Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[5516] branches/1.0/package/webinterface/altweb
|
From: <abe...@us...> - 2012-04-16 21:18:02
|
Revision: 5516
http://astlinux.svn.sourceforge.net/astlinux/?rev=5516&view=rev
Author: abelbeck
Date: 2012-04-16 21:17:55 +0000 (Mon, 16 Apr 2012)
Log Message:
-----------
web interface, add IPsec Mobile XAuth support
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php
branches/1.0/package/webinterface/altweb/admin/openvpn.php
branches/1.0/package/webinterface/altweb/admin/pptp.php
branches/1.0/package/webinterface/altweb/admin/system.php
branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php
branches/1.0/package/webinterface/altweb/common/version.php
Added Paths:
-----------
branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php
Modified: branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php 2012-04-16 18:11:21 UTC (rev 5515)
+++ branches/1.0/package/webinterface/altweb/admin/ipsecmobile.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -22,13 +22,25 @@
require_once '../common/openssl.php';
+if (is_file($IPSECMCONFFILE)) {
+ $db = parseRCconf($IPSECMCONFFILE);
+} else {
+ $db = NULL;
+}
+
// Function: ipsecmobile_openssl()
//
-function ipsecmobile_openssl() {
+function ipsecmobile_openssl($keysize, $dnsname) {
global $global_prefs;
// System location of gui.network.conf file
$NETCONFFILE = '/mnt/kd/rc.conf.d/gui.network.conf';
+ if ($keysize === '') {
+ $keysize = '1024';
+ }
+ $opts['keysize'] = (int)$keysize;
+ $opts['dnsname'] = $dnsname;
+
if (($countryName = getPREFdef($global_prefs, 'dn_country_name_cmdstr')) === '') {
$countryName = 'US';
}
@@ -48,8 +60,8 @@
}
if (($commonName = getPREFdef($global_prefs, 'dn_common_name_cmdstr')) === '') {
if (is_file($NETCONFFILE)) {
- $db = parseRCconf($NETCONFFILE);
- if (($commonName = getVARdef($db, 'HOSTNAME').'.'.getVARdef($db, 'DOMAIN')) === '') {
+ $vars = parseRCconf($NETCONFFILE);
+ if (($commonName = getVARdef($vars, 'HOSTNAME').'.'.getVARdef($vars, 'DOMAIN')) === '') {
$commonName = 'pbx.astlinux';
}
} else {
@@ -59,10 +71,12 @@
if (($email = getPREFdef($global_prefs, 'dn_email_address_cmdstr')) === '') {
$email = 'in...@as...';
}
- $ssl = ipsecmobileSETUP($countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email);
+ $ssl = ipsecmobileSETUP($opts, $countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email);
return($ssl);
}
-$openssl = ipsecmobile_openssl();
+$key_size = getVARdef($db, 'IPSECM_CERT_KEYSIZE');
+$dns_name = getVARdef($db, 'IPSECM_CERT_DNSNAME');
+$openssl = ipsecmobile_openssl($key_size, $dns_name);
$nat_t_menu = array (
'off' => 'Disable',
@@ -78,6 +92,11 @@
'debug' => 'Debug'
);
+$auth_method_menu = array (
+ 'rsasig' => 'Certificate',
+ 'xauth_rsa_server' => 'XAuth RSA'
+);
+
$p1_cypher_menu = array (
'aes 128' => 'AES 128',
'aes 192' => 'AES 192',
@@ -112,6 +131,11 @@
'modp1536' => '1536 (5)'
);
+$key_size_menu = array (
+ '1024' => '1024 Bits',
+ '2048' => '2048 Bits'
+);
+
// Function: saveIPSECMsettings
//
function saveIPSECMsettings($conf_dir, $conf_file) {
@@ -142,6 +166,9 @@
}
fwrite($fp, '"'."\n");
+ $value = 'IPSECM_AUTH_METHOD="'.$_POST['auth_method'].'"';
+ fwrite($fp, "### Auth Method\n".$value."\n");
+
$value = 'IPSECM_P1_CYPHER="'.$_POST['p1_cypher'].'"';
fwrite($fp, "### Phase 1 Encryption\n".$value."\n");
@@ -180,6 +207,12 @@
$value = 'IPSECM_P2_LIFETIME="'.trim($_POST['p2_lifetime']).'"';
