From: <abe...@us...> - 2012-04-16 21:18:02
|
Revision: 5516 http://astlinux.svn.sourceforge.net/astlinux/?rev=5516&view=rev Author: abelbeck Date: 2012-04-16 21:17:55 +0000 (Mon, 16 Apr 2012) Log Message: ----------- web interface, add IPsec Mobile XAuth support Modified Paths: -------------- branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php branches/1.0/package/webinterface/altweb/admin/openvpn.php branches/1.0/package/webinterface/altweb/admin/pptp.php branches/1.0/package/webinterface/altweb/admin/system.php branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php branches/1.0/package/webinterface/altweb/common/version.php Added Paths: ----------- branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php Modified: branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php =================================================================== --- branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php 2012-04-16 18:11:21 UTC (rev 5515) +++ branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -22,13 +22,25 @@ require_once '../common/openssl.php'; +if (is_file($IPSECMCONFFILE)) { + $db = parseRCconf($IPSECMCONFFILE); +} else { + $db = NULL; +} + // Function: ipsecmobile_openssl() // -function ipsecmobile_openssl() { +function ipsecmobile_openssl($keysize, $dnsname) { global $global_prefs; // System location of gui.network.conf file $NETCONFFILE = '/mnt/kd/rc.conf.d/gui.network.conf'; + if ($keysize === '') { + $keysize = '1024'; + } + $opts['keysize'] = (int)$keysize; + $opts['dnsname'] = $dnsname; + if (($countryName = getPREFdef($global_prefs, 'dn_country_name_cmdstr')) === '') { $countryName = 'US'; } @@ -48,8 +60,8 @@ } if (($commonName = getPREFdef($global_prefs, 'dn_common_name_cmdstr')) === '') { if (is_file($NETCONFFILE)) { - $db = parseRCconf($NETCONFFILE); - if (($commonName = getVARdef($db, 'HOSTNAME').'.'.getVARdef($db, 'DOMAIN')) === '') { + $vars = parseRCconf($NETCONFFILE); + if (($commonName = getVARdef($vars, 'HOSTNAME').'.'.getVARdef($vars, 'DOMAIN')) === '') { $commonName = 'pbx.astlinux'; } } else { @@ -59,10 +71,12 @@ if (($email = getPREFdef($global_prefs, 'dn_email_address_cmdstr')) === '') { $email = 'in...@as...'; } - $ssl = ipsecmobileSETUP($countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email); + $ssl = ipsecmobileSETUP($opts, $countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email); return($ssl); } -$openssl = ipsecmobile_openssl(); +$key_size = getVARdef($db, 'IPSECM_CERT_KEYSIZE'); +$dns_name = getVARdef($db, 'IPSECM_CERT_DNSNAME'); +$openssl = ipsecmobile_openssl($key_size, $dns_name); $nat_t_menu = array ( 'off' => 'Disable', @@ -78,6 +92,11 @@ 'debug' => 'Debug' ); +$auth_method_menu = array ( + 'rsasig' => 'Certificate', + 'xauth_rsa_server' => 'XAuth RSA' +); + $p1_cypher_menu = array ( 'aes 128' => 'AES 128', 'aes 192' => 'AES 192', @@ -112,6 +131,11 @@ 'modp1536' => '1536 (5)' ); +$key_size_menu = array ( + '1024' => '1024 Bits', + '2048' => '2048 Bits' +); + // Function: saveIPSECMsettings // function saveIPSECMsettings($conf_dir, $conf_file) { @@ -142,6 +166,9 @@ } fwrite($fp, '"'."\n"); + $value = 'IPSECM_AUTH_METHOD="'.$_POST['auth_method'].'"'; + fwrite($fp, "### Auth Method\n".$value."\n"); + $value = 'IPSECM_P1_CYPHER="'.$_POST['p1_cypher'].'"'; fwrite($fp, "### Phase 1 Encryption\n".$value."\n"); @@ -180,6 +207,12 @@ $value = 'IPSECM_P2_LIFETIME="'.trim($_POST['p2_lifetime']).'"'; fwrite($fp, "### Phase 2 Lifetime\n".$value."\n"); + $value = 'IPSECM_CERT_KEYSIZE="'.$_POST['key_size'].'"'; + fwrite($fp, "### Private Key Size\n".