From d7dfa801bb61a40c65ac9bdf0d96a59ebd7b6f0d Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 22 Mar 2016 14:20:01 +0100
Subject: [PATCH] (legacy) spaces and curly braces in openvpn_wizard.inc

---
 src/etc/inc/openvpn_wizard.inc | 1208 +++++++++++++++++---------------
 1 file changed, 633 insertions(+), 575 deletions(-)

diff --git a/src/etc/inc/openvpn_wizard.inc b/src/etc/inc/openvpn_wizard.inc
index 1506c0713..8492d3336 100644
--- a/src/etc/inc/openvpn_wizard.inc
+++ b/src/etc/inc/openvpn_wizard.inc
@@ -1,679 +1,737 @@
 <?php
 
 /*
-	Copyright (C) 2010 Ermal Luçi
-	All rights reserved.
+    Copyright (C) 2010 Ermal Luçi
+    All rights reserved.
 
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
 
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
 
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
 
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
 */
 require_once("openvpn.inc");
 require_once("pfsense-utils.inc");
 
-function cert_get_subject_hash($crt) {
-	$str_crt = base64_decode($crt);
-	$inf_crt = openssl_x509_parse($str_crt);
-	return $inf_crt['subject'];
+function cert_get_subject_hash($crt)
+{
+    $str_crt = base64_decode($crt);
+    $inf_crt = openssl_x509_parse($str_crt);
+    return $inf_crt['subject'];
 }
 
-function has_special_chars($text) {
-	return preg_match('/[^A-Za-z0-9 _-]/', $text);
+function has_special_chars($text)
+{
+    return preg_match('/[^A-Za-z0-9 _-]/', $text);
 }
 
-function step1_submitphpaction() {
-	global $stepid, $config;
-	if ($_POST['authtype'] == "local") {
-		$stepid = 4;
-		$config['ovpnserver']['step1']['type'] = "local";
-	} else if ($_POST['authtype'] == "ldap") {
-		$stepid = 0;
-	} else if ($_POST['authtype'] == "radius") {
-		$stepid = 2;
-		$config['ovpnserver']['step1']['type'] = "radius";
-		unset($config['ovpnserver']['step1']['uselist']);
-	}
+function step1_submitphpaction()
+{
+    global $stepid, $config;
+    if ($_POST['authtype'] == "local") {
+        $stepid = 4;
+        $config['ovpnserver']['step1']['type'] = "local";
+    } elseif ($_POST['authtype'] == "ldap") {
+        $stepid = 0;
+    } elseif ($_POST['authtype'] == "radius") {
+        $stepid = 2;
+        $config['ovpnserver']['step1']['type'] = "radius";
+        unset($config['ovpnserver']['step1']['uselist']);
+    }
 }
 
-function step2_stepbeforeformdisplay() {
-	global $pkg, $stepid;
+function step2_stepbeforeformdisplay()
+{
+    global $pkg, $stepid;
 
-	$fields =& $pkg['step'][1]['fields']['field'];
+    $fields =& $pkg['step'][1]['fields']['field'];
 
-	$found = false;
-	$authlist = auth_get_authserver_list();
-	$fields[1]['options']['option'] = array();
-	foreach ($authlist as $key => $auth) {
-		if ($auth['type'] != 'ldap') {
-			continue;
-		}
-		$found = true;
-		$opts = array();
-		$opts['name'] = $auth['name'];
-		$opts['value'] = $key;
-		$fields[1]['options']['option'][] = $opts;
-	}
-	if ($found == false) {
-		$stepid = 2;
-	}
+    $found = false;
+    $authlist = auth_get_authserver_list();
+    $fields[1]['options']['option'] = array();
+    foreach ($authlist as $key => $auth) {
+        if ($auth['type'] != 'ldap') {
+            continue;
+        }
+        $found = true;
+        $opts = array();
+        $opts['name'] = $auth['name'];
+        $opts['value'] = $key;
+        $fields[1]['options']['option'][] = $opts;
+    }
+    if ($found == false) {
+        $stepid = 2;
+    }
 }
 
-function step2_submitphpaction() {
-	global $stepid;
+function step2_submitphpaction()
+{
+    global $stepid;
 
-	if (isset($_POST['next'])) {
-		$_POST['uselist'] = "";
-		$stepid +=3;
-	}
+    if (isset($_POST['next'])) {
+        $_POST['uselist'] = "";
+        $stepid +=3;
+    }
 }
 
 function step3_submitphpaction() {
-	global $stepid, $savemsg, $config;
+    global $stepid, $savemsg, $config;
 
-	/* Default LDAP port is 389 for TCP and 636 for SSL */
-	if (empty($_POST['port'])) {
-		if ($_POST['transport'] == "tcp")
-			$config['ovpnserver']['step2']['port'] = 389;
-		elseif ($_POST['transport'] == "ssl")
-			$config['ovpnserver']['step2']['port'] = 636;
-	} elseif (!is_port($_POST['port'])) {
-		$stepid--;
-		$savemsg = "Please enter a valid port number.";
-	}
+    /* Default LDAP port is 389 for TCP and 636 for SSL */
+    if (empty($_POST['port'])) {
+        if ($_POST['transport'] == "tcp") {
+            $config['ovpnserver']['step2']['port'] = 389;
+        } elseif ($_POST['transport'] == "ssl") {
+            $config['ovpnserver']['step2']['port'] = 636;
+        }
+    } elseif (!is_port($_POST['port'])) {
+        $stepid--;
+        $savemsg = "Please enter a valid port number.";
+    }
 
-	if (empty($_POST['name']) || empty($_POST['ip']) ||empty($_POST['transport']) ||
-	     empty($_POST['scope']) || empty($_POST['basedn']) || empty($_POST['authscope']) || empty($_POST['nameattr'])) {
-		$stepid--;
-		$savemsg = "Please enter all information for authentication server.";
-	} else if (count(($authcfg = auth_get_authserver($_POST['name']))) > 0) {
-		$stepid--;
-		$savemsg = "Please choose a different name because an authentication server with this name already exists.";
-	} elseif (!is_fqdn($_POST['ip']) && !is_ipaddr($_POST['ip'])) {
-		$stepid--;
-		$savemsg = "Please enter a valid IP address or hostname for the authentication server.";
-	} else {
-		$config['ovpnserver']['step2']['uselist'] = "on";
-		$_POST['uselist'] = "on";
-		$stepid += 2;
-	}
+    if (empty($_POST['name']) || empty($_POST['ip']) ||empty($_POST['transport']) ||
+         empty($_POST['scope']) || empty($_POST['basedn']) || empty($_POST['authscope']) || empty($_POST['nameattr'])) {
+        $stepid--;
+        $savemsg = "Please enter all information for authentication server.";
+    } elseif (count(($authcfg = auth_get_authserver($_POST['name']))) > 0) {
+        $stepid--;
+        $savemsg = "Please choose a different name because an authentication server with this name already exists.";
+    } elseif (!is_fqdn($_POST['ip']) && !is_ipaddr($_POST['ip'])) {
+        $stepid--;
+        $savemsg = "Please enter a valid IP address or hostname for the authentication server.";
+    } else {
+        $config['ovpnserver']['step2']['uselist'] = "on";
+        $_POST['uselist'] = "on";
+        $stepid += 2;
+    }
 }
 
 function step4_stepbeforeformdisplay() {
-	global $pkg, $stepid;
+    global $pkg, $stepid;
 