fwrite($fp, "### Phase 2 Lifetime\n".$value."\n");
+ $value = 'IPSECM_CERT_KEYSIZE="'.$_POST['key_size'].'"';
+ fwrite($fp, "### Private Key Size\n".$value."\n");
+
+ $value = 'IPSECM_CERT_DNSNAME="'.str_replace(' ', '', $_POST['dns_name']).'"';
+ fwrite($fp, "### Server Cert DNS Name\n".$value."\n");
+
if (opensslIPSECMOBILEis_valid($openssl)) {
$value = 'IPSECM_RSA_PATH="'.$openssl['key_dir'].'"';
fwrite($fp, "### Certificate Directory\n".$value."\n");
@@ -223,13 +256,25 @@
} else {
$result = 2;
}
+ } elseif (isset($_POST['submit_xauth'])) {
+ $result = saveIPSECMsettings($IPSECMCONFDIR, $IPSECMCONFFILE);
+ header('Location: /admin/ipsecxauth.php');
+ exit;
} elseif (isset($_POST['submit_new_server'])) {
$result = 99;
if (isset($_POST['confirm_new_server'])) {
opensslDELETEkeys($openssl);
- if (opensslCREATEselfCert($openssl)) {
- if (opensslCREATEserverCert($openssl)) {
- $result = 30;
+ if (is_file($openssl['config'])) {
+ @unlink($openssl['config']);
+ }
+ // Rebuild openssl.cnf template for new CA
+ $key_size = $_POST['key_size'];
+ $dns_name = str_replace(' ', '', $_POST['dns_name']);
+ if (($openssl = ipsecmobile_openssl($key_size, $dns_name)) !== FALSE) {
+ if (opensslCREATEselfCert($openssl)) {
+ if (opensslCREATEserverCert($openssl)) {
+ $result = 30;
+ }
}
}
saveIPSECMsettings($IPSECMCONFDIR, $IPSECMCONFFILE);
@@ -312,12 +357,6 @@
$ACCESS_RIGHTS = 'admin';
require_once '../common/header.php';
- if (is_file($IPSECMCONFFILE)) {
- $db = parseRCconf($IPSECMCONFFILE);
- } else {
- $db = NULL;
- }
-
putHtml("<center>");
if (isset($_GET['result'])) {
$result = $_GET['result'];
@@ -353,9 +392,24 @@
}
putHtml("</center>");
?>
+ <script language="JavaScript" type="text/javascript">
+ //<![CDATA[
+ function auth_method_change() {
+ var form = document.getElementById("iform");
+ switch (form.auth_method.selectedIndex) {
+ case 0: // Certificate
+ form.submit_xauth.style.visibility = "hidden";
+ break;
+ case 1: // XAuth RSA
+ form.submit_xauth.style.visibility = "visible";
+ break;
+ }
+ }
+ //]]>
+ </script>
<center>
<table class="layout"><tr><td><center>
- <form method="post" action="<?php echo $myself;?>">
+ <form id="iform" method="post" action="<?php echo $myself;?>">
<table width="100%" class="stdtable">
<tr><td style="text-align: center;" colspan="2">
<h2>IPsec Mobile Server Configuration:</h2>
@@ -418,6 +472,22 @@
putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Auth Method:');
+ putHtml('</td><td style="text-align: left;" colspan="2">');
+ if (($auth_method = getVARdef($db, 'IPSECM_AUTH_METHOD')) === '') {
+ $auth_method = 'rsasig';
+ }
+ putHtml('<select name="auth_method" onchange="auth_method_change()">');
+ foreach ($auth_method_menu as $key => $value) {
+ $sel = ($auth_method === $key) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>');
+ }
+ putHtml('</select>');
+ putHtml('</td><td style="text-align: left;" colspan="3">');
+ putHtml('<input type="submit" value="XAuth Configuration" name="submit_xauth" class="button" />');
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
putHtml('Encryption:');
putHtml('</td><td style="text-align: left;" colspan="5">');
if (($p1_cypher = getVARdef($db, 'IPSECM_P1_CYPHER')) === '') {
@@ -519,6 +589,25 @@
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
putHtml('<strong>Server Certificate and Key:</strong>');
putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="2">');