$value."\n"); + + $value = 'IPSECM_CERT_DNSNAME="'.str_replace(' ', '', $_POST['dns_name']).'"'; + fwrite($fp, "### Server Cert DNS Name\n".$value."\n"); + if (opensslIPSECMOBILEis_valid($openssl)) { $value = 'IPSECM_RSA_PATH="'.$openssl['key_dir'].'"'; fwrite($fp, "### Certificate Directory\n".$value."\n"); @@ -223,13 +256,25 @@ } else { $result = 2; } + } elseif (isset($_POST['submit_xauth'])) { + $result = saveIPSECMsettings($IPSECMCONFDIR, $IPSECMCONFFILE); + header('Location: /admin/ipsecxauth.php'); + exit; } elseif (isset($_POST['submit_new_server'])) { $result = 99; if (isset($_POST['confirm_new_server'])) { opensslDELETEkeys($openssl); - if (opensslCREATEselfCert($openssl)) { - if (opensslCREATEserverCert($openssl)) { - $result = 30; + if (is_file($openssl['config'])) { + @unlink($openssl['config']); + } + // Rebuild openssl.cnf template for new CA + $key_size = $_POST['key_size']; + $dns_name = str_replace(' ', '', $_POST['dns_name']); + if (($openssl = ipsecmobile_openssl($key_size, $dns_name)) !== FALSE) { + if (opensslCREATEselfCert($openssl)) { + if (opensslCREATEserverCert($openssl)) { + $result = 30; + } } } saveIPSECMsettings($IPSECMCONFDIR, $IPSECMCONFFILE); @@ -312,12 +357,6 @@ $ACCESS_RIGHTS = 'admin'; require_once '../common/header.php'; - if (is_file($IPSECMCONFFILE)) { - $db = parseRCconf($IPSECMCONFFILE); - } else { - $db = NULL; - } - putHtml("<center>"); if (isset($_GET['result'])) { $result = $_GET['result']; @@ -353,9 +392,24 @@ } putHtml("</center>"); ?> + <script language="JavaScript" type="text/javascript"> + //<![CDATA[ + function auth_method_change() { + var form = document.getElementById("iform"); + switch (form.auth_method.selectedIndex) { + case 0: // Certificate + form.submit_xauth.style.visibility = "hidden"; + break; + case 1: // XAuth RSA + form.submit_xauth.style.visibility = "visible"; + break; + } + } + //]]> + </script> <center> <table class="layout"><tr><td><center> - <form method="post" action="<?php echo $myself;?>"> + <form id="iform" method="post" action="<?php echo $myself;?>"> <table width="100%" class="stdtable"> <tr><td style="text-align: center;" colspan="2"> <h2>IPsec Mobile Server Configuration:</h2> @@ -418,6 +472,22 @@ putHtml('</td></tr>'); putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Auth Method:'); + putHtml('</td><td style="text-align: left;" colspan="2">'); + if (($auth_method = getVARdef($db, 'IPSECM_AUTH_METHOD')) === '') { + $auth_method = 'rsasig'; + } + putHtml('<select name="auth_method" onchange="auth_method_change()">'); + foreach ($auth_method_menu as $key => $value) { + $sel = ($auth_method === $key) ? ' selected="selected"' : ''; + putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>'); + } + putHtml('</select>'); + putHtml('</td><td style="text-align: left;" colspan="3">'); + putHtml('<input type="submit" value="XAuth Configuration" name="submit_xauth" class="button" />'); + putHtml('</td></tr>'); + + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); putHtml('Encryption:'); putHtml('</td><td style="text-align: left;" colspan="5">'); if (($p1_cypher = getVARdef($db, 'IPSECM_P1_CYPHER')) === '') { @@ -519,6 +589,25 @@ putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">'); putHtml('<strong>Server Certificate and Key:</strong>'); putHtml('</td></tr>'); + + putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="2">'); + putHtml('Private Key Size:</td><td style="text-align: left;" colspan="4">'); + if (($key_size = getVARdef($db, 'IPSECM_CERT_KEYSIZE')) === '') { + $key_size = '1024'; + } + putHtml('<select name="key_size">'); + foreach ($key_size_menu as $key => $value) { + $sel = ($key_size === (string)$key) ? ' selected="selected"' : ''; + putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>'); + } + putHtml('</select>'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="2">'); + putHtml('Server Cert DNS Name:</td><td style="text-align: left;" colspan="4">'); + $value = getVARdef($db, 'IPSECM_CERT_DNSNAME'); + putHtml('<input type="text" size="24" maxlength="128" value="'.