/opt/pakfire/db/rootfiles/perl-TimeDate
fi
+## Modify ovpnconfig according to bug 11048 for pass, no-pass modification in ovpnconfig index
+# Check if ovpnconfig is not empty and exists
+if [ -s /var/ipfire/ovpn/ovpnconfig ]; then
+ # Sort all N2N connections out since they do not use encryption
+ awk '{FS=OFS=","} {if($5=="net") {$43="no-pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new
+
+ # Investigate roadwarrior connection names for *.p12 files
+ for y in $(awk -F',' '/host/ { print $3 }' /var/ipfire/ovpn/ovpnconfig); do
+ # Sort all unencrypted roadwarriors out and set 'no-pass' in [43] index
+ if [[ -n $(openssl pkcs12 -info -in /var/ipfire/ovpn/certs/${y}.p12 -noout -password pass:'' 2>&1 | grep 'Encrypted') ]]; then
+ awk -v var="$y" '{FS=OFS=","} {if($3==var) {$43="no-pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new
+ fi
+ done
+
+ # Investigate connection names for *.p12 files
+ for x in $(awk -F',' '/host/ { print $3 }' /var/ipfire/ovpn/ovpnconfig); do
+ # Sort all encrypted roadwarriors out and set 'pass' in [43] index
+ if [[ -n $(openssl pkcs12 -info -in /var/ipfire/ovpn/certs/${x}.p12 -noout -password pass:'' 2>&1 | grep 'error') ]]; then
+ awk -v var="$x" '{FS=OFS=","} {if($3==var) {$43="pass"; print $0}}' /var/ipfire/ovpn/ovpnconfig >> /var/ipfire/ovpn/ovpnconfig.new
+ fi
+ done
+fi
+
+# Renew existing ovpnconfig with refreshed index
+mv /var/ipfire/ovpn/ovpnconfig.new /var/ipfire/ovpn/ovpnconfig
+# Set correct ownerschip
+chown nobody:nobody /var/ipfire/ovpn/ovpnconfig
+
# This update needs a reboot...
touch /var/run/need_reboot
$confighash{$key}[39] = $cgiparams{'DAUTH'};
$confighash{$key}[40] = $cgiparams{'DCIPHER'};
- if (($cgiparams{'TYPE'} eq 'host') && ($cgiparams{'CERT_PASS1'} eq "")) {
- $confighash{$key}[41] = "no-pass";
+ if ($confighash{$key}[41] eq "") {
+ if (($cgiparams{'TYPE'} eq 'host') && ($cgiparams{'CERT_PASS1'} eq "")) {
+ $confighash{$key}[41] = "no-pass";
+ } elsif (($cgiparams{'TYPE'} eq 'host') && ($cgiparams{'CERT_PASS1'} ne "")) {
+ $confighash{$key}[41] = "pass";
+ } elsif ($cgiparams{'TYPE'} eq 'net') {
+ $confighash{$key}[41] = "no-pass";
+ }
}
$confighash{$key}[42] = 'HOTP/T30/6';
}
- print <<END;
- <td align='center' $col1>$active</td>
-
- <form method='post' name='frm${key}a'><td align='center' $col>
- <input type='image' name='$Lang::tr{'dl client arch'}' src='/images/openvpn.png' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
+ if ($confighash{$key}[41] eq "pass") {
+ print <<END;
+ <td align='center' $col1>$active</td>
+
+ <form method='post' name='frm${key}a'><td align='center' $col>
+ <input type='image' name='$Lang::tr{'dl client arch'}' src='/images/openvpn_encrypted.png'
+ alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' />
+ <input type='hidden' name='MODE' value='secure' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form>
END
- ;
- if ($confighash{$key}[41] eq "no-pass") {
+ ; } elsif ($confighash{$key}[41] eq "no-pass") {
print <<END;
- <form method='post' name='frm${key}g'><td align='center' $col>
+ <td align='center' $col1>$active</td>
+
+ <form method='post' name='frm${key}a'><td align='center' $col>
<input type='image' name='$Lang::tr{'dl client arch insecure'}' src='/images/openvpn.png'
alt='$Lang::tr{'dl client arch insecure'}' title='$Lang::tr{'dl client arch insecure'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' />
<input type='hidden' name='KEY' value='$key' />
</td></form>
END
- } else {
+ ; } else {
print "<td $col> </td>";
}
# If the config file contains entries, print Key to action icons
if ( $id ) {
print <<END;
- <table border='0'>
- <tr>
+ <table width='85%' border='0'>
+ <tr>
<td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
+ <td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
+ <td class='base'>$Lang::tr{'dl client arch insecure'}</td>
+ <td> <img src='/images/openvpn_encrypted.png' alt='?RELOAD'/></td>
+ <td class='base'>$Lang::tr{'dl client arch'}</td>
<td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
<td class='base'>$Lang::tr{'show certificate'}</td>
+ <td> <img src='/images/qr-code.png' alt='$Lang::tr{'show otp qrcode'}'/></td>
+ <td class='base'>$Lang::tr{'show otp qrcode'}</td>
+ </tr>
+ <tr>
+ <td> </td>
+ <td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
+ <td class='base'>$Lang::tr{'download certificate'}</td>
+ <td> <img src='/images/off.gif' alt='?OFF' /></td>
+ <td class='base'>$Lang::tr{'click to enable'}</td>
+ <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
+ <td class='base'>$Lang::tr{'click to disable'}</td>
<td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
<td class='base'>$Lang::tr{'edit'}</td>
<td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
<td class='base'>$Lang::tr{'remove'}</td>
- </tr>
- <tr>
- <td> </td>
- <td> <img src='/images/off.gif' alt='?OFF' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- <td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
- <td class='base'>$Lang::tr{'dl client arch'}</td>
- <td> <img src='/images/qr-code.png' alt='$Lang::tr{'show otp qrcode'}'/></td>
- <td class='base'>$Lang::tr{'show otp qrcode'}</td>
- </tr>
- </table><br>
+ </tr>
+ </table><br>
END
;
}
projects / people / ummeegge / ipfire-2.x.git / commitdiff