+ putHtml('Private Key Size:</td><td style="text-align: left;" colspan="4">');
+ if (($key_size = getVARdef($db, 'IPSECM_CERT_KEYSIZE')) === '') {
+ $key_size = '1024';
+ }
+ putHtml('<select name="key_size">');
+ foreach ($key_size_menu as $key => $value) {
+ $sel = ($key_size === (string)$key) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>');
+ }
+ putHtml('</select>');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="2">');
+ putHtml('Server Cert DNS Name:</td><td style="text-align: left;" colspan="4">');
+ $value = getVARdef($db, 'IPSECM_CERT_DNSNAME');
+ putHtml('<input type="text" size="24" maxlength="128" value="'.$value.'" name="dns_name" />');
+ putHtml('</td></tr>');
+
putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="3">');
putHtml('Create New Certificate and Key:</td><td class="dialogText" style="text-align: left;" colspan="3">');
putHtml('<input type="submit" value="Create New" name="submit_new_server" />');
@@ -612,6 +701,11 @@
putHtml('</form>');
putHtml('</center></td></tr></table>');
putHtml('</center>');
+ putHtml('<script language="JavaScript" type="text/javascript">');
+ putHtml('//<![CDATA[');
+ putHtml('auth_method_change();');
+ putHtml('//]]>');
+ putHtml('</script>');
} // End of HTTP GET
require_once '../common/footer.php';
Added: branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php (rev 0)
+++ branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -0,0 +1,354 @@
+<?php
+
+// Copyright (C) 2012 Lonnie Abelbeck
+// This is free software, licensed under the GNU General Public License
+// version 3 as published by the Free Software Foundation; you can
+// redistribute it and/or modify it under the terms of the GNU
+// General Public License; and comes with ABSOLUTELY NO WARRANTY.
+
+// ipsecxauth.php for AstLinux
+// 16-04-2012
+//
+// System location of /mnt/kd/rc.conf.d directory
+$IPSECXAUTHCONFDIR = '/mnt/kd/rc.conf.d';
+// System location of gui.ipsecxauth.conf file
+$IPSECXAUTHCONFFILE = '/mnt/kd/rc.conf.d/gui.ipsecxauth.conf';
+
+$connections_menu = array (
+ '2' => '2 Users',
+ '4' => '4 Users',
+ '8' => '8 Users',
+ '16' => '16 Users',
+ '32' => '32 Users',
+ '64' => '64 Users'
+);
+
+$myself = $_SERVER['PHP_SELF'];
+
+require_once '../common/functions.php';
+
+// Function: ipsecGETclients
+//
+function ipsecGETclients($vars) {
+ $id = 0;
+
+ if (($line = getVARdef($vars, 'IPSECM_XAUTH_USER_PASS')) !== '') {
+ $linetokens = explode("\n", $line);
+ foreach ($linetokens as $data) {
+ if ($data !== '') {
+ $datatokens = explode(' ', $data);
+ $db['data'][$id]['user'] = $datatokens[0];
+ $db['data'][$id]['pass'] = $datatokens[1];
+ $id++;
+ }
+ }
+ }
+ // Sort by Username
+ if ($id > 1) {
+ foreach ($db['data'] as $key => $row) {
+ $user[$key] = $row['user'];
+ }
+ array_multisort($user, SORT_ASC, SORT_STRING, $db['data']);
+ }
+ return($db);
+}
+
+// Function: saveIPSECsettings
+//
+function saveIPSECsettings($conf_dir, $conf_file, $db, $delete = NULL) {
+ $result = 11;
+
+ if (! is_dir($conf_dir)) {
+ return(3);
+ }
+ if (($fp = @fopen($conf_file,"wb")) === FALSE) {
+ return(3);
+ }
+ fwrite($fp, "### gui.ipsecxauth.conf - start ###\n###\n");
+
+ $value = 'IPSECM_XAUTH_USER_PASS="';
+ fwrite($fp, "### Authentication\n".$value."\n");
+ if (count($db['data']) > 0) {
+ foreach ($db['data'] as $data) {
+ if ($data['user'] !== '' && $data['pass'] !== '') {
+ $skip = FALSE;
+ if (! is_null($delete)) {