-	$fields =& $pkg['step'][3]['fields']['field'];
+    $fields =& $pkg['step'][3]['fields']['field'];
 
-	$found = false;
-	$authlist = auth_get_authserver_list();
-	$fields[1]['options']['option'] = array();
-	foreach ($authlist as $key => $auth) {
-		if ($auth['type'] != 'radius') {
-			continue;
-		}
-		$found = true;
-		$opts = array();
-		$opts['name'] = $auth['name'];
-		$opts['value'] = $key;
-		$fields[1]['options']['option'][] = $opts;
-	}
-	if ($found == false)
-		$stepid = 4;
+    $found = false;
+    $authlist = auth_get_authserver_list();
+    $fields[1]['options']['option'] = array();
+    foreach ($authlist as $key => $auth) {
+        if ($auth['type'] != 'radius') {
+            continue;
+        }
+        $found = true;
+        $opts = array();
+        $opts['name'] = $auth['name'];
+        $opts['value'] = $key;
+        $fields[1]['options']['option'][] = $opts;
+    }
+    if ($found == false) {
+        $stepid = 4;
+    }
 }
 
-function step4_submitphpaction() {
-	global $stepid;
+function step4_submitphpaction()
+{
+    global $stepid;
 
-	if (isset($_POST['next'])) {
-		$_POST['uselist'] = "";
-		$stepid++;
-	}
+    if (isset($_POST['next'])) {
+        $_POST['uselist'] = "";
+        $stepid++;
+    }
 }
 
-function step5_submitphpaction() {
-	global $stepid, $savemsg, $config;
+function step5_submitphpaction()
+{
+    global $stepid, $savemsg, $config;
 
-	/* Default RADIUS Auth port = 1812 */
-	if (empty($_POST['port'])) {
-		$config['ovpnserver']['step2']['port'] = 1812;
-	} elseif (!is_port($_POST['port'])) {
-		$stepid--;
-		$savemsg = "Please enter a valid port number.";
-	}
+    /* Default RADIUS Auth port = 1812 */
+    if (empty($_POST['port'])) {
+        $config['ovpnserver']['step2']['port'] = 1812;
+    } elseif (!is_port($_POST['port'])) {
+        $stepid--;
+        $savemsg = "Please enter a valid port number.";
+    }
 
-	if (empty($_POST['name']) || empty($_POST['ip']) || empty($_POST['secret'])) {
-		$stepid--;
-		$savemsg = "Please enter all information for authentication server.";
-	} else if (count(($authcfg = auth_get_authserver($_POST['name']))) > 0) {
-		$stepid--;
-		$savemsg = "Please choose a different name because an authentication server with this name already exists.";
-	} elseif (!is_fqdn($_POST['ip']) && !is_ipaddr($_POST['ip'])) {
-		$stepid--;
-		$savemsg = "Please enter a valid IP address or hostname for the authentication server.";
-	} else {
-		$config['ovpnserver']['step2']['uselist'] = "on";
-		$_POST['uselist'] = "on";
-	}
+    if (empty($_POST['name']) || empty($_POST['ip']) || empty($_POST['secret'])) {
+        $stepid--;
+        $savemsg = "Please enter all information for authentication server.";
+    } elseif (count(($authcfg = auth_get_authserver($_POST['name']))) > 0) {
+        $stepid--;
+        $savemsg = "Please choose a different name because an authentication server with this name already exists.";
+    } elseif (!is_fqdn($_POST['ip']) && !is_ipaddr($_POST['ip'])) {
+        $stepid--;
+        $savemsg = "Please enter a valid IP address or hostname for the authentication server.";
+    } else {
+        $config['ovpnserver']['step2']['uselist'] = "on";
+        $_POST['uselist'] = "on";
+    }
 }
 
-function step6_stepbeforeformdisplay() {
-	global $stepid, $config;
+function step6_stepbeforeformdisplay()
+{
+    global $stepid, $config;
 
-	if (count($config['ca']) < 1) {
-		$stepid++;
-	}
+    if (count($config['ca']) < 1) {
+        $stepid++;
+    }
 }
 
-function step6_submitphpaction() {
-	global $stepid, $config;
+function step6_submitphpaction()
+{
+    global $stepid, $config;
 
-	if (isset($_POST['next'])) {
-		$_POST['uselist'] = "";
-		unset($config['ovpnserver']['step6']['uselist']);
-		$stepid++;
-	} else {
-		$config['ovpnserver']['step6']['uselist'] = "on";
-		$_POST['uselist'] = "on";
-	}
+    if (isset($_POST['next'])) {
+        $_POST['uselist'] = "";
+        unset($config['ovpnserver']['step6']['uselist']);
+        $stepid++;
+    } else {
+        $config['ovpnserver']['step6']['uselist'] = "on";
+        $_POST['uselist'] = "on";
+    }
 }
 
 function step7_submitphpaction() {
-	global $input_errors, $stepid, $savemsg, $_POST, $config;
+    global $input_errors, $stepid, $savemsg, $_POST, $config;
 
-	$canames = array();
-	$cacns = array();
-	if (is_array($config['ca'])) {
-		foreach($config['ca'] as $ca) {
-			$canames[] = $ca['descr'];
-			$cainfo = cert_get_subject_hash($ca['crt']);
-			$cacns[] = $cainfo["CN"];
-		}
-	}
+    $canames = array();
+    $cacns = array();
+    if (is_array($config['ca'])) {
+        foreach($config['ca'] as $ca) {
+            $canames[] = $ca['descr'];
+            $cainfo = cert_get_subject_hash($ca['crt']);
+            $cacns[] = $cainfo["CN"];
+        }
+    }
 
