Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[5855] branches/1.0/package/webinterface/altweb
|
From: <abe...@us...> - 2013-01-03 22:37:15
|
Revision: 5855
http://astlinux.svn.sourceforge.net/astlinux/?rev=5855&view=rev
Author: abelbeck
Date: 2013-01-03 22:37:07 +0000 (Thu, 03 Jan 2013)
Log Message:
-----------
web interface, OpenVPN Server sub-tab, adds a new 'Private Key Size:' entry, 1024 or 2048 Bits
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/openvpn.php
branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php
branches/1.0/package/webinterface/altweb/common/version.php
Modified: branches/1.0/package/webinterface/altweb/admin/openvpn.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/openvpn.php 2013-01-03 19:18:59 UTC (rev 5854)
+++ branches/1.0/package/webinterface/altweb/admin/openvpn.php 2013-01-03 22:37:07 UTC (rev 5855)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2009 Lonnie Abelbeck
+// Copyright (C) 2008-2013 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -11,6 +11,7 @@
// 12-27-2008, Added Certificate Support
// 02-06-2009, Added tls-verify, temporarily disable clients
// 08-13-2010, Added QoS Passthrough, setting passtos
+// 01-03-2013, Added private keysize support
//
// System location of /mnt/kd/rc.conf.d directory
$OVPNCONFDIR = '/mnt/kd/rc.conf.d';
@@ -25,13 +26,24 @@
require_once '../common/openssl.php';
+if (is_file($OVPNCONFFILE)) {
+ $db = parseRCconf($OVPNCONFFILE);
+} else {
+ $db = NULL;
+}
+
// Function: openvpn_openssl()
//
-function openvpn_openssl() {
+function openvpn_openssl($keysize) {
global $global_prefs;
// System location of gui.network.conf file
$NETCONFFILE = '/mnt/kd/rc.conf.d/gui.network.conf';
+ if ($keysize === '') {
+ $keysize = '1024';
+ }
+ $opts['keysize'] = (int)$keysize;
+
if (($countryName = getPREFdef($global_prefs, 'dn_country_name_cmdstr')) === '') {
$countryName = 'US';
}
@@ -51,8 +63,8 @@
}
if (($commonName = getPREFdef($global_prefs, 'dn_common_name_cmdstr')) === '') {
if (is_file($NETCONFFILE)) {
- $db = parseRCconf($NETCONFFILE);
- if (($commonName = getVARdef($db, 'HOSTNAME').'.'.getVARdef($db, 'DOMAIN')) === '') {
+ $vars = parseRCconf($NETCONFFILE);
+ if (($commonName = getVARdef($vars, 'HOSTNAME').'.'.getVARdef($vars, 'DOMAIN')) === '') {
$commonName = 'pbx.astlinux';
}
} else {
@@ -62,10 +74,11 @@
if (($email = getPREFdef($global_prefs, 'dn_email_address_cmdstr')) === '') {
$email = 'in...@as...';
}
- $ssl = openvpnSETUP($countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email);
+ $ssl = openvpnSETUP($opts, $countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email);
return($ssl);
}
-$openssl = openvpn_openssl();
+$key_size = getVARdef($db, 'OVPN_CERT_KEYSIZE');
+$openssl = openvpn_openssl($key_size);
$cipher_menu = array (
'' => 'Default Cipher',
@@ -87,6 +100,11 @@
'yes' => 'Cert. + User/Pass'
);
+$key_size_menu = array (
+ '1024' => '1024 Bits',
+ '2048' => '2048 Bits'
+);
+
// Function: saveOVPNsettings
//
function saveOVPNsettings($conf_dir, $conf_file, $disabled = NULL) {
@@ -150,6 +168,9 @@
}
fwrite($fp, '"'."\n");
+ $value = 'OVPN_CERT_KEYSIZE="'.$_POST['key_size'].'"';
+ fwrite($fp, "### Private Key Size\n".$value."\n");
+
if (opensslOPENVPNis_valid($openssl)) {
$value = 'OVPN_CA="'.$openssl['key_dir'].'/ca.crt"';
fwrite($fp, "### CA File\n".$value."\n");
@@ -246,7 +267,8 @@
@unlink($openssl['config']);
}
// Rebuild openssl.cnf template for new CA
- if (($openssl = openvpn_openssl()) !== FALSE) {
+ $key_size = $_POST['key_size'];
+ if (($openssl = openvpn_openssl($key_size)) !== FALSE) {
if (opensslCREATEselfCert($openssl)) {
if (opensslCREATEserverCert($openssl)) {
if (opensslCREATEdh_pem($openssl)) {
@@ -336,12 +358,6 @@
$ACCESS_RIGHTS = 'admin';
require_once '../common/header.php';
- if (is_file($OVPNCONFFILE)) {
- $db = parseRCconf($OVPNCONFFILE);
- } else {
- $db = NULL;
- }
-
putHtml("<center>");
if (isset($_GET['result'])) {
$result = $_GET['result'];
@@ -558,6 +574,20 @@
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
putHtml('<strong>Server Certificate and Key:</strong>');
putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="2">');
+ putHtml('Private Key Size:</td><td style="text-align: left;" colspan="4">');
+ if (($key_size = getVARdef($db, 'OVPN_CERT_KEYSIZE')) === '') {
+ $key_size = '1024';
+ }
+ putHtml('<select name="key_size">');
+ foreach ($key_size_menu as $key => $value) {
+ $sel = ($key_size === (string)$key) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>');
+ }
+ putHtml('</select>');
+ putHtml('</td></tr>');
+
putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="3">');
putHtml('Create New Certificate and Key:</td><td class="dialogText" style="text-align: left;" colspan="3">');
$msg = '';
Modified: branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php 2013-01-03 19:18:59 UTC (rev 5854)
+++ branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php 2013-01-03 22:37:07 UTC (rev 5855)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2009 Lonnie Abelbeck
+// Copyright (C) 2008-2013 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -8,11 +8,12 @@
// openssl-openvpn.php for AstLinux
// 05-24-2009
+// 01-03-2013, Added private keysize support
//
// Function: openvpnSETUP()
//
-function openvpnSETUP($countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email) {
+function openvpnSETUP($opts, $countryName, $stateName, $localityName, $orgName, $orgUnit, $commonName, $email) {
// System location of OpenSSL default configuration file
$OPENSSL_CNF = '/usr/lib/ssl/openssl.cnf';
@@ -42,27 +43,27 @@
$ssl['configArgs'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'encrypt_key' => FALSE
);
$ssl['sign_ca'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'v3_ca',
'encrypt_key' => FALSE
);
$ssl['sign_server'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'openvpn_server',
'encrypt_key' => FALSE
);
$ssl['sign_client'] = array(
'config' => $ssl['config'],
'digest_alg' => 'sha1',
- 'private_key_bits' => 1024,
+ 'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'usr_cert',
'encrypt_key' => FALSE
);
Modified: branches/1.0/package/webinterface/altweb/common/version.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/version.php 2013-01-03 19:18:59 UTC (rev 5854)
+++ branches/1.0/package/webinterface/altweb/common/version.php 2013-01-03 22:37:07 UTC (rev 5855)
@@ -1,6 +1,6 @@
<?php
// version.php for AstLinux Alternate Web Interface
-$GUI_VERSION = '1.8.19';
+$GUI_VERSION = '1.8.20';
?>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