+ foreach ($delete as $deluser) {
+ if ($deluser === $data['user']) {
+ $skip = TRUE;
+ break;
+ }
+ }
+ }
+ if (! $skip) {
+ fwrite($fp, $data['user'].' '.$data['pass']."\n");
+ }
+ }
+ }
+ }
+ fwrite($fp, '"'."\n");
+
+ $value = 'IPSECM_XAUTH_POOLSIZE="'.$_POST['pool_size'].'"';
+ fwrite($fp, "### Pool Size\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_POOLBASE="'.trim($_POST['pool_base']).'"';
+ fwrite($fp, "### Pool Base\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_POOLMASK="'.trim($_POST['pool_mask']).'"';
+ fwrite($fp, "### Pool Mask\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_DNS="'.trim($_POST['dns']).'"';
+ fwrite($fp, "### MS DNS\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_WINS="'.trim($_POST['wins']).'"';
+ fwrite($fp, "### MS WINS\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_NETWORK="'.trim($_POST['network']).'"';
+ fwrite($fp, "### Network\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_DOMAIN="'.trim($_POST['domain']).'"';
+ fwrite($fp, "### Default Domain\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_BANNER="'.trim($_POST['banner']).'"';
+ fwrite($fp, "### Login Message\n".$value."\n");
+
+ $value = 'IPSECM_XAUTH_SAVE_PASSWD="'.$_POST['save_passwd'].'"';
+ fwrite($fp, "### Save Password\n".$value."\n");
+
+ fwrite($fp, "### gui.ipsecxauth.conf - end ###\n");
+ fclose($fp);
+
+ return($result);
+}
+
+// Function: addUserPass
+//
+function addUserPass(&$db, $id) {
+
+ $user = str_replace(' ', '', $_POST['user']);
+ $pass = str_replace(' ', '', stripslashes($_POST['pass']));
+
+ if ($user === '') {
+ return(FALSE);
+ }
+ if ($pass === '') {
+ return(1);
+ }
+
+ $db['data'][$id]['user'] = $user;
+ $db['data'][$id]['pass'] = $pass;
+
+ return(TRUE);
+}
+
+if (is_file($IPSECXAUTHCONFFILE)) {
+ $vars = parseRCconf($IPSECXAUTHCONFFILE);
+} else {
+ $vars = NULL;
+}
+$db = ipsecGETclients($vars);
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+ $result = 1;
+ if (! $global_admin) {
+ $result = 999;
+ } elseif (isset($_POST['submit_save']) || isset($_POST['submit_ipsec_config'])) {
+ $n = count($db['data']);
+ $id = $n;
+ for ($i = 0; $i < $n; $i++) {
+ if ($db['data'][$i]['user'] === str_replace(' ', '', $_POST['user'])) {
+ $id = $i;
+ break;
+ }
+ }
+ $ok = addUserPass($db, $id);
+ $result = saveIPSECsettings($IPSECXAUTHCONFDIR, $IPSECXAUTHCONFFILE, $db);
+ if ($result == 11 && $ok === 1) {
+ $result = 12;
+ }
+ if (isset($_POST['submit_ipsec_config'])) {
+ header('Location: /admin/ipsecmobile.php');
+ exit;
+ }
+ } elseif (isset($_POST['submit_delete'])) {
+ $delete = $_POST['delete'];
+ if (count($delete) > 0) {
+ $result = saveIPSECsettings($IPSECXAUTHCONFDIR, $IPSECXAUTHCONFFILE, $db, $delete);
+ }
+ }
+ header('Location: '.$myself.'?result='.$result);
+ exit;
+} else { // Start of HTTP GET
+$ACCESS_RIGHTS = 'admin';
+require_once '../common/header.php';
+
+ putHtml('<center>');
+ if (isset($_GET['result'])) {
+ $result = $_GET['result'];
+ if ($result == 2) {
+ putHtml('<p style="color: red;">No Action, check "Confirm" for this action.</p>');
+ } elseif ($result == 3) {
+ putHtml('<p style="color: red;">Error creating file.</p>');
+ } elseif ($result == 11) {
+ putHtml('<p style="color: green;">Settings saved, click "IPsec Configuration" to return to previous screen.</p>');
+ } elseif ($result == 12) {
+ putHtml('<p style="color: red;">Missing Password, User not added.</p>');