-	if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
-	    empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
-	    empty($_POST['organization']) || empty($_POST['email'])) {
-		$stepid--;
-		$savemsg = "Please enter all information for the new Certificate Authority.";
-	} elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) ||
-	    has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) {
-		$stepid--;
-		$input_errors[] = gettext("Please do not use special characters in Certificate field names.");
-	} elseif (in_array($_POST['descr'], $canames) || in_array($_POST['descr'], $cacns)) {
-		$stepid--;
-		$savemsg = "Please enter a different name for the Certicicate Authority. A Certificate Authority with that name already exists.";
-	} elseif (strlen($_POST['country']) != 2) {
-		$stepid--;
-		$savemsg = "Please enter only a two-letter ISO country code";
-	} else {
-		$config['ovpnserver']['step6']['uselist'] = "on";
-		$_POST['uselist'] = "on";
-	}
+    if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
+        empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
+        empty($_POST['organization']) || empty($_POST['email'])) {
+        $stepid--;
+        $savemsg = "Please enter all information for the new Certificate Authority.";
+    } elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) ||
+        has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) {
+        $stepid--;
+        $input_errors[] = gettext("Please do not use special characters in Certificate field names.");
+    } elseif (in_array($_POST['descr'], $canames) || in_array($_POST['descr'], $cacns)) {
+        $stepid--;
+        $savemsg = "Please enter a different name for the Certicicate Authority. A Certificate Authority with that name already exists.";
+    } elseif (strlen($_POST['country']) != 2) {
+        $stepid--;
+        $savemsg = "Please enter only a two-letter ISO country code";
+    } else {
+        $config['ovpnserver']['step6']['uselist'] = "on";
+        $_POST['uselist'] = "on";
+    }
 }
 
-function step8_stepbeforeformdisplay() {
-	global $stepid, $config;
+function step8_stepbeforeformdisplay()
+{
+    global $stepid, $config;
 
-	if (count($config['cert']) < 1 ||
-		(count($config['cert']) == 1 && stristr($config['cert'][0]['descr'], "webconf"))) {
-		$stepid++;
-	}
+    if (count($config['cert']) < 1 || (count($config['cert']) == 1 && stristr($config['cert'][0]['descr'], "webconf"))) {
+        $stepid++;
+    }
 }
 
 function step8_submitphpaction() {
-	global $stepid, $config, $_POST;
+  global $stepid, $config, $_POST;
 
-	if (isset($_POST['next'])) {
-		$_POST['uselist'] = "";
-		unset($config['ovpnserver']['step9']['uselist']);
-		$stepid++;
-	} else {
-		$config['ovpnserver']['step6']['uselist'] = "on";
-		$_POST['uselist'] = "on";
-	}
+  if (isset($_POST['next'])) {
+      $_POST['uselist'] = "";
+      unset($config['ovpnserver']['step9']['uselist']);
+      $stepid++;
+  } else {
+      $config['ovpnserver']['step6']['uselist'] = "on";
+      $_POST['uselist'] = "on";
+  }
 }
 
 function step9_stepbeforeformdisplay() {
-	global $config, $pkg, $stepid;
+    global $config, $pkg, $stepid;
 
-	$pconfig = $config['ovpnserver'];
+    $pconfig = $config['ovpnserver'];
 
-	if (isset($pconfig['step6']['uselist'])) {
-		$country = $pconfig['step6']['country'];
-		$state = $pconfig['step6']['state'];
-		$city = $pconfig['step6']['city'];
-		$org = $pconfig['step6']['organization'];
-		$email = $pconfig['step6']['email'];
-	} else {
-		$ca = lookup_ca($pconfig['step6']['authcertca']);
-		$cavl = cert_get_subject_array($ca['crt']);
-		$country = $cavl[0]['v'];
-		$state = $cavl[1]['v'];
-		$city = $cavl[2]['v'];
-		$org = $cavl[3]['v'];
-		$email = $cavl[4]['v'];
-	}
-	$fields =& $pkg['step'][$stepid]['fields']['field'];
+    if (isset($pconfig['step6']['uselist'])) {
+        $country = $pconfig['step6']['country'];
+        $state = $pconfig['step6']['state'];
+        $city = $pconfig['step6']['city'];
+        $org = $pconfig['step6']['organization'];
+        $email = $pconfig['step6']['email'];
+    } else {
+        $ca = lookup_ca($pconfig['step6']['authcertca']);
+        $cavl = cert_get_subject_array($ca['crt']);
+        $country = $cavl[0]['v'];
+        $state = $cavl[1]['v'];
+        $city = $cavl[2]['v'];
+        $org = $cavl[3]['v'];
+        $email = $cavl[4]['v'];
+    }
+    $fields =& $pkg['step'][$stepid]['fields']['field'];
 
-	foreach ($fields as $idx => $field) {
-		switch ($field['name']) {
-		case 'country':
-			$fields[$idx]['value'] = $country;
-			break;
-		case 'state':
-			$fields[$idx]['value'] = $state;
-			break;
-		case 'city':
-			$fields[$idx]['value'] = $city;
-			break;
-		case 'organization':
-			$fields[$idx]['value'] = $org;
-			break;
-		case 'email':
-			$fields[$idx]['value'] = $email;
-			break;
-		}
-	}
+    foreach ($fields as $idx => $field) {
+        switch ($field['name']) {
+            case 'country':
+                $fields[$idx]['value'] = $country;
+                break;
+            case 'state':
+                $fields[$idx]['value'] = $state;
+                break;
+            case 'city':
+                $fields[$idx]['value'] = $city;
+                break;
+            case 'organization':
+                $fields[$idx]['value'] = $org;
+                break;
+            case 'email':
+                $fields[$idx]['value'] = $email;
+                break;
+        }
+    }
 }
 
-function step9_submitphpaction() {
-	global $input_errors, $stepid, $savemsg, $_POST, $config;
+function step9_submitphpaction()
+{
+    global $input_errors, $stepid, $savemsg, $_POST, $config;
 
-	$certnames = array();
-	$certcns = array();
-	if (is_array($config['cert'])) {
-		foreach($config['cert'] as $cert) {
-			$certnames[] = $cert['descr'];
-			$certinfo = cert_get_subject_hash($cert['crt']);
-			$certcns[] = $certinfo["CN"];
-		}
-	}
+    $certnames = array();
+    $certcns = array();
+    if (is_array($config['cert'])) {
+        foreach($config['cert'] as $cert) {
+            $certnames[] = $cert['descr'];
+            $certinfo = cert_get_subject_hash($cert['crt']);
+            $certcns[] = $certinfo["CN"];
+        }
+    }
 
