469 | 480 |
|
| 470 | 481 |
$section->addInput(new Form_Select( |
| 471 | 482 |
'user_source', |
| ... | ... | |
| 500 | 511 |
$group = new Form_Group('');
|
| 501 | 512 |
$group->addClass('toggle-pool_enable collapse');
|
| 502 | 513 |
|
| 503 |
if (!empty($pconfig['pool_enable'])) |
|
| 514 |
if (!empty($pconfig['pool_enable'])) {
|
|
| 504 | 515 |
$group->addClass('in');
|
| 516 |
} |
|
| 505 | 517 |
|
| 506 | 518 |
$group->add(new Form_Input( |
| 507 | 519 |
'pool_address', |
| ... | ... | |
| 512 | 524 |
|
| 513 | 525 |
$netBits = array(); |
| 514 | 526 |
|
| 515 |
for ($i = 32; $i >= 0; $i--) |
|
| 527 |
for ($i = 32; $i >= 0; $i--) {
|
|
| 516 | 528 |
$netBits[$i] = $i; |
| 529 |
} |
|
| 517 | 530 |
|
| 518 | 531 |
$group->add(new Form_Select( |
| 519 | 532 |
'pool_netbits', |
| ... | ... | |
| 535 | 548 |
$group = new Form_Group('');
|
| 536 | 549 |
$group->addClass('toggle-pool_enable_v6 collapse');
|
| 537 | 550 |
|
| 538 |
if (!empty($pconfig['pool_enable_v6'])) |
|
| 551 |
if (!empty($pconfig['pool_enable_v6'])) {
|
|
| 539 | 552 |
$group->addClass('in');
|
| 553 |
} |
|
| 540 | 554 |
|
| 541 | 555 |
$group->add(new Form_Input( |
| 542 | 556 |
'pool_address_v6', |
| ... | ... | |
| 547 | 561 |
|
| 548 | 562 |
$netBits = array(); |
| 549 | 563 |
|
| 550 |
for ($i = 128; $i >= 0; $i--) |
|
| 564 |
for ($i = 128; $i >= 0; $i--) {
|
|
| 551 | 565 |
$netBitsv6[$i] = $i; |
| 566 |
} |
|
| 552 | 567 |
|
| 553 | 568 |
$group->add(new Form_Select( |
| 554 | 569 |
'pool_netbits_v6', |
| ... | ... | |
| 583 | 598 |
$group = new Form_Group('');
|
| 584 | 599 |
$group->addClass('toggle-dns_domain collapse');
|
| 585 | 600 |
|
| 586 |
if (!empty($pconfig['dns_domain_enable'])) |
|
| 601 |
if (!empty($pconfig['dns_domain_enable'])) {
|
|
| 587 | 602 |
$group->addClass('in');
|
| 603 |
} |
|
| 588 | 604 |
|
| 589 | 605 |
$group->add(new Form_Input( |
| 590 | 606 |
'dns_domain', |
| ... | ... | |
| 605 | 621 |
$group = new Form_Group('');
|
| 606 | 622 |
$group->addClass('toggle-dns_split collapse');
|
| 607 | 623 |
|
| 608 |
if (!empty($pconfig['dns_split_enable'])) |
|
| 624 |
if (!empty($pconfig['dns_split_enable'])) {
|
|
| 609 | 625 |
$group->addClass('in');
|
| 626 |
} |
|
| 610 | 627 |
|
| 611 | 628 |
$group->add(new Form_Input( |
| 612 | 629 |
'dns_split', |
| ... | ... | |
| 624 | 641 |
$pconfig['dns_server_enable'] |
| 625 | 642 |
))->toggles('.toggle-dns_server_enable');
|
| 626 | 643 |
|
| 627 |
for ($i = 1; $i <= 4; $i++) |
|
| 628 |
{
|
|
| 644 |
for ($i = 1; $i <= 4; $i++) {
|
|
| 629 | 645 |
$group = new Form_Group('Server #' . $i);
|
| 630 | 646 |
$group->addClass('toggle-dns_server_enable collapse');
|
| 631 | 647 |
|
| 632 |
if (!empty($pconfig['dns_server_enable'])) |
|
| 648 |
if (!empty($pconfig['dns_server_enable'])) {
|
|
| 633 | 649 |
$group->addClass('in');
|
| 650 |
} |
|
| 634 | 651 |
|
| 635 | 652 |
$group->add(new Form_Input( |
| 636 | 653 |
'dns_server' . $i, |
| ... | ... | |
| 649 | 666 |
$pconfig['wins_server_enable'] |
| 650 | 667 |
))->toggles('.toggle-wins_server_enable');
|
| 651 | 668 |
|
| 652 |
for ($i = 1; $i <= 2; $i++) |
|
| 653 |
{
|
|
| 669 |
for ($i = 1; $i <= 2; $i++) {
|
|
| 654 | 670 |
$group = new Form_Group('Server #' . $i);
|
| 655 | 671 |
$group->addClass('toggle-wins_server_enable collapse');
|
| 656 | 672 |
|
| 657 |
if (!empty($pconfig['wins_server_enable'])) |
|
| 673 |
if (!empty($pconfig['wins_server_enable'])) {
|
|
| 658 | 674 |
$group->addClass('in');
|
| 675 |
} |
|
| 659 | 676 |
|
| 660 | 677 |
$group->add(new Form_Input( |
| 661 | 678 |
'wins_server' . $i, |
| ... | ... | |
| 678 | 695 |
$group = new Form_Group('Group');
|
| 679 | 696 |
$group->addClass('toggle-pfs_group collapse');
|
| 680 | 697 |
|
| 681 |
if (!empty($pconfig['pfs_group_enable'])) |
|
| 698 |
if (!empty($pconfig['pfs_group_enable'])) {
|
|
| 682 | 699 |
$group->addClass('in');
|
| 700 |
} |
|
| 683 | 701 |
|
| 684 | 702 |
$group->add(new Form_Select( |
| 685 | 703 |
'pfs_group', |
| ... | ... | |
| 700 | 718 |
$group = new Form_Group('');
|
| 701 | 719 |
$group->addClass('toggle-login_banner collapse');
|
| 702 | 720 |
|
| 703 |
if (!empty($pconfig['login_banner_enable'])) |
|
| 721 |
if (!empty($pconfig['login_banner_enable'])) {
|
|
| 704 | 722 |
$group->addClass('in');
|
| 723 |
} |
|
| 705 | 724 |
|
| 706 | 725 |
// TODO: should be a textarea |
| 707 | 726 |
$group->add(new Form_Input( |
| src/usr/local/www/vpn_ipsec_phase1.php | ||
|---|---|---|
| 134 | 134 |
$pconfig['authentication_method'] = $a_phase1[$p1index]['authentication_method']; |
| 135 | 135 |
|
| 136 | 136 |
if (($pconfig['authentication_method'] == "pre_shared_key") || |
| 137 |
($pconfig['authentication_method'] == "xauth_psk_server")) {
|
|
| 137 |
($pconfig['authentication_method'] == "xauth_psk_server")) {
