lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fprina-master'

Browse Source
This commit is contained in:
Ad Schellevis 2018-10-01 21:46:15 +02:00
commit 1cd0c08082
2 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/etc/inc/plugins.inc.d/openvpn/auth-user.php
View File

@ -117,15 +117,19 @@ if (count($argv) > 6) {
$vpnid = filter_var($a_server['vpnid'], FILTER_SANITIZE_NUMBER_INT);
// fetch or create client specif override
$all_cso = openvpn_fetch_csc_list();
$common_name = empty($a_server['cso_login_matching']) ? $common_name : $username;
$login_type = empty($a_server['cso_login_matching']) ? "CN" : "USER";
if (!empty($all_cso[$vpnid][$common_name])) {
$cso = $all_cso[$vpnid][$common_name];
} else {
$cso = array("common_name" => $common_name);
}
$cso = array_merge($cso, parse_auth_properties($authenticator->getLastAuthProperties()));
$cso_filename = openvpn_csc_conf_write($cso, $a_server);
if (!empty($cso_filename)) {
syslog(LOG_NOTICE, "user '{$username}' authenticated using '{$authName}' cso :{$cso_filename}");
$tmp = empty($a_server['cso_login_matching']) ? "CSO [CN]" : "CSO [USER]";
syslog(LOG_NOTICE, "user '{$username}' authenticated using '{$authName}' {$tmp}:{$cso_filename}");
} else {
syslog(LOG_NOTICE, "user '{$username}' authenticated using '{$authName}'");
}

18
src/www/vpn_openvpn_server.php
View File

@ -69,7 +69,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1
,wins_server2,no_tun_ipv6,push_register_dns,dns_domain,local_group
,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,reneg-sec,use-common-name";
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,reneg-sec,use-common-name,cso_login_matching";
foreach (explode(",", $copy_fields) as $fieldname) {
$fieldname = trim($fieldname);
@ -117,7 +117,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1
,wins_server2,no_tun_ipv6,push_register_dns,dns_domain
,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec,use-common-name";
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec,use-common-name
,cso_login_matching";
foreach (explode(",", $init_fields) as $fieldname) {
$fieldname = trim($fieldname);
if (!isset($pconfig[$fieldname])) {
@ -347,7 +348,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,serverbridge_dhcp_end,dns_domain,dns_server1,dns_server2,dns_server3
,dns_server4,push_register_dns,ntp_server1,ntp_server2,netbios_enable
,netbios_ntype,netbios_scope,no_tun_ipv6,verbosity_level,wins_server1
,wins_server2,client_mgmt_port,strictusercn,reneg-sec,use-common-name";
,wins_server2,client_mgmt_port,strictusercn,reneg-sec,use-common-name,cso_login_matching";
foreach (explode(",", $copy_fields) as $fieldname) {
$fieldname = trim($fieldname);
@ -1585,6 +1586,17 @@ endif; ?>
</div>
</td>
</tr>
<tr id="chkboxLoginMatching">
<td style="width:22%"><a id="help_for_cso_login_matching" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Force CSO Login Matching"); ?></td>
<td>
<input name="cso_login_matching" type="checkbox" value="yes" <?=!empty($pconfig['cso_login_matching']) ? "checked=\"checked\"" : "" ;?> />
<div class="hidden" data-for="help_for_cso_login_matching">
<span>
<?=gettext("Use username instead of common name to match client specfic override."); ?><br />
</span>
</div>
</td>
</tr>
<tr>
<td style="width:22%">&nbsp;</td>
<td style="width:78%">