-	if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
-	    empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
-	    empty($_POST['organization']) || empty($_POST['email'])) {
-		$stepid--;
-		$savemsg = "Please enter all information for the new certificate.";
-	} elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) ||
-	    has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) {
-		$stepid--;
-		$input_errors[] = gettext("Please do not use special characters in Certificate field names.");
-	} elseif (in_array($_POST['descr'], $certnames) || in_array($_POST['descr'], $certcns)) {
-		$stepid--;
-		$savemsg = "Please enter a different name for the Certicicate. A Certificate with that name/common name already exists.";
-	} elseif (strlen($_POST['country']) != 2) {
-		$stepid--;
-		$savemsg = "Please enter only a two-letter ISO country code";
-	} else {
-		$config['ovpnserver']['step9']['uselist'] = "on";
-		$_POST['uselist'] = "on";
-	}
+    if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
+        empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
+        empty($_POST['organization']) || empty($_POST['email'])) {
+        $stepid--;
+        $savemsg = "Please enter all information for the new certificate.";
+    } elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) ||
+        has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) {
+        $stepid--;
+        $input_errors[] = gettext("Please do not use special characters in Certificate field names.");
+    } elseif (in_array($_POST['descr'], $certnames) || in_array($_POST['descr'], $certcns)) {
+        $stepid--;
+        $savemsg = "Please enter a different name for the Certicicate. A Certificate with that name/common name already exists.";
+    } elseif (strlen($_POST['country']) != 2) {
+        $stepid--;
+        $savemsg = "Please enter only a two-letter ISO country code";
+    } else {
+        $config['ovpnserver']['step9']['uselist'] = "on";
+        $_POST['uselist'] = "on";
+    }
 }
 
-function step10_stepbeforeformdisplay() {
-	global $pkg, $stepid, $netbios_nodetypes;
+function step10_stepbeforeformdisplay()
+{
+    global $pkg, $stepid, $netbios_nodetypes;
 
-	foreach ($pkg['step'][$stepid]['fields']['field'] as $idx => $field) {
-		if ($field['name'] == "crypto") {
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
-			$cipherlist = openvpn_get_cipherlist();
-			foreach ($cipherlist as $name => $desc) {
-				$opt = array();
-				$opt['name'] = $desc;
-				$opt['value'] = $name;
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
-			}
-		} else if ($field['name'] == "digest") {
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
-			$digestlist = openvpn_get_digestlist();
-			foreach ($digestlist as $name => $desc) {
-				$opt = array();
-				$opt['name'] = $desc;
-				$opt['value'] = $name;
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
-			}
-		} else if ($field['name'] == "compression") {
-			global $openvpn_compression_modes;
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
-			foreach ($openvpn_compression_modes as $name => $desc) {
-				$opt = array();
-				$opt['name'] = $desc;
-				$opt['value'] = $name;
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
-			}
-		} else if ($field['name'] == "engine") {
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
-			$engines = openvpn_get_engines();
-			foreach ($engines as $name => $desc) {
-				$opt = array();
-				$opt['name'] = $desc;
-				$opt['value'] = $name;
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
-			}
-		} else if ($field['name'] == "nbttype") {
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
-			foreach ($netbios_nodetypes as $type => $name) {
-				$opt = array();
-				$opt['name'] = $name;
-				$opt['value'] = $type;
-			$pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
-			}
-		} else if ($field['name'] == "localport") {
-			$pkg['step'][$stepid]['fields']['field'][$idx]['value'] = openvpn_port_next('UDP');
-		}
-	}
+    foreach ($pkg['step'][$stepid]['fields']['field'] as $idx => $field) {
+        if ($field['name'] == "crypto") {
+            $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+            $cipherlist = openvpn_get_cipherlist();
+            foreach ($cipherlist as $name => $desc) {
+                $opt = array();
+                $opt['name'] = $desc;
+                $opt['value'] = $name;
+                $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+            }
+        } elseif ($field['name'] == "digest") {
+            $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+            $digestlist = openvpn_get_digestlist();
+            foreach ($digestlist as $name => $desc) {
+                $opt = array();
+                $opt['name'] = $desc;
+                $opt['value'] = $name;
+                $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+            }
+        } elseif ($field['name'] == "compression") {
+            global $openvpn_compression_modes;
+            $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+            foreach ($openvpn_compression_modes as $name => $desc) {
+                $opt = array();
+                $opt['name'] = $desc;
+                $opt['value'] = $name;
+                $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+            }
+        } elseif ($field['name'] == "engine") {
+            $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+            $engines = openvpn_get_engines();
+            foreach ($engines as $name => $desc) {
+                $opt = array();
+                $opt['name'] = $desc;
+                $opt['value'] = $name;
+                $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+            }
+        } elseif ($field['name'] == "nbttype") {
+              $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array();
+              foreach ($netbios_nodetypes as $type => $name) {
+                  $opt = array();
+                  $opt['name'] = $name;
+                  $opt['value'] = $type;
+                  $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt;
+              }
+          } elseif ($field['name'] == "localport") {
+              $pkg['step'][$stepid]['fields']['field'][$idx]['value'] = openvpn_port_next('UDP');
+          }
+    }
 }
 
-function step10_submitphpaction() {
-	global $savemsg, $stepid;
+function step10_submitphpaction()
+{
+    global $savemsg, $stepid;
 
-	/* Default OpenVPN port to next available port if left empty. */
-	if (empty($_POST['localport']))
-		$pconfig["step10"]["localport"] = openvpn_port_next('UDP');
+    /* Default OpenVPN port to next available port if left empty. */
+    if (empty($_POST['localport'])) {
+        $pconfig["step10"]["localport"] = openvpn_port_next('UDP');
+    }
 
-	/* input validation */
-	if ($result = openvpn_validate_port($_POST['localport'], 'Local port'))
-		$input_errors[] = $result;
+    /* input validation */
+    if ($result = openvpn_validate_port($_POST['localport'], 'Local port')) {
+        $input_errors[] = $result;
+    }
 
-	if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel Network', false, "ipv4"))
-		$input_errors[] = $result;
+    if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel Network', false, "ipv4")) {
+        $input_errors[] = $result;
+    }
 
-	if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local Network', true, "ipv4"))
-		$input_errors[] = $result;
+    if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local Network', true, "ipv4")) {
+        $input_errors[] = $result;
+    }
 
-	$portused = openvpn_port_used($_POST['protocol'], $_POST['interface'], $_POST['localport']);
-	if ($portused != 0)
-		$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value.");
+    $portused = openvpn_port_used($_POST['protocol'], $_POST['interface'], $_POST['localport']);
+    if ($portused != 0) {
+        $input_errors[] = gettext("The specified 'Local port' is in use. Please select another value.");
+    }
 
-	if (!isset($_POST['generatetlskey']) && isset($_POST['tlsauthentication']))
-		if (!strstr($_POST['tlssharedkey'], "-----BEGIN OpenVPN Static key V1-----") ||
-			!strstr($_POST['tlssharedkey'], "-----END OpenVPN Static key V1-----"))
-			$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid.");
+    if (!isset($_POST['generatetlskey']) && isset($_POST['tlsauthentication'])) {
+        if (!strstr($_POST['tlssharedkey'], "-----BEGIN OpenVPN Static key V1-----") ||
+          !strstr($_POST['tlssharedkey'], "-----END OpenVPN Static key V1-----")) {
+              $input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid.");
+          }
+    }
 
