From 8464cfc31e496dd59e969a610b533c7a2ab760cd Mon Sep 17 00:00:00 2001 From: Max Weller Date: Thu, 10 Jan 2019 15:44:17 +0100 Subject: [PATCH] Generate correct config for "Hybrid-RSA + XAuth" IPSec (#3117) --- src/etc/inc/plugins.inc.d/ipsec.inc | 3 +-- src/www/vpn_ipsec_phase1.php | 6 ++++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc index 214e9c435..3282ee26c 100644 --- a/src/etc/inc/plugins.inc.d/ipsec.inc +++ b/src/etc/inc/plugins.inc.d/ipsec.inc @@ -1239,8 +1239,7 @@ function ipsec_configure_do($verbose = false, $interface = '') $authentication = "leftauth = pubkey\n\trightauth = pubkey"; break; case 'hybrid_rsa_server': - $authentication = "leftauth = xauth-generic\n\trightauth = pubkey"; - $authentication .= "\n\trightauth2 = xauth"; + $authentication = "leftauth = pubkey\n\trightauth = xauth"; break; } if (!empty($ph1ent['certref'])) { diff --git a/src/www/vpn_ipsec_phase1.php b/src/www/vpn_ipsec_phase1.php index fea5cdbf6..f775d36a3 100644 --- a/src/www/vpn_ipsec_phase1.php +++ b/src/www/vpn_ipsec_phase1.php @@ -201,6 +201,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { $reqdfieldsn = array(gettext("Pre-Shared Key")); break; case "hybrid_rsa_server": + $reqdfields = explode(' ', 'certref'); + $reqdfieldsn = array(gettext("Certificate")); + break; case "xauth_rsa_server": case "rsasig": $reqdfields = explode(" ", "caref certref"); @@ -491,6 +494,9 @@ include("head.inc"); } break; case 'hybrid_rsa_server': + $('.auth_eap_tls').show(); + $('.auth_eap_tls :input').prop('disabled', false); + break; case 'xauth_rsa_server': case 'rsasig': case 'rsa_eap-mschapv2':