diff --git a/src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api/InstancesController.php b/src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api/InstancesController.php index 9c3230213..658060e21 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api/InstancesController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api/InstancesController.php @@ -96,14 +96,16 @@ class InstancesController extends ApiMutableModelControllerBase return $this->delBase('StaticKeys.StaticKey', $uuid); } - public function genKeyAction() + public function genKeyAction($type='secret') { - $key = (new Backend())->configdRun("openvpn genkey"); - if (strpos($key, '-----BEGIN') > 0) { - return [ - 'result' => 'ok', - 'key' => trim($key) - ]; + if (in_array($type, ['secret', 'auth-token'])) { + $key = (new Backend())->configdpRun("openvpn genkey", [$type]); + if (strpos($key, '-----BEGIN') !== false) { + return [ + 'result' => 'ok', + 'key' => trim($key) + ]; + } } return ['result' => 'failed']; } diff --git a/src/opnsense/mvc/app/views/OPNsense/OpenVPN/instances.volt b/src/opnsense/mvc/app/views/OPNsense/OpenVPN/instances.volt index c4eec920d..2d5536f93 100644 --- a/src/opnsense/mvc/app/views/OPNsense/OpenVPN/instances.volt +++ b/src/opnsense/mvc/app/views/OPNsense/OpenVPN/instances.volt @@ -61,12 +61,11 @@ }); $("#instance\\.role, #instance\\.dev_type").change(function(){ - const show_advanced = $("#show_advanced_formDialogDialogInstance").hasClass("fa-toggle-on"); + const show_advanced = $("#show_advanced_formDialogdialog_dialogInstance").hasClass("fa-toggle-on"); const this_role = $("#instance\\.role").val(); const this_dev_type = $("#instance\\.dev_type").val(); $(".role").each(function(){ const tr = $(this).closest("tr").hide(); - if ((tr.data('advanced') === true && show_advanced) || !tr.data('advanced')) { if ($(this).hasClass('role_' + this_role) || $(this).hasClass('role_' + this_role + '_' + this_dev_type)) { tr.show(); @@ -79,15 +78,25 @@ }); // move "generate key" inside form dialog - $("#row_statickey\\.mode > td:eq(1) > div:last").before($("#keygen_div").detach().show()); + $("#control_label_instance\\.auth-gen-token-secret").before($("#keygen_auth_token_div").detach().show()); + $("#keygen").click(function(){ - ajaxGet("/api/openvpn/instances/gen_key", {}, function(data, status){ + ajaxGet("/api/openvpn/instances/gen_key/secret", {}, function(data, status){ if (data.result && data.result === 'ok') { $("#statickey\\.key").val(data.key); } }); - }) + }); + + $("#keygen_auth_token").click(function(){ + ajaxGet("/api/openvpn/instances/gen_key/auth-token", {}, function(data, status){ + if (data.result && data.result === 'ok') { + $("#instance\\.auth-gen-token-secret").val(data.key); + } + }); + }); + $("#reconfigureAct").SimpleActionButton(); }); @@ -110,6 +119,11 @@
+ {{ partial('layout_partials/base_bootgrid_table', formGridInstance)}}
diff --git a/src/opnsense/service/conf/actions.d/actions_openvpn.conf b/src/opnsense/service/conf/actions.d/actions_openvpn.conf index d9bcaac02..be78b6ac6 100644 --- a/src/opnsense/service/conf/actions.d/actions_openvpn.conf +++ b/src/opnsense/service/conf/actions.d/actions_openvpn.conf @@ -11,10 +11,10 @@ type:script_output message:Kill OpenVPN session %s - %s [genkey] -command:/usr/local/sbin/openvpn --genkey secret /dev/stdout -parameters: +command:/usr/local/sbin/openvpn +parameters:--genkey %s /dev/stdout type:script_output -message: Generate new OpenVPN static key +message: Generate new OpenVPN static %s key [start] command:/usr/local/opnsense/scripts/openvpn/ovpn_service_control.php