-	if (!empty($_POST['dnsserver1']) && !is_ipaddr(trim($_POST['dnsserver1'])))
-		$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
-	if (!empty($_POST['dnsserver2']) && !is_ipaddr(trim($_POST['dnsserver2'])))
-		$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
-	if (!empty($_POST['dnsserver3']) && !is_ipaddr(trim($_POST['dnsserver3'])))
-		$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
-	if (!empty($_POST['dnsserver4']) && !is_ipaddr(trim($_POST['dnsserver4'])))
-		$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
+    if (!empty($_POST['dnsserver1']) && !is_ipaddr(trim($_POST['dnsserver1']))) {
+        $input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
+    }
+    if (!empty($_POST['dnsserver2']) && !is_ipaddr(trim($_POST['dnsserver2']))) {
+        $input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
+    }
+    if (!empty($_POST['dnsserver3']) && !is_ipaddr(trim($_POST['dnsserver3']))) {
+        $input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
+    }
+    if (!empty($_POST['dnsserver4']) && !is_ipaddr(trim($_POST['dnsserver4']))) {
+        $input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
+    }
 
-	if (!empty($_POST['ntpserver1']) && !is_ipaddr(trim($_POST['ntpserver1'])))
-		$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
-	if (!empty($_POST['ntpserver2']) && !is_ipaddr(trim($_POST['ntpserver2'])))
-		$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
+    if (!empty($_POST['ntpserver1']) && !is_ipaddr(trim($_POST['ntpserver1']))) {
+        $input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
+    }
+    if (!empty($_POST['ntpserver2']) && !is_ipaddr(trim($_POST['ntpserver2']))) {
+        $input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
+    }
 
-	if (!empty($_POST['winsserver1']) && !is_ipaddr(trim($_POST['winsserver1'])))
-		$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
-	if (!empty($_POST['winsserver2']) && !is_ipaddr(trim($_POST['winsserver2'])))
-		$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
+    if (!empty($_POST['winsserver1']) && !is_ipaddr(trim($_POST['winsserver1']))) {
+        $input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
+    }
+    if (!empty($_POST['winsserver2']) && !is_ipaddr(trim($_POST['winsserver2']))) {
+        $input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
+    }
 
-	if ($_POST['concurrentcon'] && !is_numeric($_POST['concurrentcon']))
-		$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
+    if ($_POST['concurrentcon'] && !is_numeric($_POST['concurrentcon'])) {
+        $input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
+    }
 
-	if (empty($_POST['tunnelnet']))
-		$input_errors[] = gettext("You must specify a 'Tunnel network'.");
+    if (empty($_POST['tunnelnet'])) {
+        $input_errors[] = gettext("You must specify a 'Tunnel network'.");
+    }
 
-	if (count($input_errors) > 0) {
-		$savemsg = $input_errors[0];
-		$stepid = $stepid - 1;
-	}
+    if (count($input_errors) > 0) {
+        $savemsg = $input_errors[0];
+        $stepid = $stepid - 1;
+    }
 }
 
-function step12_submitphpaction() {
-	global $config;
+function step12_submitphpaction()
+{
+    global $config;
 
-	$pconfig = $config['ovpnserver'];
+    $pconfig = $config['ovpnserver'];
 
-	if (!is_array($config['ovpnserver'])) {
-		$message = "No configuration found please retry again.";
-		header("Location:wizard.php?xml=openvpn&stepid=1&message={$message}");
-		exit;
-	}
+    if (!is_array($config['ovpnserver'])) {
+        $message = "No configuration found please retry again.";
+        header("Location:wizard.php?xml=openvpn&stepid=1&message={$message}");
+        exit;
+    }
 
-	if ($pconfig['step1']['type'] == "local") {
-		$auth = array();
-		$auth['name'] = "Local Database";
-		$auth['type'] = "local";
-	} else if (isset($pconfig['step2']['uselist'])) {
-		$auth = array();
-		$auth['type'] = $pconfig['step1']['type'];
-		$auth['refid'] = uniqid();
-		$auth['name'] = $pconfig['step2']['authtype'];
+    if ($pconfig['step1']['type'] == "local") {
+        $auth = array();
+        $auth['name'] = "Local Database";
+        $auth['type'] = "local";
+    } elseif (isset($pconfig['step2']['uselist'])) {
+        $auth = array();
+        $auth['type'] = $pconfig['step1']['type'];
+        $auth['refid'] = uniqid();
+        $auth['name'] = $pconfig['step2']['authtype'];
 
-		if ($auth['type'] == "ldap") {
-			$auth['host'] = $pconfig['step2']['ip'];
-			$auth['ldap_port'] = $pconfig['step2']['port'];
-			if ($pconfig['step1']['transport'] == "tcp")
-				$auth['ldap_urltype'] = 'TCP - Standard';
-			else
-				$auth['ldap_urltype'] = 'SSL - Encrypted';
-			$auth['ldap_protver'] = 3;
-			$auth['ldap_scope'] = $pconfig['step2']['scope'];
-			$auth['ldap_basedn'] = $pconfig['step2']['basedn'];
-			$auth['ldap_authcn'] = $pconfig['step2']['authscope'];
-			$auth['ldap_binddn'] = $pconfig['step2']['userdn'];
-			$auth['ldap_bindpw'] = $pconfig['step2']['passdn'];
-			$auth['ldap_attr_user'] = $pconfig['step1']['nameattr'];
-			$auth['ldap_attr_member'] = $pconfig['step1']['memberattr'];
-			$auth['ldap_attr_group'] = $pconfig['step1']['groupattr'];
-		} else if ($auth['type'] == "radius") {
-			$auth['host'] = $pconfig['step2']['ip'];
-			$auth['radius_auth_port'] = $pconfig['step2']['port'];
-			$auth['radius_secret'] = $pconfig['step2']['password'];
-			$auth['radius_srvcs'] = "auth";
-		}
-		if (!is_array($config['system']['authserver']))
-			$config['system']['authserver'] = array();
+        if ($auth['type'] == "ldap") {
+            $auth['host'] = $pconfig['step2']['ip'];
+            $auth['ldap_port'] = $pconfig['step2']['port'];
+            if ($pconfig['step1']['transport'] == "tcp") {
+                $auth['ldap_urltype'] = 'TCP - Standard';
+            } else {
+                $auth['ldap_urltype'] = 'SSL - Encrypted';
+            }
+            $auth['ldap_protver'] = 3;
+            $auth['ldap_scope'] = $pconfig['step2']['scope'];
+            $auth['ldap_basedn'] = $pconfig['step2']['basedn'];
+            $auth['ldap_authcn'] = $pconfig['step2']['authscope'];
+            $auth['ldap_binddn'] = $pconfig['step2']['userdn'];
+            $auth['ldap_bindpw'] = $pconfig['step2']['passdn'];
+            $auth['ldap_attr_user'] = $pconfig['step1']['nameattr'];
+            $auth['ldap_attr_member'] = $pconfig['step1']['memberattr'];
+            $auth['ldap_attr_group'] = $pconfig['step1']['groupattr'];
+        } elseif ($auth['type'] == "radius") {
+            $auth['host'] = $pconfig['step2']['ip'];
+            $auth['radius_auth_port'] = $pconfig['step2']['port'];
+            $auth['radius_secret'] = $pconfig['step2']['password'];
+            $auth['radius_srvcs'] = "auth";
+        }
+        if (!is_array($config['system']['authserver'])) {
+            $config['system']['authserver'] = array();
+        }
 
