WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns address deleted txt
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dns servers
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: disk access per
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: gen dh
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dns address deleted txt
< dnsforward
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dnsforward
< dnsforward add a new entry
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dnsforward
< dnsforward add a new entry
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
< countrycode
< country codes and flags
< day-graph
+< default
< default ip
< deprecated fs warn
< details
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< disk access per
< dnat address
< dnsforward
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
### Save main settings
###
-
if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
#DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
goto SETTINGS_ERROR;
}
}
- if ($errormessage) { goto SETTINGS_ERROR; }
-
+
if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
$errormessage = $Lang::tr{'ovpn subnet is invalid'};
goto SETTINGS_ERROR;
print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/certs/servercert.pem`;
exit(0);
}
+
+###
+### Download Diffie-Hellman parameter
+###
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download dh parameter'}) {
+ if ( -f "${General::swroot}/ovpn/ca/dh1024.pem" ) {
+ print "Content-Type: application/octet-stream\r\n";
+ print "Content-Disposition: filename=dh1024.pem\r\n\r\n";
+ print `/usr/bin/openssl dhparam -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ exit(0);
+ }
+
###
### Form for generating a root certificate
###
<option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
- <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'}, $Lang::tr{'default'})</option>
<option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
<option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
<option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
END
;
my $col1="bgcolor='$color{'color22'}'";
- my $col2="bgcolor='$color{'color20'}'";
+ my $col2="bgcolor='$color{'color20'}'";
+ my $col3="bgcolor='$color{'color22'}'";
+
if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
$casubject =~ /Subject: (.*)[\n]/;
;
}
+ # Adding DH parameter to chart
+ if (-f "${General::swroot}/ovpn/ca/dh1024.pem") {
+ my $dhsubject = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ $dhsubject =~ /PKCS#3 (.*)[\n]/;
+ $dhsubject = $1;
+
+
+ print <<END;
+ <tr>
+ <td class='base' $col3>$Lang::tr{'dh parameter'}</td>
+ <td class='base' $col3>$dhsubject</td>
+ <form method='post' name='frmdhparam'><td width='3%' align='center' $col3>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show dh'}' />
+ <input type='image' name='$Lang::tr{'show dh'}' src='/images/info.gif' alt='$Lang::tr{'show dh'}' title='$Lang::tr{'show dh'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmdhparam'><td width='3%' align='center' $col3>
+ <input type='image' name="$Lang::tr{'download dh parameter'}" src='/images/media-floppy.png' alt="$Lang::tr{'download dh parameter'}" title="$Lang::tr{'download dh parameter'}" border='0' />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download dh parameter'}" />
+ </td></form>
+ <td width='4%' $col3> </td></tr>
+END
+ ;
+ } else {
+ # Nothing
+ print <<END;
+ <tr>
+ <td width='25%' class='base' $col3>$Lang::tr{'dh parameter'}:</td>
+ <td class='base' $col3>$Lang::tr{'not present'}</td>
+ </td><td colspan='3' $col3> </td></tr>
+END
+ ;
+ }
+
if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
print "<tr><td colspan='5' align='center'><form method='post'>";
print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
<td nowrap='nowrap'><size='15' align='left'/></td>
<td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
</tr>
- <tr>
- <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show dh'}' /></td>
- </tr>
</table>
<tr><td colspan=4><hr /></td></tr><tr>
'december' => 'Dezember',
'deep scan directories' => 'rekursiv scannen',
'def lease time' => 'Standardzeit für Zuordnung',
+'default' => 'Voreinstellung',
'default ip' => 'Standard IP-Adresse',
'default lease time' => 'Haltezeit-Voreinstellung in min:',
'default networks' => 'Standard Netzwerke',
'dh key move failed' => 'Verschieben der Diffie-Hellman-Parameter fehlgeschlagen.',
'dh key warn' => 'Das Generieren der Diffie-Hellman-Parameter mit 1024 oder 2048 Bit dauert üblicherweise mehrere Minuten. Schlüssellängen von 3072 oder 4096 Bit beanspruchen mehrere Stunden. Bitte haben Sie etwas Geduld.',
'dh key warn1' => 'Bei schwachen Systemen oder Systeme mit wenig Entropie wird empfohlen lange Diffie-Hellman-Parameter über die Upload-Funktion hochzuladen.',
+'dh parameter' => 'Diffie-Hellman-Parameter',
'dhcp advopt add' => 'DHCP Option hinzufügen',
'dhcp advopt added' => 'DHCP Option hinzugefügt',
'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein',
'download' => 'herunterladen',
'download ca certificate' => 'CA-Zertifikat herunterladen',
'download certificate' => 'Zertifikate herunterladen',
+'download dh parameter' => 'Diffie-Hellman-Parameter herunterladen',
'download host certificate' => 'Host-Zertifikat herunterladen',
'download new ruleset' => 'Neuen Regelsatz herunterladen',
'download pkcs12 file' => 'PKCS12-Datei herunterladen',
'december' => 'December',
'deep scan directories' => 'Scan recursive',
'def lease time' => 'Default Lease Time',
+'default' => 'Default',
'default ip' => 'Default IP address',
'default lease time' => 'Default lease time (mins):',
'default networks' => 'Default networks',
'dh key warn' => 'Creating Diffie-Hellman parameters with lengths of 1024 or 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient.',
'dh key warn1' => 'For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function.',
'dh name is invalid' => 'Name is invalid, please use "dh1024.pem".',
+'dh parameter' => 'Diffie-Hellman parameters',
'dhcp advopt add' => 'Add a DHCP option',
'dhcp advopt added' => 'DHCP option added',
'dhcp advopt blank value' => 'DHCP Option value cannot be empty.',
'download' => 'download',
'download ca certificate' => 'Download CA certificate',
'download certificate' => 'Download certificate',
+'download dh parameter' => 'Download Diffie-Hellman parameters',
'download host certificate' => 'Download host certificate',
'download new ruleset' => 'Download new ruleset',
'download pkcs12 file' => 'Download PKCS12 file',