|
|
| 138 | 138 |
$pconfig['pskey'] = $a_phase1[$p1index]['pre-shared-key']; |
| 139 | 139 |
} else {
|
| 140 | 140 |
$pconfig['certref'] = $a_phase1[$p1index]['certref']; |
| ... | ... | |
| 526 | 526 |
|
| 527 | 527 |
$carplist = get_configured_carp_interface_list(); |
| 528 | 528 |
|
| 529 |
foreach ($carplist as $cif => $carpip) |
|
| 530 |
$interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")";
|
|
| 529 |
foreach ($carplist as $cif => $carpip) {
|
|
| 530 |
$interfaces[$cif] = $carpip . " (" . get_vip_descr($carpip) . ")";
|
|
| 531 |
} |
|
| 531 | 532 |
|
| 532 | 533 |
$aliaslist = get_configured_ip_aliases_list(); |
| 533 | 534 |
|
| 534 |
foreach ($aliaslist as $aliasip => $aliasif) |
|
| 535 |
foreach ($aliaslist as $aliasip => $aliasif) {
|
|
| 535 | 536 |
$interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
|
| 537 |
} |
|
| 536 | 538 |
|
| 537 | 539 |
$grouplist = return_gateway_groups_array(); |
| 538 | 540 |
|
| 539 | 541 |
foreach ($grouplist as $name => $group) {
|
| 540 |
if($group[0]['vip'] != "")
|
|
| 542 |
if ($group[0]['vip'] != "") {
|
|
| 541 | 543 |
$vipif = $group[0]['vip']; |
| 542 |
else
|
|
| 544 |
} else {
|
|
| 543 | 545 |
$vipif = $group[0]['int']; |
| 546 |
} |
|
| 544 | 547 |
|
| 545 | 548 |
$interfaces[$name] = "GW Group {$name}";
|
| 546 | 549 |
} |
| ... | ... | |
| 554 | 557 |
|
| 555 | 558 |
$list = array(); |
| 556 | 559 |
|
| 557 |
foreach ($p1_authentication_methods as $method_type => $method_params){
|
|
| 558 |
if (!$pconfig['mobile'] && $method_params['mobile']) |
|
| 560 |
foreach ($p1_authentication_methods as $method_type => $method_params) {
|
|
| 561 |
if (!$pconfig['mobile'] && $method_params['mobile']) {
|
|
| 559 | 562 |
continue; |
| 563 |
} |
|
| 560 | 564 |
|
| 561 | 565 |
$list[$method_type] = htmlspecialchars($method_params['name']); |
| 562 | 566 |
} |
| ... | ... | |
| 569 | 573 |
|
| 570 | 574 |
$list = array(); |
| 571 | 575 |
|
| 572 |
foreach ($my_identifier_list as $id_type => $id_params) |
|
| 576 |
foreach ($my_identifier_list as $id_type => $id_params) {
|
|
| 573 | 577 |
$list[$id_type] = htmlspecialchars($id_params['desc']); |
| 578 |
} |
|
| 574 | 579 |
|
| 575 | 580 |
return($list); |
| 576 | 581 |
} |
| ... | ... | |
| 580 | 585 |
|
| 581 | 586 |
$list = array(); |
| 582 | 587 |
|
| 583 |
foreach ($peer_identifier_list as $id_type => $id_params) |
|
| 588 |
foreach ($peer_identifier_list as $id_type => $id_params) {
|
|
| 584 | 589 |
$list[$id_type] = htmlspecialchars($id_params['desc']); |
| 590 |
} |
|
| 585 | 591 |
|
| 586 | 592 |
return($list); |
| 587 | 593 |
} |
| ... | ... | |
| 591 | 597 |
|
| 592 | 598 |
$list = array(); |
| 593 | 599 |
|
| 594 |
if(is_array($config['cert'])) {
|
|
| 595 |
foreach ($config['cert'] as $cert) |
|
| 600 |
if (is_array($config['cert'])) {
|
|
| 601 |
foreach ($config['cert'] as $cert) {
|
|
| 596 | 602 |
$list[$cert['refid']] = $cert['descr']; |
| 603 |
} |
|
| 597 | 604 |
} |
| 598 | 605 |
|
| 599 | 606 |
return($list); |
| ... | ... | |
| 604 | 611 |
|
| 605 | 612 |
$list = array(); |
| 606 | 613 |
|
| 607 |
if(is_array($config['ca'])) {
|
|
| 608 |
foreach ($config['ca'] as $ca) |
|
| 609 |
$list[$ca['refid']] = $ca['descr']; |
|
| 614 |
if (is_array($config['ca'])) {
|
|
| 615 |
foreach ($config['ca'] as $ca) {
|
|
| 616 |
$list[$ca['refid']] = $ca['descr']; |
|
| 617 |
} |
|
| 610 | 618 |
} |
| 611 | 619 |
|
| 612 | 620 |
return($list); |
| ... | ... | |
| 617 | 625 |
|
| 618 | 626 |
$list = array(); |
| 619 | 627 |
|
| 620 |
if(is_array($p1_ealgos)) {
|
|
| 621 |
foreach ($p1_ealgos as $algo => $algodata) |
|
| 628 |
if (is_array($p1_ealgos)) {
|
|
| 629 |
foreach ($p1_ealgos as $algo => $algodata) {
|
|
| 622 | 630 |
$list[$algo] = htmlspecialchars($algodata['name']); |
| 631 |
} |
|
| 623 | 632 |
} |
| 624 | 633 |
|
| 625 | 634 |
return($list); |
| ... | ... | |
| 749 | 758 |
$pconfig['peerid_data'] |
| 750 | 759 |
)); |
| 751 | 760 |
|
| 752 |
if($pconfig['mobile'])
|
|
| 761 |
if ($pconfig['mobile']) {
|
|
| 753 | 762 |
$group->setHelp('This is known as the "group" setting on some VPN client implementations');
|
| 763 |
} |
|
| 754 | 764 |
|
| 755 | 765 |
$section->add($group); |
| 756 | 766 |
|
| ... | ... | |
| 910 | 920 |
|
| 911 | 921 |
/* determine if we should init the key length */ |
| 912 | 922 |
$keyset = ''; |
| 913 |
if (isset($pconfig['ealgo']['keylen'])) |
|
| 914 |
if (is_numeric($pconfig['ealgo']['keylen'])) |
|
| 923 |
if (isset($pconfig['ealgo']['keylen'])) {
|
|
| 924 |
if (is_numeric($pconfig['ealgo']['keylen'])) {
|
|
| 915 | 925 |
$keyset = $pconfig['ealgo']['keylen']; |
| 926 |
} |
|
| 927 |
} |
|
| 916 | 928 |
?> |
| 917 | 929 |
|
| 918 | 930 |
|
| ... | ... | |
| 920 | 932 |
|
| 921 | 933 |
<script type="text/javascript"> |