-		$config['system']['authserver'][] = $auth;
-	} else if (!isset($pconfig['step2']['uselist']) && empty($pconfig['step2']['authserv'])) {
-		$message = "Please choose an authentication server .";
-		header("Location:wizard.php?xml=openvpn&stepid=1&message={$message}");
-		exit;
-	} else if (!($auth = auth_get_authserver($pconfig['step2']['authserv']))) {
-		$message = "Not a valid authentication server has been specified.";
-		header("Location:wizard.php?xml=openvpn&stepid=1&message={$message}");
-		exit;
-	}
+        $config['system']['authserver'][] = $auth;
+    } elseif (!isset($pconfig['step2']['uselist']) && empty($pconfig['step2']['authserv'])) {
+        $message = "Please choose an authentication server .";
+        header("Location:wizard.php?xml=openvpn&stepid=1&message={$message}");
+        exit;
+    } elseif (!($auth = auth_get_authserver($pconfig['step2']['authserv']))) {
+        $message = "Not a valid authentication server has been specified.";
+        header("Location:wizard.php?xml=openvpn&stepid=1&message={$message}");
+        exit;
+    }
 
-	if (isset($pconfig['step6']['uselist']) && !empty($pconfig['step6']['certca'])) {
-		$ca = array();
-		$ca['refid'] = uniqid();
-		$ca['descr'] = $pconfig['step6']['certca'];
-		$dn = array(
-			'countryName' => $pconfig['step6']['country'],
-			'stateOrProvinceName' => $pconfig['step6']['state'],
-			'localityName' => $pconfig['step6']['city'],
-			'organizationName' => $pconfig['step6']['organization'],
-			'emailAddress' => $pconfig['step6']['email'],
-			'commonName' => $pconfig['step6']['certca']);
+    if (isset($pconfig['step6']['uselist']) && !empty($pconfig['step6']['certca'])) {
+        $ca = array();
+        $ca['refid'] = uniqid();
+        $ca['descr'] = $pconfig['step6']['certca'];
+        $dn = array(
+          'countryName' => $pconfig['step6']['country'],
+          'stateOrProvinceName' => $pconfig['step6']['state'],
+          'localityName' => $pconfig['step6']['city'],
+          'organizationName' => $pconfig['step6']['organization'],
+          'emailAddress' => $pconfig['step6']['email'],
+          'commonName' => $pconfig['step6']['certca']);
 
-		ca_create($ca, $pconfig['step6']['keylength'], $pconfig['step6']['lifetime'], $dn, "sha256");
-		if (!is_array($config['ca']))
-			$config['ca'] = array();
+        ca_create($ca, $pconfig['step6']['keylength'], $pconfig['step6']['lifetime'], $dn, "sha256");
+        if (!is_array($config['ca'])) {
+            $config['ca'] = array();
+        }
 
-		$config['ca'][] = $ca;
-	} else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step6']['authcertca'])) {
-		$message = "Please choose a Certificate Authority.";
-		header("Location:wizard.php?xml=openvpn&stepid=5&message={$message}");
-		exit;
-	} else if (!($ca = lookup_ca($pconfig['step6']['authcertca']))) {
-		$message = "Not a valid Certificate Authority specified.";
-		header("Location:wizard.php?xml=openvpn&stepid=5&message={$message}");
-		exit;
-	}
+        $config['ca'][] = $ca;
+    } elseif (!isset($pconfig['step6']['uselist']) && empty($pconfig['step6']['authcertca'])) {
+        $message = "Please choose a Certificate Authority.";
+        header("Location:wizard.php?xml=openvpn&stepid=5&message={$message}");
+        exit;
+    } elseif (!($ca = lookup_ca($pconfig['step6']['authcertca']))) {
+        $message = "Not a valid Certificate Authority specified.";
+        header("Location:wizard.php?xml=openvpn&stepid=5&message={$message}");
+        exit;
+    }
 
-	if (isset($pconfig['step9']['uselist'])) {
-		$cert = array();
-		$cert['refid'] = uniqid();
-		$cert['descr'] = $pconfig['step9']['certname'];
-		$dn = array(
-			'countryName' => $pconfig['step9']['country'],
-			'stateOrProvinceName' => $pconfig['step9']['state'],
-			'localityName' => $pconfig['step9']['city'],
-			'organizationName' => $pconfig['step9']['organization'],
-			'emailAddress' => $pconfig['step9']['email'],
-			'commonName' => $pconfig['step9']['certname']
-		);
+    if (isset($pconfig['step9']['uselist'])) {
+        $cert = array();
+        $cert['refid'] = uniqid();
+        $cert['descr'] = $pconfig['step9']['certname'];
+        $dn = array(
+          'countryName' => $pconfig['step9']['country'],
+          'stateOrProvinceName' => $pconfig['step9']['state'],
+          'localityName' => $pconfig['step9']['city'],
+          'organizationName' => $pconfig['step9']['organization'],
+          'emailAddress' => $pconfig['step9']['email'],
+          'commonName' => $pconfig['step9']['certname']
+        );
 
-		cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn, 'sha256', 'server_cert');
+        cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn, 'sha256', 'server_cert');
 
-		if (!is_array($config['cert'])) {
-			$config['cert'] = array();
-		}
+        if (!is_array($config['cert'])) {
+            $config['cert'] = array();
+        }
 
