lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 03:16:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

small cleanups for https://github.com/opnsense/core/pull/2748

Browse Source
This commit is contained in:
Ad Schellevis 2018-10-01 21:45:41 +02:00
parent 076ec93ce4
commit c314ac09e4
2 changed files with 11 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/etc/inc/plugins.inc.d/openvpn/auth-user.php
View File

@ -115,28 +115,21 @@ if (count($argv) > 6) {
if ($authenticator) {
if ($authenticator->authenticate($username, $password)) {
$vpnid = filter_var($a_server['vpnid'], FILTER_SANITIZE_NUMBER_INT);
$cso_login_matching = $a_server['cso_login_matching'];
// fetch or create client specif override
$all_cso = openvpn_fetch_csc_list();
if (empty($cso_login_matching)){
syslog(LOG_NOTICE, "CSO Login - CN" );
if (!empty($all_cso[$vpnid][$common_name])) {
$cso = $all_cso[$vpnid][$common_name];
} else {
$cso = array("common_name" => $common_name);
}
$common_name = empty($a_server['cso_login_matching']) ? $common_name : $username;
$login_type = empty($a_server['cso_login_matching']) ? "CN" : "USER";
if (!empty($all_cso[$vpnid][$common_name])) {
$cso = $all_cso[$vpnid][$common_name];
} else {
syslog(LOG_NOTICE, "CSO Login - USER" );
if (!empty($all_cso[$vpnid][$username])) {
$cso = $all_cso[$vpnid][$username];
} else {
$cso = array("common_name" => $username);
}
$cso = array("common_name" => $common_name);
}
$cso = array_merge($cso, parse_auth_properties($authenticator->getLastAuthProperties()));
$cso_filename = openvpn_csc_conf_write($cso, $a_server);
if (!empty($cso_filename)) {
syslog(LOG_NOTICE, "user '{$username}' authenticated using '{$authName}' cso :{$cso_filename}");
$tmp = empty($a_server['cso_login_matching']) ? "CSO [CN]" : "CSO [USER]";
syslog(LOG_NOTICE, "user '{$username}' authenticated using '{$authName}' {$tmp}:{$cso_filename}");
} else {
syslog(LOG_NOTICE, "user '{$username}' authenticated using '{$authName}'");
}

5
src/www/vpn_openvpn_server.php
View File

@ -117,7 +117,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
,ntp_server2,netbios_enable,netbios_ntype,netbios_scope,wins_server1
,wins_server2,no_tun_ipv6,push_register_dns,dns_domain
,client_mgmt_port,verbosity_level,caref,crlref,certref,dh_length
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec,use-common-name,cso_login_matching";
,cert_depth,strictusercn,digest,disable,duplicate_cn,vpnid,shared_key,tls,reneg-sec,use-common-name
,cso_login_matching";
foreach (explode(",", $init_fields) as $fieldname) {
$fieldname = trim($fieldname);
if (!isset($pconfig[$fieldname])) {
@ -1591,7 +1592,7 @@ endif; ?>
<input name="cso_login_matching" type="checkbox" value="yes" <?=!empty($pconfig['cso_login_matching']) ? "checked=\"checked\"" : "" ;?> />
<div class="hidden" data-for="help_for_cso_login_matching">
<span>
<?=gettext("Use Login instead CN to match against CSO."); ?><br />
<?=gettext("Use username instead of common name to match client specfic override."); ?><br />
</span>
</div>
</td>