| 922 | 934 |
//<![CDATA[ |
| 923 |
events.push(function(){
|
|
| 935 |
events.push(function() {
|
|
| 924 | 936 |
|
| 925 | 937 |
function myidsel_change() {
|
| 926 | 938 |
hideGroupInput('myid_data', ($('#myid_type').val() == 'myaddress'));
|
| ... | ... | |
| 1028 | 1040 |
?> |
| 1029 | 1041 |
} |
| 1030 | 1042 |
|
| 1031 |
if( bits )
|
|
| 1043 |
if (bits) {
|
|
| 1032 | 1044 |
$('#ealgo_keylen').val(bits);
|
| 1045 |
} |
|
| 1033 | 1046 |
} |
| 1034 | 1047 |
|
| 1035 | 1048 |
function dpdchkbox_change() {
|
| 1036 |
hide = ! $('#dpd_enable').prop('checked');
|
|
| 1049 |
hide = !$('#dpd_enable').prop('checked');
|
|
| 1037 | 1050 |
|
| 1038 | 1051 |
hideInput('dpd_delay', hide);
|
| 1039 | 1052 |
hideInput('dpd_maxfail', hide);
|
| 1040 | 1053 |
|
| 1041 |
if(! $('#dpd_delay').val())
|
|
| 1054 |
if (!$('#dpd_delay').val()) {
|
|
| 1042 | 1055 |
$('#dpd_delay').val('10')
|
| 1056 |
} |
|
| 1043 | 1057 |
|
| 1044 |
if(! $('#dpd_maxfail').val())
|
|
| 1058 |
if (!$('#dpd_maxfail').val()) {
|
|
| 1045 | 1059 |
$('#dpd_maxfail').val('5')
|
| 1060 |
} |
|
| 1046 | 1061 |
} |
| 1047 | 1062 |
|
| 1048 | 1063 |
// ---------- Monitor elements for change and call the appropriate display functions ---------- |
| src/usr/local/www/vpn_ipsec_phase2.php | ||
|---|---|---|
| 261 | 261 |
$entered = array(); |
| 262 | 262 |
$entered['type'] = $pconfig['localid_type']; |
| 263 | 263 |
|
| 264 |
if (isset($pconfig['localid_address'])) |
|
| 264 |
if (isset($pconfig['localid_address'])) {
|
|
| 265 | 265 |
$entered['address'] = $pconfig['localid_address']; |
| 266 |
} |
|
| 266 | 267 |
|
| 267 |
if (isset($pconfig['localid_netbits'])) |
|
| 268 |
if (isset($pconfig['localid_netbits'])) {
|
|
| 268 | 269 |
$entered['netbits'] = $pconfig['localid_netbits']; |
| 270 |
} |
|
| 269 | 271 |
|
| 270 | 272 |
$entered_localid_data = ipsec_idinfo_to_cidr($entered, false, $pconfig['mode']); |
| 271 | 273 |
if ($localid_data == $entered_localid_data) {
|
| ... | ... | |
| 466 | 468 |
return $ealgos; |
| 467 | 469 |
} |
| 468 | 470 |
|
| 469 |
function ealgos_to_pconfig(& $ealgos,& $pconfig) {
|
|
| 471 |
function ealgos_to_pconfig(& $ealgos, & $pconfig) {
|
|
| 470 | 472 |
|
| 471 | 473 |
$pconfig['ealgos'] = array(); |
| 472 | 474 |
foreach ($ealgos as $algo_data) {
|
| ... | ... | |
| 479 | 481 |
return $ealgos; |
| 480 | 482 |
} |
| 481 | 483 |
|
| 482 |
function pconfig_to_idinfo($prefix,& $pconfig) {
|
|
| 484 |
function pconfig_to_idinfo($prefix, & $pconfig) {
|
|
| 483 | 485 |
|
| 484 | 486 |
$type = $pconfig[$prefix."id_type"]; |
| 485 | 487 |
$address = $pconfig[$prefix."id_address"]; |
| ... | ... | |
| 495 | 497 |
} |
| 496 | 498 |
} |
| 497 | 499 |
|
| 498 |
function idinfo_to_pconfig($prefix,& $idinfo,& $pconfig) {
|
|
| 500 |
function idinfo_to_pconfig($prefix, & $idinfo, & $pconfig) {
|
|
| 499 | 501 |
|
| 500 | 502 |
switch ($idinfo['type']) {
|
| 501 | 503 |
case "address": |
| ... | ... | |
| 513 | 515 |
} |
| 514 | 516 |
} |
| 515 | 517 |
|
| 516 |
if ($input_errors) |
|
| 518 |
if ($input_errors) {
|
|
| 517 | 519 |
print_input_errors($input_errors); |
| 520 |
} |
|
| 518 | 521 |
|
| 519 | 522 |
$tab_array = array(); |
| 520 | 523 |
$tab_array[0] = array(gettext("Tunnels"), !$editing_mobile, "vpn_ipsec.php");
|
| ... | ... | |
| 545 | 548 |
$group->addClass('opt_localid');
|
| 546 | 549 |
|
| 547 | 550 |
$subnetarray = get_configured_interface_with_descr(); |
| 548 |
foreach($subnetarray as $ifname => $ifdescr)
|
|
| 551 |
foreach ($subnetarray as $ifname => $ifdescr) {
|
|
| 549 | 552 |
$subnetarray[$ifname] = $ifdescr . ' subnet'; |
| 553 |
} |
|
| 550 | 554 |
|
| 551 | 555 |
$group->add(new Form_Select( |
| 552 | 556 |
'localid_type', |
| ... | ... | |
| 567 | 571 |
$group->addClass('opt_natid');
|
| 568 | 572 |
|
| 569 | 573 |
$subnetarray = get_configured_interface_with_descr(); |
| 570 |
foreach($subnetarray as $ifname => $ifdescr)
|
|
| 574 |
foreach ($subnetarray as $ifname => $ifdescr) {
|
|
| 571 | 575 |
$subnetarray[$ifname] = $ifdescr . ' subnet'; |
| 576 |
} |
|
| 572 | 577 |
|
| 573 | 578 |
// Tack none, address & network on the beginning |
| 574 | 579 |
$subnetarray = array('none' => gettext('None'), 'address' => 'Address', 'network' => 'Network') + $subnetarray;
|
| ... | ... | |
| 638 | 643 |
'ealgos[]', |
| 639 | 644 |
null, |
| 640 | 645 |
$algodata['name'], |
| 641 |
(is_array($pconfig['ealgos']) && in_array($algo,$pconfig['ealgos'])), |
|
| 646 |
(is_array($pconfig['ealgos']) && in_array($algo, $pconfig['ealgos'])),
|
|
| 642 | 647 |
$algo |
| 643 | 648 |
))->addClass('multi');
|
| 644 | 649 |
|
| 645 |
if(is_array($algodata['keysel'])) {
|
|
| 650 |
if (is_array($algodata['keysel'])) {
|
|
| 646 | 651 |
$list = array(); |
| 647 | 652 |
$key_hi = $algodata['keysel']['hi']; |