-		$config['cert'][] = $cert;
-	} else if (!isset($pconfig['step9']['uselist']) && empty($pconfig['step9']['authcertname'])) {
-		$message = "Please choose a Certificate.";
-		header("Location:wizard.php?xml=openvpn&stepid=7&message={$message}");
-		exit;
-	} else if (!($cert = lookup_cert($pconfig['step9']['authcertname']))) {
-		$message = "Not a valid Certificate specified.";
-		header("Location:wizard.php?xml=openvpn&stepid=7&message={$message}");
-		exit;
-	}
-	$server = array();
-	$server['vpnid'] = openvpn_vpnid_next();
-	switch ($auth['type']) {
-		case "ldap":
-			$server['authmode'] = $auth['name'];
-			$server['mode'] = "server_user";
-			break;
-		case "radius":
-			$server['authmode'] = $auth['name'];
-			$server['mode'] = "server_user";
-			break;
-		default:
-			$server['authmode'] = "Local Database";
-			$server['mode'] = "server_tls_user";
-			break;
-	}
-	$server['caref'] = $ca['refid'];
-	$server['certref'] = $cert['refid'];
-	$server['protocol'] = $pconfig['step10']['protocol'];
-	$server['interface'] = $pconfig['step10']['interface'];
-	if (isset($pconfig['step10']['localport']))
-		$server['local_port'] = $pconfig['step10']['localport'];
+        $config['cert'][] = $cert;
+    } elseif (!isset($pconfig['step9']['uselist']) && empty($pconfig['step9']['authcertname'])) {
+        $message = "Please choose a Certificate.";
+        header("Location:wizard.php?xml=openvpn&stepid=7&message={$message}");
+        exit;
+    } elseif (!($cert = lookup_cert($pconfig['step9']['authcertname']))) {
+        $message = "Not a valid Certificate specified.";
+        header("Location:wizard.php?xml=openvpn&stepid=7&message={$message}");
+        exit;
+    }
+    $server = array();
+    $server['vpnid'] = openvpn_vpnid_next();
+    switch ($auth['type']) {
+        case "ldap":
+            $server['authmode'] = $auth['name'];
+            $server['mode'] = "server_user";
+            break;
+        case "radius":
+            $server['authmode'] = $auth['name'];
+            $server['mode'] = "server_user";
+            break;
+        default:
+            $server['authmode'] = "Local Database";
+            $server['mode'] = "server_tls_user";
+            break;
+    }
+    $server['caref'] = $ca['refid'];
+    $server['certref'] = $cert['refid'];
+    $server['protocol'] = $pconfig['step10']['protocol'];
+    $server['interface'] = $pconfig['step10']['interface'];
+    if (isset($pconfig['step10']['localport'])) {
+        $server['local_port'] = $pconfig['step10']['localport'];
+    }
 
-	if (strlen($pconfig['step10']['descr']) > 30)
-		$pconfig['step10']['descr'] = substr($pconfig['step10']['descr'], 0, 30);
-	$server['description'] = $pconfig['step10']['descr'];
-	$server['custom_options'] = $pconfig['step10']['advanced'];
-	if (isset($pconfig['step10']['tlsauth'])) {
-		if (isset($pconfig['step10']['gentlskey']))
-			$tlskey = openvpn_create_key();
-		else
-			$tlskey = $pconfig['step10']['tlskey'];
-		$server['tls'] = base64_encode($tlskey);
-	}
-	$server['dh_length'] = $pconfig['step10']['dhkey'];
-	$server['tunnel_network'] = $pconfig['step10']['tunnelnet'];
-	if (isset($pconfig['step10']['rdrgw']))
-		$server['gwredir'] = $pconfig['step10']['rdrgw'];
-	if (isset($pconfig['step10']['localnet']))
-		$server['local_network'] = $pconfig['step10']['localnet'];
-	if (isset($pconfig['step10']['concurrentcon']))
-		$server['maxclients'] = $pconfig['step10']['concurrentcon'];
-	if (isset($pconfig['step10']['compression']))
-		$server['compression'] = $pconfig['step10']['compression'];
-	if (isset($pconfig['step10']['tos']))
-		$server['passtos'] = $pconfig['step10']['tos'];
-	if (isset($pconfig['step10']['interclient']))
-		$server['client2client'] = $pconfig['step10']['interclient'];
-	if (isset($pconfig['step10']['duplicate_cn']))
-		$server['duplicate_cn'] = $pconfig['step10']['duplicate_cn'];
-	if (isset($pconfig['step10']['dynip']))
-		$server['dynamic_ip'] = $pconfig['step10']['dynip'];
-	if (isset($pconfig['step10']['addrpool']))
-		$server['pool_enable'] = $pconfig['step10']['addrpool'];
-	if (isset($pconfig['step10']['defaultdomain']))
-		$server['dns_domain'] = $pconfig['step10']['defaultdomain'];
-	if (isset($pconfig['step10']['dns1']))
-		$server['dns_server1'] = $pconfig['step10']['dns1'];
-	if (isset($pconfig['step10']['dns2']))
-		$server['dns_server2'] = $pconfig['step10']['dns2'];
-	if (isset($pconfig['step10']['dns3']))
-		$server['dns_server3'] = $pconfig['step10']['dns3'];
-	if (isset($pconfig['step10']['dns4']))
-		$server['dns_server4'] = $pconfig['step10']['dns4'];
-	if (isset($pconfig['step10']['ntp1']))
-		$server['ntp_server1'] = $pconfig['step10']['ntp1'];
-	if (isset($pconfig['step10']['ntp2']))
-		$server['ntp_server2'] = $pconfig['step10']['ntp2'];
-	if (isset($pconfig['step10']['wins1']))
-		$server['wins_server1'] = $pconfig['step10']['wins1'];
-	if (isset($pconfig['step10']['wins2']))
-		$server['wins_server2'] = $pconfig['step10']['wins2'];
-	if (isset($pconfig['step10']['nbtenable'])) {
-		$server['netbios_ntype'] = $pconfig['step10']['nbttype'];
-		if (isset($pconfig['step10']['nbtscope']))
-			$server['netbios_scope'] = $pconfig['step10']['nbtscope'];
-		$server['netbios_enable'] = $pconfig['step10']['nbtenable'];
-	}
-	$server['crypto'] = $pconfig['step10']['crypto'];
-	$server['digest'] = $pconfig['step10']['digest'];
-	$server['engine'] = $pconfig['step10']['engine'];
+    if (strlen($pconfig['step10']['descr']) > 30) {
+        $pconfig['step10']['descr'] = substr($pconfig['step10']['descr'], 0, 30);
+    }
+    $server['description'] = $pconfig['step10']['descr'];
+    $server['custom_options'] = $pconfig['step10']['advanced'];
+    if (isset($pconfig['step10']['tlsauth'])) {
+        if (isset($pconfig['step10']['gentlskey'])) {
+            $tlskey = openvpn_create_key();
+        } else {
+            $tlskey = $pconfig['step10']['tlskey'];
+        }
+        $server['tls'] = base64_encode($tlskey);
+    }
+    $server['dh_length'] = $pconfig['step10']['dhkey'];
+    $server['tunnel_network'] = $pconfig['step10']['tunnelnet'];
+    if (isset($pconfig['step10']['rdrgw'])) {
+        $server['gwredir'] = $pconfig['step10']['rdrgw'];
+    }
+    if (isset($pconfig['step10']['localnet'])) {
+        $server['local_network'] = $pconfig['step10']['localnet'];
+    }
+    if (isset($pconfig['step10']['concurrentcon'])) {
+        $server['maxclients'] = $pconfig['step10']['concurrentcon'];
+    }
+    if (isset($pconfig['step10']['compression'])) {
+        $server['compression'] = $pconfig['step10']['compression'];
+    }
+    if (isset($pconfig['step10']['tos'])) {
+        $server['passtos'] = $pconfig['step10']['tos'];
+    }
+    if (isset($pconfig['step10']['interclient'])) {
+        $server['client2client'] = $pconfig['step10']['interclient'];
+    }
+    if (isset($pconfig['step10']['duplicate_cn'])) {
+        $server['duplicate_cn'] = $pconfig['step10']['duplicate_cn'];
+    }
+    if (isset($pconfig['step10']['dynip'])) {
+        $server['dynamic_ip'] = $pconfig['step10']['dynip'];
+    }
+    if (isset($pconfig['step10']['addrpool'])) {
+        $server['pool_enable'] = $pconfig['step10']['addrpool'];
+    }
+    if (isset($pconfig['step10']['defaultdomain'])) {
+        $server['dns_domain'] = $pconfig['step10']['defaultdomain'];
+    }
+    if (isset($pconfig['step10']['dns1'])) {
+        $server['dns_server1'] = $pconfig['step10']['dns1'];
+    }
+    if (isset($pconfig['step10']['dns2'])) {
+        $server['dns_server2'] = $pconfig['step10']['dns2'];
+    }
+    if (isset($pconfig['step10']['dns3'])) {
+        $server['dns_server3'] = $pconfig['step10']['dns3'];
+    }
+    if (isset($pconfig['step10']['dns4'])) {
+        $server['dns_server4'] = $pconfig['step10']['dns4'];
+    }
+    if (isset($pconfig['step10']['ntp1'])) {
+        $server['ntp_server1'] = $pconfig['step10']['ntp1'];
+    }
+    if (isset($pconfig['step10']['ntp2'])) {
+        $server['ntp_server2'] = $pconfig['step10']['ntp2'];
+    }
+    if (isset($pconfig['step10']['wins1'])) {
+        $server['wins_server1'] = $pconfig['step10']['wins1'];
+    }
+    if (isset($pconfig['step10']['wins2'])) {
+        $server['wins_server2'] = $pconfig['step10']['wins2'];
+    }
+    if (isset($pconfig['step10']['nbtenable'])) {
+        $server['netbios_ntype'] = $pconfig['step10']['nbttype'];
+        if (isset($pconfig['step10']['nbtscope'])) {
+            $server['netbios_scope'] = $pconfig['step10']['nbtscope'];
+        }
+        $server['netbios_enable'] = $pconfig['step10']['nbtenable'];
+    }
+    $server['crypto'] = $pconfig['step10']['crypto'];
+    $server['digest'] = $pconfig['step10']['digest'];
+    $server['engine'] = $pconfig['step10']['engine'];
 