+ } elseif ($result == 99) {
+ putHtml('<p style="color: red;">Action Failed.</p>');
+ } elseif ($result == 999) {
+ putHtml('<p style="color: red;">Permission denied for user "'.$global_user.'".</p>');
+ } else {
+ putHtml('<p style="color: orange;">No Action.</p>');
+ }
+ } else {
+ putHtml('<p> </p>');
+ }
+ putHtml('</center>');
+?>
+ <center>
+ <table class="layout"><tr><td><center>
+ <form method="post" action="<?php echo $myself;?>">
+ <table width="100%" class="stdtable">
+ <tr><td style="text-align: center;" colspan="3">
+ <h2>IPsec XAuth Configuration:</h2>
+ </td></tr><tr><td style="text-align: center;">
+ <input type="submit" class="formbtn" value="Save Settings" name="submit_save" />
+ </td><td style="text-align: center;">
+ <input type="submit" value="IPsec Configuration" name="submit_ipsec_config" class="button" />
+ </td><td style="text-align: center;">
+ <input type="submit" class="formbtn" value="Delete Checked" name="submit_delete" />
+ </td></tr></table>
+<?php
+
+ if (isset($_GET['id'])) {
+ $id = $_GET['id'];
+ $n = count($db['data']);
+ for ($i = 0; $i < $n; $i++) {
+ if ($id === $db['data'][$i]['user']) {
+ $ldb = $db['data'][$i];
+ break;
+ }
+ }
+ }
+ if (is_null($ldb)) {
+ $ldb['user'] = '';
+ $ldb['pass'] = '';
+ }
+
+ putHtml('<table width="100%" class="stdtable">');
+ putHtml('<tr class="dtrow0"><td width="180"> </td><td> </td></tr>');
+ putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="2">');
+ putHtml('<strong>XAuth Client Options:</strong>');
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Max. Connections:');
+ putHtml('</td><td style="text-align: left;">');
+ if (($pool_size = getVARdef($vars, 'IPSECM_XAUTH_POOLSIZE')) === '') {
+ $pool_size = '8';
+ }
+ putHtml('<select name="pool_size">');
+ foreach ($connections_menu as $key => $value) {
+ $sel = ($pool_size === (string)$key) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>');
+ }
+ putHtml('</select>');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Remote IPv4 Base:');
+ putHtml('</td><td style="text-align: left;">');
+ if (($value = getVARdef($vars, 'IPSECM_XAUTH_POOLBASE')) === '') {
+ $value = '10.9.1.1';
+ }
+ putHtml('<input type="text" size="36" maxlength="64" name="pool_base" value="'.$value.'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Remote IPv4 Mask:');
+ putHtml('</td><td style="text-align: left;">');
+ if (($value = getVARdef($vars, 'IPSECM_XAUTH_POOLMASK')) === '') {
+ $value = '255.255.255.0';
+ }
+ putHtml('<input type="text" size="36" maxlength="64" name="pool_mask" value="'.$value.'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('DNS Default Domain:');
+ putHtml('</td><td style="text-align: left;">');
+ $value = getVARdef($vars, 'IPSECM_XAUTH_DOMAIN');
+ putHtml('<input type="text" size="36" maxlength="128" name="domain" value="'.$value.'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('DNS:');
+ putHtml('</td><td style="text-align: left;">');
+ $value = getVARdef($vars, 'IPSECM_XAUTH_DNS');
+ putHtml('<input type="text" size="56" maxlength="128" name="dns" value="'.$value.'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('WINS:');
+ putHtml('</td><td style="text-align: left;">');
+ $value = getVARdef($vars, 'IPSECM_XAUTH_WINS');
+ putHtml('<input type="text" size="56" maxlength="128" name="wins" value="'.$value.'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Push Network(s):');
+ putHtml('</td><td style="text-align: left;">');
