lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-16 01:24:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

(openvpn) add "Use common name" option to control username-as-common-name, closes https://github.com/opnsense/core/issues/1154

Browse Source
This commit is contained in:
Ad Schellevis 2016-08-25 16:17:05 +02:00
parent b218ce7d1a
commit 765164a0ea
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/etc/inc/openvpn.inc
View File

@ -580,7 +580,7 @@ function openvpn_reconfigure($mode, $settings, $device_only = false)
$conf .= "client-cert-not-required\n";
case 'server_tls_user':
/* username-as-common-name is not compatible with server-bridge */
if (stristr($conf, "server-bridge") === false) {
if (stristr($conf, "server-bridge") === false && empty($settings['use-common-name'])) {
$conf .= "username-as-common-name\n";
}
if (!empty($settings['authmode'])) {

20
src/www/vpn_openvpn_server.php
View File

@ -69,7 +69,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1
,wins_server2,no_tun_ipv6,push_register_dns,dns_domain
,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,reneg-sec";
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,reneg-sec,use-common-name";
foreach (explode(",", $copy_fields) as $fieldname) {
$fieldname = trim($fieldname);
@ -116,7 +116,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1
,wins_server2,no_tun_ipv6,push_register_dns,dns_domain
,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec";
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec,use-common-name";
foreach (explode(",", $init_fields) as $fieldname) {
$fieldname = trim($fieldname);
if (!isset($pconfig[$fieldname])) {
@ -340,7 +340,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,serverbridge_dhcp_end,dns_domain,dns_server1,dns_server2,dns_server3
,dns_server4,push_register_dns,ntp_server1,ntp_server2,netbios_enable
,netbios_ntype,netbios_scope,no_tun_ipv6,verbosity_level,wins_server1
,wins_server2,client_mgmt_port,strictusercn,reneg-sec";
,wins_server2,client_mgmt_port,strictusercn,reneg-sec,use-common-name";
foreach (explode(",", $copy_fields) as $fieldname) {
$fieldname = trim($fieldname);
@ -471,6 +471,7 @@ $( document ).ready(function() {
$(".opt_gwredir").hide();
}
$("#dev_mode").change();
$(window).resize();
});
$("#mode").change();
@ -573,7 +574,7 @@ $( document ).ready(function() {
}
});
$("#client_mgmt_port_enable").change();
$(window).resize();
}
});
@ -1485,6 +1486,17 @@ endif; ?>
</div>
</td>
</tr>
<tr class="opt_mode opt_mode_server_tls_user">
<td width="22%" ><a id="help_for_use-common-name" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Use common name"); ?></td>
<td>
<input name="use-common-name" type="checkbox" value="1" <?=!empty($pconfig['use-common-name']) ? "checked=\"checked\"" : "" ;?> />
<div class="hidden" for="help_for_use-common-name">
<span>
<?=gettext("When using a client certificate, use certificate common name for indexing purposes instead of username"); ?><br />
</span>
</div>
</td>
</tr>
</table>
</div>
</div>