-	if (isset($pconfig['step11']['ovpnrule'])) {
-		$rule = array();
-		$rule['descr'] = sprintf(gettext("OpenVPN %s wizard"),$server['description']);
-		/* Ensure the rule descr is not too long for pf to handle */
-		if (strlen($rule['descr']) > 52)
-			$rule['descr'] = substr($rule['descr'], 0, 52);
-		$rule['direction'] = "in";
-		$rule['source']['any'] = TRUE;
-		$rule['destination']['network'] = $server['interface'] . "ip";
-		$rule['destination']['port'] = $server['local_port'];
-		$rule['interface'] = $server['interface'];
-		$rule['protocol'] = strtolower($server['protocol']);
-		$rule['type'] = "pass";
-		$rule['enabled'] = "on";
-		$rule['created'] = make_config_revision_entry();
-		$config['filter']['rule'][] = $rule;
-	}
-	if (isset($pconfig['step11']['ovpnallow'])) {
-		$rule = array();
-		$rule['descr'] = sprintf(gettext("OpenVPN %s wizard"),$server['description']);
-		/* Ensure the rule descr is not too long for pf to handle */
-		if (strlen($rule['descr']) > 52)
-			$rule['descr'] = substr($rule['descr'], 0, 52);
-		$rule['source']['any'] = TRUE;
-		$rule['destination']['any'] = TRUE;
-		$rule['interface'] = "openvpn";
-		//$rule['protocol'] = $server['protocol'];
-		$rule['type'] = "pass";
-		$rule['enabled'] = "on";
-		$rule['created'] = make_config_revision_entry();
-		$config['filter']['rule'][] = $rule;
-	}
+    if (isset($pconfig['step11']['ovpnrule'])) {
+        $rule = array();
+        $rule['descr'] = sprintf(gettext("OpenVPN %s wizard"),$server['description']);
+        /* Ensure the rule descr is not too long for pf to handle */
+        if (strlen($rule['descr']) > 52) {
+            $rule['descr'] = substr($rule['descr'], 0, 52);
+        }
+        $rule['direction'] = "in";
+        $rule['source']['any'] = TRUE;
+        $rule['destination']['network'] = $server['interface'] . "ip";
+        $rule['destination']['port'] = $server['local_port'];
+        $rule['interface'] = $server['interface'];
+        $rule['protocol'] = strtolower($server['protocol']);
+        $rule['type'] = "pass";
+        $rule['enabled'] = "on";
+        $rule['created'] = make_config_revision_entry();
+        $config['filter']['rule'][] = $rule;
+    }
+    if (isset($pconfig['step11']['ovpnallow'])) {
+        $rule = array();
+        $rule['descr'] = sprintf(gettext("OpenVPN %s wizard"),$server['description']);
+        /* Ensure the rule descr is not too long for pf to handle */
+        if (strlen($rule['descr']) > 52) {
+            $rule['descr'] = substr($rule['descr'], 0, 52);
+        }
+        $rule['source']['any'] = TRUE;
+        $rule['destination']['any'] = TRUE;
+        $rule['interface'] = "openvpn";
+        //$rule['protocol'] = $server['protocol'];
+        $rule['type'] = "pass";
+        $rule['enabled'] = "on";
+        $rule['created'] = make_config_revision_entry();
+        $config['filter']['rule'][] = $rule;
+    }
 
-	if (!isset($config['openvpn']['openvpn-server'])) {
-		$config['openvpn']['openvpn-server'] = array();
-	}
+    if (!isset($config['openvpn']['openvpn-server'])) {
+        $config['openvpn']['openvpn-server'] = array();
+    }
 
-	$config['openvpn']['openvpn-server'][] = $server;
+    $config['openvpn']['openvpn-server'][] = $server;
 
-	openvpn_resync('server', $server);
-	write_config();
-	header("Location: vpn_openvpn_server.php");
-	exit;
+    openvpn_resync('server', $server);
+    write_config();
+    header("Location: vpn_openvpn_server.php");
+    exit;
 }