+ $value = getVARdef($vars, 'IPSECM_XAUTH_NETWORK');
+ putHtml('<input type="text" size="56" maxlength="128" name="network" value="'.$value.'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Connect Message:');
+ putHtml('</td><td style="text-align: left;">');
+ $value = getVARdef($vars, 'IPSECM_XAUTH_BANNER');
+ putHtml('<input type="text" size="56" maxlength="200" name="banner" value="'.$value.'" />');
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ putHtml('Save Remote Password:');
+ putHtml('</td><td style="text-align: left;">');
+ putHtml('<select name="save_passwd">');
+ $value = getVARdef($vars, 'IPSECM_XAUTH_SAVE_PASSWD');
+ $sel = ($value === 'no') ? ' selected="selected"' : '';
+ putHtml('<option value="no"'.$sel.'>No</option>');
+ $sel = ($value === 'yes') ? ' selected="selected"' : '';
+ putHtml('<option value="yes"'.$sel.'>Yes</option>');
+ putHtml('</select>');
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="2">');
+ putHtml('<strong>Client Credentials:</strong>');
+ putHtml('</td></tr>');
+ putHtml('<tr><td style="text-align: right;">');
+ putHtml('Username:');
+ putHtml('</td><td style="text-align: left;">');
+ putHtml('<input type="text" size="36" maxlength="64" name="user" value="'.$ldb['user'].'" />');
+ putHtml('</td></tr>');
+ putHtml('<tr><td style="text-align: right;">');
+ putHtml('Password:');
+ putHtml('</td><td style="text-align: left;">');
+ putHtml('<input type="password" size="36" maxlength="128" name="pass" value="'.$ldb['pass'].'" />');
+ putHtml('</td></tr>');
+ putHtml('</table>');
+
+ putHtml('<table width="66%" class="datatable">');
+ putHtml("<tr>");
+
+ if (($n = count($db['data'])) > 0) {
+ echo '<td class="dialogText" style="text-align: left; font-weight: bold;">', "Users", "</td>";
+ echo '<td class="dialogText" style="text-align: center; font-weight: bold;">', "Delete", "</td>";
+ for ($i = 0; $i < $n; $i++) {
+ putHtml("</tr>");
+ echo '<tr ', ($i % 2 == 0) ? 'class="dtrow0"' : 'class="dtrow1"', '>';
+ echo '<td><a href="'.$myself.'?id='.$db['data'][$i]['user'].'" class="actionText">'.$db['data'][$i]['user'].'</a>', '</td>';
+ echo '<td style="text-align: center;">', '<input type="checkbox" name="delete[]" value="', $db['data'][$i]['user'], '" />', '</td>';
+ }
+ } else {
+ echo '<td style="color: orange; text-align: center;">No Client Credentials.', '</td>';
+ }
+ putHtml("</tr>");
+ putHtml("</table>");
+ putHtml("</form>");
+ putHtml("</center></td></tr></table>");
+ putHtml("</center>");
+} // End of HTTP GET
+require_once '../common/footer.php';
+
+?>
Property changes on: branches/1.0/package/webinterface/altweb/admin/ipsecxauth.php
___________________________________________________________________
Added: svn:executable
+ *
Modified: branches/1.0/package/webinterface/altweb/admin/openvpn.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/openvpn.php 2012-04-16 18:11:21 UTC (rev 5515)
+++ branches/1.0/package/webinterface/altweb/admin/openvpn.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -226,10 +226,16 @@
$result = 99;
if (isset($_POST['confirm_new_server'])) {
opensslDELETEkeys($openssl);
- if (opensslCREATEselfCert($openssl)) {
- if (opensslCREATEserverCert($openssl)) {
- if (opensslCREATEdh_pem($openssl)) {
- $result = 30;
+ if (is_file($openssl['config'])) {
+ @unlink($openssl['config']);
+ }
+ // Rebuild openssl.cnf template for new CA