$value.'" name="dns_name" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="3">'); putHtml('Create New Certificate and Key:</td><td class="dialogText" style="text-align: left;" colspan="3">'); putHtml('<input type="submit" value="Create New" name="submit_new_server" />'); @@ -612,6 +701,11 @@ putHtml('</form>'); putHtml('</center></td></tr></table>'); putHtml('</center>'); + putHtml('<script language="JavaScript" type="text/javascript">'); + putHtml('//<![CDATA['); + putHtml('auth_method_change();'); + putHtml('//]]>'); + putHtml('</script>'); } // End of HTTP GET require_once '../common/footer.php'; Added: branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php =================================================================== --- branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php (rev 0) +++ branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -0,0 +1,354 @@ +<?php + +// Copyright (C) 2012 Lonnie Abelbeck +// This is free software, licensed under the GNU General Public License +// version 3 as published by the Free Software Foundation; you can +// redistribute it and/or modify it under the terms of the GNU +// General Public License; and comes with ABSOLUTELY NO WARRANTY. + +// ipsecxauth.php for AstLinux +// 16-04-2012 +// +// System location of /mnt/kd/rc.conf.d directory +$IPSECXAUTHCONFDIR = '/mnt/kd/rc.conf.d'; +// System location of gui.ipsecxauth.conf file +$IPSECXAUTHCONFFILE = '/mnt/kd/rc.conf.d/gui.ipsecxauth.conf'; + +$connections_menu = array ( + '2' => '2 Users', + '4' => '4 Users', + '8' => '8 Users', + '16' => '16 Users', + '32' => '32 Users', + '64' => '64 Users' +); + +$myself = $_SERVER['PHP_SELF']; + +require_once '../common/functions.php'; + +// Function: ipsecGETclients +// +function ipsecGETclients($vars) { + $id = 0; + + if (($line = getVARdef($vars, 'IPSECM_XAUTH_USER_PASS')) !== '') { + $linetokens = explode("\n", $line); + foreach ($linetokens as $data) { + if ($data !== '') { + $datatokens = explode(' ', $data); + $db['data'][$id]['user'] = $datatokens[0]; + $db['data'][$id]['pass'] = $datatokens[1]; + $id++; + } + } + } + // Sort by Username + if ($id > 1) { + foreach ($db['data'] as $key => $row) { + $user[$key] = $row['user']; + } + array_multisort($user, SORT_ASC, SORT_STRING, $db['data']); + } + return($db); +} + +// Function: saveIPSECsettings +// +function saveIPSECsettings($conf_dir, $conf_file, $db, $delete = NULL) { + $result = 11; + + if (! is_dir($conf_dir)) { + return(3); + } + if (($fp = @fopen($conf_file,"wb")) === FALSE) { + return(3); + } + fwrite($fp, "### gui.ipsecxauth.conf - start ###\n###\n"); + + $value = 'IPSECM_XAUTH_USER_PASS="'; + fwrite($fp, "### Authentication\n".$value."\n"); + if (count($db['data']) > 0) { + foreach ($db['data'] as $data) { + if ($data['user'] !== '' && $data['pass'] !== '') { + $skip = FALSE; + if (! is_null($delete)) { + foreach ($delete as $deluser) { + if ($deluser === $data['user']) { + $skip = TRUE; + break; + } + } + } + if (! $skip) { + fwrite($fp, $data['user'].' '.$data['pass']."\n"); + } + } + } + } + fwrite($fp, '"'."\n"); + + $value = 'IPSECM_XAUTH_POOLSIZE="'.