From 765164a0eafa9976b47cf7ca307240819a1e8bcd Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Thu, 25 Aug 2016 16:17:05 +0200 Subject: [PATCH] (openvpn) add "Use common name" option to control username-as-common-name, closes https://github.com/opnsense/core/issues/1154 --- src/etc/inc/openvpn.inc | 2 +- src/www/vpn_openvpn_server.php | 20 ++++++++++++++++---- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc index 10708a674..824433a26 100644 --- a/src/etc/inc/openvpn.inc +++ b/src/etc/inc/openvpn.inc @@ -580,7 +580,7 @@ function openvpn_reconfigure($mode, $settings, $device_only = false) $conf .= "client-cert-not-required\n"; case 'server_tls_user': /* username-as-common-name is not compatible with server-bridge */ - if (stristr($conf, "server-bridge") === false) { + if (stristr($conf, "server-bridge") === false && empty($settings['use-common-name'])) { $conf .= "username-as-common-name\n"; } if (!empty($settings['authmode'])) { diff --git a/src/www/vpn_openvpn_server.php b/src/www/vpn_openvpn_server.php index 0e5127ff8..58a2fc814 100644 --- a/src/www/vpn_openvpn_server.php +++ b/src/www/vpn_openvpn_server.php @@ -69,7 +69,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1 ,wins_server2,no_tun_ipv6,push_register_dns,dns_domain ,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length - ,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,reneg-sec"; + ,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,reneg-sec,use-common-name"; foreach (explode(",", $copy_fields) as $fieldname) { $fieldname = trim($fieldname); @@ -116,7 +116,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1 ,wins_server2,no_tun_ipv6,push_register_dns,dns_domain ,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length - ,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec"; + ,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec,use-common-name"; foreach (explode(",", $init_fields) as $fieldname) { $fieldname = trim($fieldname); if (!isset($pconfig[$fieldname])) { @@ -340,7 +340,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ,serverbridge_dhcp_end,dns_domain,dns_server1,dns_server2,dns_server3 ,dns_server4,push_register_dns,ntp_server1,ntp_server2,netbios_enable ,netbios_ntype,netbios_scope,no_tun_ipv6,verbosity_level,wins_server1 - ,wins_server2,client_mgmt_port,strictusercn,reneg-sec"; + ,wins_server2,client_mgmt_port,strictusercn,reneg-sec,use-common-name"; foreach (explode(",", $copy_fields) as $fieldname) { $fieldname = trim($fieldname); @@ -471,6 +471,7 @@ $( document ).ready(function() { $(".opt_gwredir").hide(); } $("#dev_mode").change(); + $(window).resize(); }); $("#mode").change(); @@ -573,7 +574,7 @@ $( document ).ready(function() { } }); $("#client_mgmt_port_enable").change(); - + $(window).resize(); } }); @@ -1485,6 +1486,17 @@ endif; ?> + + + + /> + + +