+ if (($openssl = openvpn_openssl()) !== FALSE) {
+ if (opensslCREATEselfCert($openssl)) {
+ if (opensslCREATEserverCert($openssl)) {
+ if (opensslCREATEdh_pem($openssl)) {
+ $result = 30;
+ }
}
}
}
Modified: branches/1.0/package/webinterface/altweb/admin/pptp.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/pptp.php 2012-04-16 18:11:21 UTC (rev 5515)
+++ branches/1.0/package/webinterface/altweb/admin/pptp.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -107,20 +107,22 @@
$value = 'PPTP_USER_PASS="';
fwrite($fp, "### Authentication\n".$value."\n");
- foreach ($db['data'] as $data) {
- if ($data['user'] !== '' && $data['pass'] !== '') {
- $skip = FALSE;
- if (! is_null($delete)) {
- foreach ($delete as $deluser) {
- if ($deluser === $data['user']) {
- $skip = TRUE;
- break;
+ if (count($db['data']) > 0) {
+ foreach ($db['data'] as $data) {
+ if ($data['user'] !== '' && $data['pass'] !== '') {
+ $skip = FALSE;
+ if (! is_null($delete)) {
+ foreach ($delete as $deluser) {
+ if ($deluser === $data['user']) {
+ $skip = TRUE;
+ break;
+ }
}
}
+ if (! $skip) {
+ fwrite($fp, $data['user'].' '.$data['pass']."\n");
+ }
}
- if (! $skip) {
- fwrite($fp, $data['user'].' '.$data['pass']."\n");
- }
}
}
fwrite($fp, '"'."\n");
Modified: branches/1.0/package/webinterface/altweb/admin/system.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/system.php 2012-04-16 18:11:21 UTC (rev 5515)
+++ branches/1.0/package/webinterface/altweb/admin/system.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -767,6 +767,7 @@
$var === 'GUI_FIREWALL_RULES' ||
$var === 'STATICHOSTS' ||
$var === 'PPTP_USER_PASS' ||
+ $var === 'IPSECM_XAUTH_USER_PASS' ||
$var === 'IPSEC_PSK_ASSOCIATIONS') {
$value = '********';
} elseif (strlen($value) > 56) {
Modified: branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php 2012-04-16 18:11:21 UTC (rev 5515)
+++ branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -12,7 +12,7 @@
// Function: ipsecmobileSETUP()
//
-function ipsecmobileSETUP($countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email) {
+function ipsecmobileSETUP($opts, $countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email) {
// System location of OpenSSL default configuration file
$OPENSSL_CNF = '/usr/lib/ssl/openssl.cnf';
@@ -30,6 +30,7 @@
'',
'[ ipsecmobile_server ]',
'basicConstraints=CA:FALSE',
+ ($opts['dnsname'] !== '' ? 'subjectAltName=DNS:'.$opts['dnsname'] : '#subjectAltName=DNS:vpn.astlinux.org'),
'nsCertType=server',
'nsComment="IPsec Mobile Server Certificate"',
'subjectKeyIdentifier=hash',
@@ -41,27 +42,27 @@
$ssl['configArgs'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'encrypt_key' => FALSE
);
$ssl['sign_ca'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'v3_ca',
'encrypt_key' => FALSE
);
$ssl['sign_server'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'ipsecmobile_server',
'encrypt_key' => FALSE
);
$ssl['sign_client'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'usr_cert',
'encrypt_key' => FALSE
);
Modified: branches/1.0/package/webinterface/altweb/common/version.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/version.php 2012-04-16 18:11:21 UTC (rev 5515)
+++ branches/1.0/package/webinterface/altweb/common/version.php 2012-04-16 21:17:55 UTC (rev 5516)
@@ -1,6 +1,6 @@
<?php
// version.php for AstLinux Alternate Web Interface
-$GUI_VERSION = '1.8.08';
+$GUI_VERSION = '1.8.09';
?>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
