[Astlinux-commits] SF.net SVN: astlinux:[5970] branches/1.0/package/webinterface/altweb

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 5970
          http://astlinux.svn.sourceforge.net/astlinux/?rev=5970&view=rev
Author:   abelbeck
Date:     2013-02-25 17:46:56 +0000 (Mon, 25 Feb 2013)
Log Message:
-----------
web interface, OpenVPN Server - add 'openvpn-pkcs12' format for desktop clients where the added security of a password protected local private key is desired

Modified Paths:
--------------
    branches/1.0/package/webinterface/altweb/admin/openvpn.php
    branches/1.0/package/webinterface/altweb/common/openssl.php

Modified: branches/1.0/package/webinterface/altweb/admin/openvpn.php
===================================================================

--- branches/1.0/package/webinterface/altweb/admin/openvpn.php	2013-02-24 17:23:04 UTC (rev 5969)
+++ branches/1.0/package/webinterface/altweb/admin/openvpn.php	2013-02-25 17:46:56 UTC (rev 5970)
@@ -484,6 +484,11 @@
           if (($ovpn = preg_filter('/<cert>.*<\/cert>/s', '', $ovpn)) !== NULL) {
             if (($ovpn = preg_filter('/<key>.*<\/key>/s', '', $ovpn)) !== NULL) {
               $zip->addFromString($value.'/openvpn-nocert-nokey/'.$value.'.ovpn', $ovpn);
+              if (($ovpn = preg_filter('/<ca>.*<\/ca>/s', '', $ovpn)) !== NULL) {
+                $ovpn .= "pkcs12 $value.p12\n";
+                $zip->addFromString($value.'/openvpn-pkcs12/'.$value.'.ovpn', $ovpn);
+                $zip->addFromString($value.'/openvpn-pkcs12/'.$value.'.p12', $p12);
+              }
             }
           }
           if ($tls_auth_file !== '') {

Modified: branches/1.0/package/webinterface/altweb/common/openssl.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl.php	2013-02-24 17:23:04 UTC (rev 5969)
+++ branches/1.0/package/webinterface/altweb/common/openssl.php	2013-02-25 17:46:56 UTC (rev 5970)
@@ -260,12 +260,16 @@
         $readme .= "$commonName-ta.key - TLS-Auth key which adds an additional HMAC signature to all SSL/TLS handshake packets.\n";
         $readme .= "Note: File '$commonName-ta.key' is not encrypted and must be kept secure.\n\n";
       }
-      $readme .= "Directory 'openvpn-cert-key':\n";
-      $readme .= "$commonName.ovpn - OpenVPN certificate profile, contains client certificate and private key.\n";
+      $readme .= "Folder: 'openvpn-cert-key'\n";
+      $readme .= "$commonName.ovpn - OpenVPN CA-CERT-KEY profile, contains client certificate and private key.\n";
       $readme .= "Note: File 'openvpn-cert-key/$commonName.ovpn' is not encrypted and must be kept secure.\n\n";
 
-      $readme .= "Directory 'openvpn-nocert-nokey':\n";
-      $readme .= "$commonName.ovpn - OpenVPN certificate profile, use with file '$commonName.p12' for client devices.\n\n";
+      $readme .= "Folder: 'openvpn-nocert-nokey'\n";
+      $readme .= "$commonName.ovpn - OpenVPN CA profile, use separately with the above '$commonName.p12' file for client devices.\n\n";
+
+      $readme .= "Folder: 'openvpn-pkcs12'\n";
+      $readme .= "$commonName.ovpn - OpenVPN profile, use paired with the file '$commonName.p12'.\n";
+      $readme .= "$commonName.p12 - A password protected PKCS#12 container, use paired with the file '$commonName.ovpn'.\n\n";
     }
   }
 

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