$_POST['pool_size'].'"'; + fwrite($fp, "### Pool Size\n".$value."\n"); + + $value = 'IPSECM_XAUTH_POOLBASE="'.trim($_POST['pool_base']).'"'; + fwrite($fp, "### Pool Base\n".$value."\n"); + + $value = 'IPSECM_XAUTH_POOLMASK="'.trim($_POST['pool_mask']).'"'; + fwrite($fp, "### Pool Mask\n".$value."\n"); + + $value = 'IPSECM_XAUTH_DNS="'.trim($_POST['dns']).'"'; + fwrite($fp, "### MS DNS\n".$value."\n"); + + $value = 'IPSECM_XAUTH_WINS="'.trim($_POST['wins']).'"'; + fwrite($fp, "### MS WINS\n".$value."\n"); + + $value = 'IPSECM_XAUTH_NETWORK="'.trim($_POST['network']).'"'; + fwrite($fp, "### Network\n".$value."\n"); + + $value = 'IPSECM_XAUTH_DOMAIN="'.trim($_POST['domain']).'"'; + fwrite($fp, "### Default Domain\n".$value."\n"); + + $value = 'IPSECM_XAUTH_BANNER="'.trim($_POST['banner']).'"'; + fwrite($fp, "### Login Message\n".$value."\n"); + + $value = 'IPSECM_XAUTH_SAVE_PASSWD="'.$_POST['save_passwd'].'"'; + fwrite($fp, "### Save Password\n".$value."\n"); + + fwrite($fp, "### gui.ipsecxauth.conf - end ###\n"); + fclose($fp); + + return($result); +} + +// Function: addUserPass +// +function addUserPass(&$db, $id) { + + $user = str_replace(' ', '', $_POST['user']); + $pass = str_replace(' ', '', stripslashes($_POST['pass'])); + + if ($user === '') { + return(FALSE); + } + if ($pass === '') { + return(1); + } + + $db['data'][$id]['user'] = $user; + $db['data'][$id]['pass'] = $pass; + + return(TRUE); +} + +if (is_file($IPSECXAUTHCONFFILE)) { + $vars = parseRCconf($IPSECXAUTHCONFFILE); +} else { + $vars = NULL; +} +$db = ipsecGETclients($vars); + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $result = 1; + if (! $global_admin) { + $result = 999; + } elseif (isset($_POST['submit_save']) || isset($_POST['submit_ipsec_config'])) { + $n = count($db['data']); + $id = $n; + for ($i = 0; $i < $n; $i++) { + if ($db['data'][$i]['user'] === str_replace(' ', '', $_POST['user'])) { + $id = $i; + break; + } + } + $ok = addUserPass($db, $id); + $result = saveIPSECsettings($IPSECXAUTHCONFDIR, $IPSECXAUTHCONFFILE, $db); + if ($result == 11 && $ok === 1) { + $result = 12; + } + if (isset($_POST['submit_ipsec_config'])) { + header('Location: /admin/ipsecmobile.php'); + exit; + } + } elseif (isset($_POST['submit_delete'])) { + $delete = $_POST['delete']; + if (count($delete) > 0) { + $result = saveIPSECsettings($IPSECXAUTHCONFDIR, $IPSECXAUTHCONFFILE, $db, $delete); + } + } + header('Location: '.$myself.'?result='.$result); + exit; +} else { // Start of HTTP GET +$ACCESS_RIGHTS = 'admin'; +require_once '../common/header.php'; + + putHtml('<center>'); + if (isset($_GET['result'])) { + $result = $_GET['result']; + if ($result == 2) { + putHtml('<p style="color: red;">No Action, check "Confirm" for this action.</p>'); + } elseif ($result == 3) { + putHtml('<p style="color: red;">Error creating file.</p>'); + } elseif ($result == 11) { + putHtml('<p style="color: green;">Settings saved, click "IPsec Configuration" to return to previous screen.</p>'); + } elseif ($result == 12) { + putHtml('<p style="color: red;">Missing Password, User not added.</p>'); + } elseif ($result == 99) { + putHtml('<p style="color: red;">Action Failed.</p>'); + } elseif ($result == 999) { + putHtml('<p style="color: red;">Permission denied for user "'.$global_user.'".</p>'); + } else { + putHtml('<p style="color: orange;">No Action.</p>'); + } + } else { + putHtml('<p> </p>'); + } + putHtml('</center>'); +?> + <center> + <table class="layout"><tr><td><center> + <form method="post" action="<?php echo $myself;?