| 648 | 653 |
$key_lo = $algodata['keysel']['lo']; |
| ... | ... | |
| 660 | 665 |
} |
| 661 | 666 |
|
| 662 | 667 |
|
| 663 |
if($i == $rows)
|
|
| 668 |
if ($i == $rows) {
|
|
| 664 | 669 |
$group->setHelp('Use 3DES for best compatibility or if you have a hardware crypto accelerator card. Blowfish is usually the fastest in software encryption.');
|
| 670 |
} |
|
| 665 | 671 |
|
| 666 | 672 |
$i++; |
| 667 | 673 |
$section->add($group); |
| ... | ... | |
| 748 | 754 |
|
| 749 | 755 |
<script type="text/javascript"> |
| 750 | 756 |
//<![CDATA[ |
| 751 |
events.push(function(){
|
|
| 757 |
events.push(function() {
|
|
| 752 | 758 |
|
| 753 | 759 |
// ---------- On changing "Mode" ---------------------------------------------------------------------------------- |
| 754 | 760 |
function change_mode() {
|
| ... | ... | |
| 779 | 785 |
if (typeof(bits) === "undefined") {
|
| 780 | 786 |
if (value === "tunnel") {
|
| 781 | 787 |
bits = 24; |
| 782 |
} |
|
| 783 |
else if (value === "tunnel6") {
|
|
| 788 |
} else if (value === "tunnel6") {
|
|
| 784 | 789 |
bits = 64; |
| 785 | 790 |
} |
| 786 | 791 |
} |
| ... | ... | |
| 830 | 835 |
if (typeof(bits) === "undefined") {
|
| 831 | 836 |
if (value === "tunnel") {
|
| 832 | 837 |
bits = 24; |
| 833 |
} |
|
| 834 |
else if (value === "tunnel6") {
|
|
| 838 |
} else if (value === "tunnel6") {
|
|
| 835 | 839 |
bits = 64; |
| 836 | 840 |
} |
| 837 | 841 |
} |
| ... | ... | |
| 886 | 890 |
if (typeof(bits) === "undefined") {
|
| 887 | 891 |
if (value === "tunnel") {
|
| 888 | 892 |
bits = 24; |
| 889 |
} |
|
| 890 |
else if (value === "tunnel6") {
|
|
| 893 |
} else if (value === "tunnel6") {
|
|
| 891 | 894 |
bits = 64; |
| 892 | 895 |
} |
| 893 | 896 |
} |
| src/usr/local/www/vpn_ipsec_settings.php | ||
|---|---|---|
| 252 | 252 |
</script> |
| 253 | 253 |
|
| 254 | 254 |
<?php |
| 255 |
if ($savemsg) |
|
| 255 |
if ($savemsg) {
|
|
| 256 | 256 |
print_info_box($savemsg); |
| 257 |
} |
|
| 257 | 258 |
|
| 258 |
if ($input_errors) |
|
| 259 |
if ($input_errors) {
|
|
| 259 | 260 |
print_input_errors($input_errors); |
| 261 |
} |
|
| 260 | 262 |
|
| 261 | 263 |
$tab_array = array(); |
| 262 | 264 |
$tab_array[0] = array(gettext("Tunnels"), false, "vpn_ipsec.php");
|
| ... | ... | |
| 269 | 271 |
|
| 270 | 272 |
$section = new Form_Section('Start IPsec in debug mode based on sections selected');
|
| 271 | 273 |
|
| 272 |
foreach ($ipsec_log_cats as $cat => $desc) |
|
| 273 |
{
|
|
| 274 |
foreach ($ipsec_log_cats as $cat => $desc) {
|
|
| 274 | 275 |
$section->addInput(new Form_Select( |
| 275 | 276 |
$cat, |
| 276 | 277 |
$desc, |
| ... | ... | |
| 338 | 339 |
$group = new Form_Group('Maximum MSS');
|
| 339 | 340 |
$group->addClass('toggle-maxmss collapse');
|
| 340 | 341 |
|
| 341 |
if (!empty($pconfig['maxmss_enable'])) |
|
| 342 |
if (!empty($pconfig['maxmss_enable'])) {
|
|
| 342 | 343 |
$group->addClass('in');
|
| 344 |
} |
|
| 343 | 345 |
|
| 344 | 346 |
$group->add(new Form_Input( |
| 345 | 347 |
'maxmss', |
| src/usr/local/www/vpn_l2tp.php | ||
|---|---|---|
| 127 | 127 |
$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_l2tp_units'] - 1; |
| 128 | 128 |
|
| 129 | 129 |
if ((ip2ulong($_POST['localip']) >= $subnet_start) && |
| 130 |
(ip2ulong($_POST['localip']) <= $subnet_end)) {
|
|
| 130 |
(ip2ulong($_POST['localip']) <= $subnet_end)) {
|
|
| 131 | 131 |
$input_errors[] = gettext("The specified server address lies in the remote subnet.");
|
| 132 | 132 |
} |
| 133 | 133 |
if ($_POST['localip'] == get_interface_ip("lan")) {
|
| ... | ... | |
| 206 | 206 |
$shortcut_section = "l2tps"; |
| 207 | 207 |
include("head.inc");
|
| 208 | 208 |
|
| 209 |
if ($input_errors) |
|
| 209 |
if ($input_errors) {
|
|
| 210 | 210 |
print_input_errors($input_errors); |
| 211 |
} |
|
| 211 | 212 |
|
| 212 |
if ($savemsg) |
|
| 213 |
if ($savemsg) {
|
|
| 213 | 214 |
print_info_box($savemsg); |
| 215 |
} |
|
| 214 | 216 |
|
| 215 | 217 |
$tab_array = array(); |
| 216 | 218 |
$tab_array[] = array(gettext("Configuration"), true, "vpn_l2tp.php");
|
| ... | ... | |
| 354 | 356 |
|
| 355 | 357 |
<script type="text/javascript"> |
| 356 | 358 |
//<![CDATA[ |
| 357 |
events.push(function(){
|
|
| 359 |
events.push(function() {
|
|
| 358 | 360 |
|
| 359 | 361 |
function setL2TP () {
|
| 360 | 362 |
hide = ! $('#mode').prop('checked');
|
| src/usr/local/www/vpn_l2tp_users.php | ||
|---|---|---|
| 101 | 101 |
|
| 102 | 102 |
include("head.inc");
|
| 103 | 103 |
|
| 104 |
if ($savemsg) |
|
| 104 |
if ($savemsg) {
|
|
| 105 | 105 |
print_info_box($savemsg, success); |
| 106 |
} |
|
| 106 | 107 |
|
| 107 |
if (isset($config['l2tp']['radius']['enable'])) |
|
| 108 |
if (isset($config['l2tp']['radius']['enable'])) {
|
|
| 108 | 109 |
print_info_box(gettext("Warning: RADIUS is enabled. The local user database will not be used."));
|
| 110 |
} |
|
| 109 | 111 |
|
| 110 |
if (is_subsystem_dirty('l2tpusers'))
|
|
| 112 |
if (is_subsystem_dirty('l2tpusers')) {
|
|
| 111 | 113 |
print_info_box_np(gettext("The l2tp user list has been modified") . ".<br />" . gettext("You must apply the changes in order for them to take effect") . ".<br /><b>" . gettext("Warning: this will terminate all current l2tp sessions!") . "</b>");
|
| 114 |
} |
|
| 112 | 115 |
|
| 113 | 116 |
|
| 114 |
$tab_array = array();
|
|
| 115 |
$tab_array[] = array(gettext("Configuration"), false, "vpn_l2tp.php");
|
|
| 116 |
$tab_array[] = array(gettext("Users"), true, "vpn_l2tp_users.php");
|
|
| 117 |
display_top_tabs($tab_array);
|
|
| 117 |
$tab_array = array(); |
|
| 118 |
$tab_array[] = array(gettext("Configuration"), false, "vpn_l2tp.php");
|
|
| 119 |
$tab_array[] = array(gettext("Users"), true, "vpn_l2tp_users.php");
|
|
| 120 |
display_top_tabs($tab_array); |
|
| 118 | 121 |
?> |
| 119 | 122 |
<div class="table-responsive"> |
| 120 | 123 |
<table class="table table-striped table-hover"> |
| ... | ... | |
| 132 | 135 |
<?=htmlspecialchars($secretent['name'])?> |
| 133 | 136 |
</td> |
| 134 | 137 |
<td> |
| 135 |
<?php if($secretent['ip'] == "") $secretent['ip'] = "Dynamic"?> |
|
| 138 |
<?php if ($secretent['ip'] == "") $secretent['ip'] = "Dynamic"?>
|
|
| 136 | 139 |
<?=htmlspecialchars($secretent['ip'])?> |
| 137 | 140 |
</td> |
| 138 | 141 |
<td> |
| src/usr/local/www/vpn_l2tp_users_edit.php | ||
|---|---|---|
| 178 | 178 |
?> |
| 179 | 179 |
|
| 180 | 180 |
<?php |
| 181 |
if ($input_errors) |
|
| 181 |
if ($input_errors) {
|
|
| 182 | 182 |
print_input_errors($input_errors); |
| 183 |
} |
|
| 183 | 184 |
?> |
| 184 | 185 |
|
| 185 | 186 |
<form class="form-horizontal" action="vpn_l2tp_users_edit.php" method="post" name="iform" id="iform"> |
| src/usr/local/www/vpn_openvpn_client.php | ||
|---|---|---|
| 300 | 300 |
|
| 301 | 301 |
if (!$tls_mode && !$pconfig['autokey_enable']) {
|
| 302 | 302 |
if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") || |
| 303 |
!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----")) {
|
|
| 303 |
!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----")) {
|
|
| 304 | 304 |
$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
|
| 305 | 305 |
} |
| 306 | 306 |
} |
| 307 | 307 |
|
| 308 | 308 |
if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable']) {
|
| 309 | 309 |
if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") || |
| 310 |
!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----")) {
|
|
| 310 |
!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----")) {
|
|
| 311 | 311 |
$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
|
| 312 | 312 |
} |
| 313 | 313 |
} |
| ... | ... | |
| 406 | 406 |
|
| 407 | 407 |
include("head.inc");
|
| 408 | 408 |
|
| 409 |
if (!$savemsg) |
|
| 409 |
if (!$savemsg) {
|
|
| 410 | 410 |
$savemsg = ""; |
| 411 |
} |
|
| 411 | 412 |
|
| 412 |
if ($input_errors) |
|
| 413 |
if ($input_errors) {
|
|
| 413 | 414 |
print_input_errors($input_errors); |
| 415 |
} |
|
| 414 | 416 |
|
| 415 |
if ($savemsg) |
|
| 417 |
if ($savemsg) {
|
|
| 416 | 418 |
print_info_box($savemsg, 'success'); |
| 419 |
} |
|
| 417 | 420 |
|
| 418 | 421 |
$tab_array = array(); |
| 419 | 422 |
$tab_array[] = array(gettext("Server"), false, "vpn_openvpn_server.php");
|
| ... | ... | |
| 423 | 426 |
add_package_tabs("OpenVPN", $tab_array);
|
| 424 | 427 |
display_top_tabs($tab_array); |
| 425 | 428 |
|
| 426 |
if($act=="new" || $act=="edit") :
|
|
| 429 |
if ($act=="new" || $act=="edit"):
|
|
| 427 | 430 |
$form = new Form(); |
| 428 | 431 |
|
| 429 | 432 |
$section = new Form_Section('General Information');
|
| ... | ... | |
| 573 | 576 |
|
| 574 | 577 |
if (count($a_ca)) {
|
| 575 | 578 |
$list = array(); |
| 576 |
foreach ($a_ca as $ca) |
|
| 579 |
foreach ($a_ca as $ca) {
|
|
| 577 | 580 |
$list[$ca['refid']] = $ca['descr']; |
| 581 |
} |
|
| 578 | 582 |
|
| 579 | 583 |
$section->addInput(new Form_Select( |
| 580 | 584 |
'caref', |
| ... | ... | |
| 788 | 792 |
<tbody> |
| 789 | 793 |
<?php |
| 790 | 794 |
$i = 0; |
| 791 |
foreach($a_client as $client): |
|
| 795 |
foreach ($a_client as $client):
|
|
| 792 | 796 |
$server = "{$client['server_addr']}:{$client['server_port']}";
|
| 793 | 797 |
?> |
| 794 | 798 |
<tr <?=isset($server['disable']) ? 'class="disabled"':''?>> |
| ... | ... | |
| 827 | 831 |
|
| 828 | 832 |
// Note: |
| 829 | 833 |
// The following *_change() functions were converted from Javascript/DOM to JQuery but otherwise |
| 830 |
// mostly left unchanged. The logic on this form is complex andthis works! |
|
| 834 |
// mostly left unchanged. The logic on this form is complex and this works!
|
|
| 831 | 835 |
?> |
| 832 | 836 |
|
| 833 | 837 |
<script type="text/javascript"> |
| 834 | 838 |
//<![CDATA[ |
| 835 |
events.push(function(){
|
|
| 839 |
events.push(function() {
|
|
| 836 | 840 |
|
| 837 | 841 |
function mode_change() {
|
| 838 |
switch($('#mode').val()) {
|
|
| 842 |
switch ($('#mode').val()) {
|
|
| 839 | 843 |
case "p2p_tls": |
| 840 | 844 |
hideCheckbox('tlsauth_enable', false);
|
| 841 | 845 |
hideInput('caref', false);
|
| src/usr/local/www/vpn_openvpn_csc.php | ||
|---|---|---|
| 310 | 310 |
|
| 311 | 311 |
include("head.inc");
|
| 312 | 312 |
|
| 313 |
if ($input_errors) |
|
| 313 |
if ($input_errors) {
|
|
| 314 | 314 |
print_input_errors($input_errors); |
| 315 |
} |
|
| 315 | 316 |
|
| 316 |
if ($savemsg) |
|
| 317 |
if ($savemsg) {
|
|
| 317 | 318 |
print_info_box($savemsg, 'success'); |
| 319 |
} |
|
| 318 | 320 |
|
| 319 | 321 |
$tab_array = array(); |
| 320 | 322 |
$tab_array[] = array(gettext("Server"), false, "vpn_openvpn_server.php");
|
| ... | ... | |
| 324 | 326 |
add_package_tabs("OpenVPN", $tab_array);
|
| 325 | 327 |
display_top_tabs($tab_array); |
| 326 | 328 |
|
| 327 |
if($act=="new" || $act=="edit"):
|
|
| 329 |
if ($act == "new" || $act == "edit"):
|
|
| 328 | 330 |
$form = new Form(); |
| 329 | 331 |
|
| 330 | 332 |
$section = new Form_Section('General Information');
|
| ... | ... | |
| 610 | 612 |
|
| 611 | 613 |
<script type="text/javascript"> |
| 612 | 614 |
//<![CDATA[ |
| 613 |
events.push(function(){
|
|
| 615 |
events.push(function() {
|
|
| 614 | 616 |
|
| 615 | 617 |
// Hide/show that section, but have to also respect the wins_server_enable checkbox |
| 616 | 618 |
function setNetbios() {
|
| 617 |
if($('#netbios_enable').prop('checked')) {
|
|
| 619 |
if ($('#netbios_enable').prop('checked')) {
|
|
| 618 | 620 |
hideInput('netbios_ntype', false);
|
| 619 | 621 |
hideInput('netbios_scope', false);
|
| 620 | 622 |
hideCheckbox('wins_server_enable', false);
|
| ... | ... | |
| 669 | 671 |
<tbody> |
| 670 | 672 |
<?php |
| 671 | 673 |
$i = 0; |
| 672 |
foreach($a_csc as $csc): |
|
| 674 |
foreach ($a_csc as $csc):
|
|
| 673 | 675 |
$disabled = isset($csc['disable']) ? "Yes":"No"; |
| 674 | 676 |
?> |
| 675 | 677 |
<tr> |
| src/usr/local/www/vpn_openvpn_server.php | ||
|---|---|---|
| 221 | 221 |
$pconfig['dns_server4'] = $a_server[$id]['dns_server4']; |
| 222 | 222 |
|
| 223 | 223 |
if ($pconfig['dns_server1'] || |
| 224 |
$pconfig['dns_server2'] ||
|
|
| 225 |
$pconfig['dns_server3'] ||
|
|
| 226 |
$pconfig['dns_server4']) {
|
|
| 224 |
$pconfig['dns_server2'] ||
|
|
| 225 |
$pconfig['dns_server3'] ||
|
|
| 226 |
$pconfig['dns_server4']) {
|
|
| 227 | 227 |
$pconfig['dns_server_enable'] = true; |
| 228 | 228 |
} |
| 229 | 229 |
|
| ... | ... | |
| 231 | 231 |
$pconfig['ntp_server2'] = $a_server[$id]['ntp_server2']; |
| 232 | 232 |
|
| 233 | 233 |
if ($pconfig['ntp_server1'] || |
| 234 |
$pconfig['ntp_server2']) {
|
|
| 234 |
$pconfig['ntp_server2']) {
|
|
| 235 | 235 |
$pconfig['ntp_server_enable'] = true; |
| 236 | 236 |
} |
| 237 | 237 |
|
| ... | ... | |
| 243 | 243 |
$pconfig['wins_server2'] = $a_server[$id]['wins_server2']; |
| 244 | 244 |
|
| 245 | 245 |
if ($pconfig['wins_server1'] || |
| 246 |
$pconfig['wins_server2']) {
|
|
| 246 |
$pconfig['wins_server2']) {
|
|
| 247 | 247 |
$pconfig['wins_server_enable'] = true; |
| 248 | 248 |
} |
| 249 | 249 |
|
| ... | ... | |
| 345 | 345 |
|
| 346 | 346 |
if (!$tls_mode && !$pconfig['autokey_enable']) {
|
| 347 | 347 |
if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") || |
| 348 |
!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----")) {
|
|
| 348 |
!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----")) {
|
|
| 349 | 349 |
$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
|
| 350 | 350 |
} |
| 351 | 351 |
} |
| 352 | 352 |
|
| 353 | 353 |
if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable']) {
|
| 354 | 354 |
if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") || |
| 355 |
!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----")) {
|
|
| 355 |
!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----")) {
|
|