>"> + <table width="100%" class="stdtable"> + <tr><td style="text-align: center;" colspan="3"> + <h2>IPsec XAuth Configuration:</h2> + </td></tr><tr><td style="text-align: center;"> + <input type="submit" class="formbtn" value="Save Settings" name="submit_save" /> + </td><td style="text-align: center;"> + <input type="submit" value="IPsec Configuration" name="submit_ipsec_config" class="button" /> + </td><td style="text-align: center;"> + <input type="submit" class="formbtn" value="Delete Checked" name="submit_delete" /> + </td></tr></table> +<?php + + if (isset($_GET['id'])) { + $id = $_GET['id']; + $n = count($db['data']); + for ($i = 0; $i < $n; $i++) { + if ($id === $db['data'][$i]['user']) { + $ldb = $db['data'][$i]; + break; + } + } + } + if (is_null($ldb)) { + $ldb['user'] = ''; + $ldb['pass'] = ''; + } + + putHtml('<table width="100%" class="stdtable">'); + putHtml('<tr class="dtrow0"><td width="180"> </td><td> </td></tr>'); + putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="2">'); + putHtml('<strong>XAuth Client Options:</strong>'); + putHtml('</td></tr>'); + + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Max. Connections:'); + putHtml('</td><td style="text-align: left;">'); + if (($pool_size = getVARdef($vars, 'IPSECM_XAUTH_POOLSIZE')) === '') { + $pool_size = '8'; + } + putHtml('<select name="pool_size">'); + foreach ($connections_menu as $key => $value) { + $sel = ($pool_size === (string)$key) ? ' selected="selected"' : ''; + putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>'); + } + putHtml('</select>'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Remote IPv4 Base:'); + putHtml('</td><td style="text-align: left;">'); + if (($value = getVARdef($vars, 'IPSECM_XAUTH_POOLBASE')) === '') { + $value = '10.9.1.1'; + } + putHtml('<input type="text" size="36" maxlength="64" name="pool_base" value="'.$value.'" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Remote IPv4 Mask:'); + putHtml('</td><td style="text-align: left;">'); + if (($value = getVARdef($vars, 'IPSECM_XAUTH_POOLMASK')) === '') { + $value = '255.255.255.0'; + } + putHtml('<input type="text" size="36" maxlength="64" name="pool_mask" value="'.$value.'" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('DNS Default Domain:'); + putHtml('</td><td style="text-align: left;">'); + $value = getVARdef($vars, 'IPSECM_XAUTH_DOMAIN'); + putHtml('<input type="text" size="36" maxlength="128" name="domain" value="'.$value.'" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('DNS:'); + putHtml('</td><td style="text-align: left;">'); + $value = getVARdef($vars, 'IPSECM_XAUTH_DNS'); + putHtml('<input type="text" size="56" maxlength="128" name="dns" value="'.$value.'" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('WINS:'); + putHtml('</td><td style="text-align: left;">'); + $value = getVARdef($vars, 'IPSECM_XAUTH_WINS'); + putHtml('<input type="text" size="56" maxlength="128" name="wins" value="'.$value.'" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Push Network(s):'); + putHtml('</td><td style="text-align: left;">'); + $value = getVARdef($vars, 'IPSECM_XAUTH_NETWORK'); + putHtml('<input type="text" size="56" maxlength="128" name="network" value="'.$value.'" />'); + putHtml('</td></tr>'); + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Connect Message:'); + putHtml('</td><td style="text-align: left;">'); + $value = getVARdef($vars, 'IPSECM_XAUTH_BANNER'); + putHtml('<input type="text" size="56" maxlength="200" name="banner" value="'.$value.'" />'); + putHtml('</td></tr>'); + + putHtml('<tr class="dtrow1"><td style="text-align: right;">'); + putHtml('Save Remote Password:'); + putHtml('</td><td style="text-align: left;">'); + putHtml('<select name="save_passwd">'); + $value = getVARdef($vars, 'IPSECM_XAUTH_SAVE_PASSWD'); + $sel = ($value === 'no') ? ' selected="selected"' : ''; + putHtml('<option value="no"'.$sel.'>No</option>'); + $sel = ($value === 'yes') ? ' selected="selected"' : ''; + putHtml('<option value="yes"'.$sel.'>Yes</option>'); + putHtml('</select>'); + putHtml('</td></tr>'); + + putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="2">'); + putHtml('<strong>Client Credentials:</strong>'); + putHtml('</td></tr>'); + putHtml('<tr><td style="text-align: right;">'); + putHtml('Username:'); + putHtml('</td><td style="text-align: left;">'); + putHtml('<input type="text" size="36" maxlength="64" name="user" value="'.$ldb['user'].'" />'); + putHtml('</td></tr>'); + putHtml('<tr><td style="text-align: right;">'); + putHtml('Password:'); + putHtml('</td><td style="text-align: left;">'); + putHtml('<input type="password" size="36" maxlength="128" name="pass" value="'.$ldb['pass'].'" />'); + putHtml('</td></tr>'); + putHtml('</table>'); + + putHtml('<table width="66%" class="datatable">'); + putHtml("<tr>"); + + if (($n = count($db['data'])) > 0) { + echo '<td class="dialogText" style="text-align: left; font-weight: bold;">', "Users", "</td>"; + echo '<td class="dialogText" style="text-align: center; font-weight: bold;">', "Delete", "</td>"; + for ($i = 0; $i < $n; $i++) { + putHtml("</tr>"); + echo '<tr ', ($i % 2 == 0) ? 'class="dtrow0"' : 'class="dtrow1"', '>'; + echo '<td><a href="'.$myself.'?id='.$db['data'][$i]['user'].'" class="actionText">'.$db['data'][$i]['user'].'</a>', '</td>'; + echo '<td style="text-align: center;">', '<input type="checkbox" name="delete[]" value="', $db['data'][$i]['user'], '" />', '</td>'; + } + } else { + echo '<td style="color: orange; text-align: center;">No Client Credentials.', '</td>'; + } + putHtml("</tr>"); + putHtml("</table>"); + putHtml("</form>"); + putHtml("</center></td></tr></table>"); + putHtml("</center>"); +} // End of HTTP GET +require_once '../common/footer.php'; + +?> Property changes on: branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php ___________________________________________________________________ Added: svn:executable + * Modified: branches/1.0/package/webinterface/altweb/admin/openvpn.php =================================================================== --- branches/1.0/package/webinterface/altweb/admin/openvpn.php 2012-04-16 18:11:21 UTC (rev 5515) +++ branches/1.0/package/webinterface/altweb/admin/openvpn.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -226,10 +226,16 @@ $result = 99; if (isset($_POST['confirm_new_server'])) { opensslDELETEkeys($openssl); - if (opensslCREATEselfCert($openssl)) { - if (opensslCREATEserverCert($openssl)) { - if (opensslCREATEdh_pem($openssl)) { - $result = 30; + if (is_file($openssl['config'])) { + @unlink($openssl['config']); + } + // Rebuild openssl.cnf template for new CA + if (($openssl = openvpn_openssl()) !== FALSE) { + if (opensslCREATEselfCert($openssl)) { + if (opensslCREATEserverCert($openssl)) { + if (opensslCREATEdh_pem($openssl)) { + $result = 30; + } } } } Modified: branches/1.0/package/webinterface/altweb/admin/pptp.php =================================================================== --- branches/1.0/package/webinterface/altweb/admin/pptp.php 2012-04-16 18:11:21 UTC (rev 5515) +++ branches/1.0/package/webinterface/altweb/admin/pptp.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -107,20 +107,22 @@ $value = 'PPTP_USER_PASS="'; fwrite($fp, "### Authentication\n".