| 356 | 356 |
$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
|
| 357 | 357 |
} |
| 358 | 358 |
} |
| ... | ... | |
| 438 | 438 |
$input_errors[] = gettext("Using a tunnel network and server bridge settings together is not allowed.");
|
| 439 | 439 |
} |
| 440 | 440 |
if (($pconfig['serverbridge_dhcp_start'] && !$pconfig['serverbridge_dhcp_end']) || |
| 441 |
(!$pconfig['serverbridge_dhcp_start'] && $pconfig['serverbridge_dhcp_end'])) {
|
|
| 441 |
(!$pconfig['serverbridge_dhcp_start'] && $pconfig['serverbridge_dhcp_end'])) {
|
|
| 442 | 442 |
$input_errors[] = gettext("Server Bridge DHCP Start and End must both be empty, or defined.");
|
| 443 | 443 |
} |
| 444 | 444 |
if (($pconfig['serverbridge_dhcp_start'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_start']))) {
|
| ... | ... | |
| 594 | 594 |
|
| 595 | 595 |
include("head.inc");
|
| 596 | 596 |
|
| 597 |
if (!$savemsg) |
|
| 597 |
if (!$savemsg) {
|
|
| 598 | 598 |
$savemsg = ""; |
| 599 |
} |
|
| 599 | 600 |
|
| 600 |
if ($input_errors) |
|
| 601 |
if ($input_errors) {
|
|
| 601 | 602 |
print_input_errors($input_errors); |
| 603 |
} |
|
| 602 | 604 |
|
| 603 |
if ($savemsg) |
|
| 605 |
if ($savemsg) {
|
|
| 604 | 606 |
print_info_box_np($savemsg, 'success'); |
| 607 |
} |
|
| 605 | 608 |
|
| 606 | 609 |
$tab_array = array(); |
| 607 | 610 |
$tab_array[] = array(gettext("Server"), true, "vpn_openvpn_server.php");
|
| ... | ... | |
| 613 | 616 |
|
| 614 | 617 |
$form = new Form(); |
| 615 | 618 |
|
| 616 |
if($act=="new" || $act=="edit") :
|
|
| 619 |
if ($act=="new" || $act=="edit"):
|
|
| 617 | 620 |
|
| 618 | 621 |
|
| 619 | 622 |
$section = new Form_Section('General Information');
|
| ... | ... | |
| 642 | 645 |
$authmodes[0] = key($auth_servers); |
| 643 | 646 |
} |
| 644 | 647 |
|
| 645 |
foreach ($auth_servers as $auth_server_key => $auth_server) |
|
| 648 |
foreach ($auth_servers as $auth_server_key => $auth_server) {
|
|
| 646 | 649 |
$options[$auth_server_key] = $auth_server['name']; |
| 650 |
} |
|
| 647 | 651 |
|
| 648 | 652 |
$section->addInput(new Form_Select( |
| 649 | 653 |
'authmode', |
| ... | ... | |
| 717 | 721 |
if (count($a_ca)) {
|
| 718 | 722 |
|
| 719 | 723 |
$list = array(); |
| 720 |
foreach ($a_ca as $ca) |
|
| 724 |
foreach ($a_ca as $ca) {
|
|
| 721 | 725 |
$list[$ca['refid']] = $ca['descr']; |
| 726 |
} |
|
| 722 | 727 |
|
| 723 | 728 |
$section->addInput(new Form_Select( |
| 724 | 729 |
'caref', |
| ... | ... | |
| 776 | 781 |
'dh_length', |
| 777 | 782 |
'DH Parameter length (bits)', |
| 778 | 783 |
$pconfig['dh_length'], |
| 779 |
array_combine($openvpn_dh_lengths,$openvpn_dh_lengths) |
|
| 784 |
array_combine($openvpn_dh_lengths, $openvpn_dh_lengths)
|
|
| 780 | 785 |
))->setHelp(count($a_cert) ? '':sprintf('No Certificates defined. You may create one here: %s', '<a href="system_camanager.php">System > Cert Manager</a>'));
|
| 781 | 786 |
|
| 782 | 787 |
if (!$pconfig['shared_key']) {
|
| ... | ... | |
| 1202 | 1207 |
<tbody> |
| 1203 | 1208 |
<?php |
| 1204 | 1209 |
$i = 0; |
| 1205 |
foreach($a_server as $server): |
|
| 1210 |
foreach ($a_server as $server):
|
|
| 1206 | 1211 |
?> |
| 1207 | 1212 |
<tr <?=isset($server['disable']) ? 'class="disabled"':''?>> |
| 1208 | 1213 |
<td> |
| ... | ... | |
| 1246 | 1251 |
|
| 1247 | 1252 |
<script type="text/javascript"> |
| 1248 | 1253 |
//<![CDATA[ |
| 1249 |
events.push(function(){
|
|
| 1254 |
events.push(function() {
|
|
| 1250 | 1255 |
|
| 1251 | 1256 |
function mode_change() {
|
| 1252 | 1257 |
value = $('#mode').val();
|
| ... | ... | |
| 1257 | 1262 |
hideInput('crlref', false);
|
| 1258 | 1263 |
hideLabel('Peer Certificate Revocation list', false);
|
| 1259 | 1264 |
|
| 1260 |
switch(value) {
|
|
| 1265 |
switch (value) {
|
|
| 1261 | 1266 |
case "p2p_tls": |
| 1262 | 1267 |
case "server_tls": |
| 1263 | 1268 |
case "server_user": |
| ... | ... | |
| 1297 | 1302 |
break; |
| 1298 | 1303 |
} |
| 1299 | 1304 |
|
| 1300 |
switch(value) {
|
|
| 1305 |
switch (value) {
|
|
| 1301 | 1306 |
case "p2p_shared_key": |
| 1302 | 1307 |
hideClass('advanced', true);
|
| 1303 | 1308 |
hideInput('remote_network', false);
|
| ... | ... | |
| 1360 | 1365 |
// Hide 'autotls_enable' AND 'tls' if mode == p2p_shared_key |
| 1361 | 1366 |
// Otherwise hide 'tls' based on state of 'autotls_enable' |
| 1362 | 1367 |
function autotls_change() {
|
| 1363 |
if(($('#mode').val() == 'p2p_shared_key') || (!$('#tlsauth_enable').prop('checked'))){
|
|
| 1368 |
if (($('#mode').val() == 'p2p_shared_key') || (!$('#tlsauth_enable').prop('checked'))) {
|
|
| 1364 | 1369 |
hideInput('tls', true);
|
| 1365 | 1370 |
hideInput('autotls_enable', true);
|
| 1366 | 1371 |
} else {
|
| ... | ... | |
| 1372 | 1377 |
function autokey_change() {
|
| 1373 | 1378 |
var hide = $('#autokey_enable').prop('checked')
|
| 1374 | 1379 |
|
| 1375 |
if($('#mode').val() != 'p2p_shared_key') {
|
|
| 1380 |
if ($('#mode').val() != 'p2p_shared_key') {
|
|
| 1376 | 1381 |
hideCheckbox('autokey_enable', true);
|
| 1377 | 1382 |
hideInput('shared_key', true);
|
| 1378 | 1383 |
} else {
|
| ... | ... | |
| 1442 | 1447 |
|
| 1443 | 1448 |
mvalue = $('#mode').val();
|
| 1444 | 1449 |
|
| 1445 |
switch(mvalue) {
|
|
| 1450 |
switch (mvalue) {
|
|
| 1446 | 1451 |
case "p2p_shared_key": |
| 1447 | 1452 |
sharedkey = true; |
| 1448 | 1453 |
p2p = true; |
| ... | ... | |
| 1459 | 1464 |
|
| 1460 | 1465 |
value = $('#dev_mode').val();
|
| 1461 | 1466 |
|
| 1462 |
switch(value) {
|
|
| 1467 |
switch (value) {
|
|
| 1463 | 1468 |
case "tun": |
| 1464 | 1469 |
hideCheckbox('no_tun_ipv6', false);
|
| 1465 | 1470 |
hideInput('tunnel_network', false);
|
| ... | ... | |
| 1490 | 1495 |
hideInput('serverbridge_dhcp_end', false);
|
| 1491 | 1496 |
hideInput('topology', true);
|
| 1492 | 1497 |
|
| 1493 |
if( $('#serverbridge_dhcp').prop('checked')) {
|
|
| 1498 |
if ($('#serverbridge_dhcp').prop('checked')) {
|
|
| 1494 | 1499 |
disableInput('serverbridge_interface', false);
|
| 1495 | 1500 |
disableInput('serverbridge_dhcp_start', false);
|
| 1496 | 1501 |
disableInput('serverbridge_dhcp_end', false);
|
| src/usr/local/www/wizard.php | ||
|---|---|---|
| 482 | 482 |
|
| 483 | 483 |
$section = new Form_Section(fixup_string($title)); |
| 484 | 484 |
|
| 485 |
if($description) {
|
|
| 485 |
if ($description) {
|
|
| 486 | 486 |
$section->addInput(new Form_StaticText( |
| 487 | 487 |
null, |
| 488 | 488 |
fixup_string($description) |
| ... | ... | |
| 523 | 523 |
} |
| 524 | 524 |
|
| 525 | 525 |
|
| 526 |
if(DEBUG) {
|
|
| 526 |
if (DEBUG) {
|
|
| 527 | 527 |
print('Step: ' . $pkg['step'][$stepid]['id'] . ', Field: ' . $field['type'] . ', Name: ' . $name . '<br />');
|
| 528 | 528 |
} |
| 529 | 529 |
|
| ... | ... | |
| 585 | 585 |
|
| 586 | 586 |
$etitle = (fixup_string($field['displayname'])) ? $field['displayname'] : $field['name']; |
| 587 | 587 |
|
| 588 |
if (($field['multiple'] != "") && ($field['multiple'] != "0")) |
|
| 588 |
if (($field['multiple'] != "") && ($field['multiple'] != "0")) {
|
|
| 589 | 589 |
$multiple = true; |
| 590 |
else
|
|
| 590 |
} else {
|
|
| 591 | 591 |
$multiple = false; |
| 592 |
} |
|
| 592 | 593 |
|
| 593 | 594 |
if ($field['add_to_interfaces_selection'] != "") {
|
| 594 | 595 |
if ($field['add_to_interfaces_selection'] == $value) {
|
| ... | ... | |
| 612 | 613 |
} |
| 613 | 614 |
} |
| 614 | 615 |
|
| 615 |
if ($value == $ifname) |
|
| 616 |
if ($value == $ifname) {
|
|
| 616 | 617 |
array_push($selected, $value); |
| 618 |
} |
|
| 617 | 619 |
|
| 618 | 620 |
$canecho = 0; |
| 619 | 621 |
if ($field['interface_filter'] != "") {
|
| ... | ... | |
| 673 | 675 |
foreach ($config['ca'] as $ca) {
|
| 674 | 676 |
$caname = htmlspecialchars($ca['descr']); |
| 675 | 677 |
|
| 676 |
if ($value == $caname) |
|
| 678 |
if ($value == $caname) {
|
|
| 677 | 679 |
$selected = $value; |
| 680 |
} |
|
| 678 | 681 |
|
| 679 | 682 |
$canecho = 0; |
| 680 | 683 |
if ($field['certca_filter'] != "") {
|
| ... | ... | |
| 998 | 1001 |
|
| 999 | 1002 |
<script type="text/javascript"> |
| 1000 | 1003 |
//<![CDATA[ |
| 1001 |
events.push(function(){
|
|
| 1004 |
events.push(function() {
|
|
| 1002 | 1005 |
enablechange(); |
| 1003 | 1006 |
disablechange(); |
| 1004 | 1007 |
showchange(); |
Also available in: Unified diff
Code style v w