$value."\n"); - foreach ($db['data'] as $data) { - if ($data['user'] !== '' && $data['pass'] !== '') { - $skip = FALSE; - if (! is_null($delete)) { - foreach ($delete as $deluser) { - if ($deluser === $data['user']) { - $skip = TRUE; - break; + if (count($db['data']) > 0) { + foreach ($db['data'] as $data) { + if ($data['user'] !== '' && $data['pass'] !== '') { + $skip = FALSE; + if (! is_null($delete)) { + foreach ($delete as $deluser) { + if ($deluser === $data['user']) { + $skip = TRUE; + break; + } } } + if (! $skip) { + fwrite($fp, $data['user'].' '.$data['pass']."\n"); + } } - if (! $skip) { - fwrite($fp, $data['user'].' '.$data['pass']."\n"); - } } } fwrite($fp, '"'."\n"); Modified: branches/1.0/package/webinterface/altweb/admin/system.php =================================================================== --- branches/1.0/package/webinterface/altweb/admin/system.php 2012-04-16 18:11:21 UTC (rev 5515) +++ branches/1.0/package/webinterface/altweb/admin/system.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -767,6 +767,7 @@ $var === 'GUI_FIREWALL_RULES' || $var === 'STATICHOSTS' || $var === 'PPTP_USER_PASS' || + $var === 'IPSECM_XAUTH_USER_PASS' || $var === 'IPSEC_PSK_ASSOCIATIONS') { $value = '********'; } elseif (strlen($value) > 56) { Modified: branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php =================================================================== --- branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php 2012-04-16 18:11:21 UTC (rev 5515) +++ branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -12,7 +12,7 @@ // Function: ipsecmobileSETUP() // -function ipsecmobileSETUP($countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email) { +function ipsecmobileSETUP($opts, $countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email) { // System location of OpenSSL default configuration file $OPENSSL_CNF = '/usr/lib/ssl/openssl.cnf'; @@ -30,6 +30,7 @@ '', '[ ipsecmobile_server ]', 'basicConstraints=CA:FALSE', + ($opts['dnsname'] !== '' ? 'subjectAltName=DNS:'.$opts['dnsname'] : '#subjectAltName=DNS:vpn.astlinux.org'), 'nsCertType=server', 'nsComment="IPsec Mobile Server Certificate"', 'subjectKeyIdentifier=hash', @@ -41,27 +42,27 @@ $ssl['configArgs'] = array( 'config' => $ssl['config'], 'digest_alg' => 'sha1', - 'private_key_bits' => 1024, + 'private_key_bits' => $opts['keysize'], 'encrypt_key' => FALSE ); $ssl['sign_ca'] = array( 'config' => $ssl['config'], 'digest_alg' => 'sha1', - 'private_key_bits' => 1024, + 'private_key_bits' => $opts['keysize'], 'x509_extensions' => 'v3_ca', 'encrypt_key' => FALSE ); $ssl['sign_server'] = array( 'config' => $ssl['config'], 'digest_alg' => 'sha1', - 'private_key_bits' => 1024, + 'private_key_bits' => $opts['keysize'], 'x509_extensions' => 'ipsecmobile_server', 'encrypt_key' => FALSE ); $ssl['sign_client'] = array( 'config' => $ssl['config'], 'digest_alg' => 'sha1', - 'private_key_bits' => 1024, + 'private_key_bits' => $opts['keysize'], 'x509_extensions' => 'usr_cert', 'encrypt_key' => FALSE ); Modified: branches/1.0/package/webinterface/altweb/common/version.php =================================================================== --- branches/1.0/package/webinterface/altweb/common/version.php 2012-04-16 18:11:21 UTC (rev 5515) +++ branches/1.0/package/webinterface/altweb/common/version.php 2012-04-16 21:17:55 UTC (rev 5516) @@ -1,6 +1,6 @@ <?php // version.php for AstLinux Alternate Web Interface -$GUI_VERSION = '1.8.08'; +$GUI_VERSION = '1.8.09'; ?> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |