]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - html/cgi-bin/ovpnmain.cgi
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix inpossible download of hostcert on french language.
[ipfire-2.x.git] / html / cgi-bin / ovpnmain.cgi
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 9be8d3a08590d655201c8f5bf5dfd51581e7d764..c620ab09d1fa8970a2a2974a54c785244387b286 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -30,6 +30,7 @@ use File::Copy;
 use File::Temp qw/ tempfile tempdir /;
 use strict;
 use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
+use Sort::Naturally;
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
@@ -169,7 +170,7 @@ sub checkportfw {
        my $DPORT = shift;
        my $DPROT = shift;
        my %natconfig =();
-       my $confignat = "${General::swroot}/forward/nat";
+       my $confignat = "${General::swroot}/firewall/config";
        $DPROT= uc ($DPROT);
        &General::readhasharray($confignat, \%natconfig);
        foreach my $key (sort keys %natconfig){
@@ -379,7 +380,7 @@ sub writeserverconf {
     if ($sovpnsettings{DHCP_WINS} ne '') {
        print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
     }  
-    print CONF "tls-verify /var/ipfire/ovpn/verify\n";
+    print CONF "tls-verify /usr/lib/openvpn/verify\n";
     print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
     print CONF "user nobody\n";
     print CONF "group nobody\n";
@@ -2149,14 +2150,15 @@ else
 # m.a.d net2net
 ###
 
- if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
-
+if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
        my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf");
-  my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
-  unlink ($certfile) or die "Removing $certfile fail: $!";
-  unlink ($conffile) or die "Removing $conffile fail: $!";
-  rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!";
-  
+       my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+       unlink ($certfile);
+       unlink ($conffile);
+
+       if (-e "${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") {
+               rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!";
+       }
 }
 
   unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
@@ -3558,35 +3560,33 @@ if ($cgiparams{'TYPE'} eq 'net') {
        }
 
        # Check if a remote host/IP has been set for the client.
-       if ($cgiparams{'REMOTE'} eq '' && $cgiparams{'SIDE'} ne 'server') {
-           $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+       if ($cgiparams{'TYPE'} eq 'net') {
+               if ($cgiparams{'SIDE'} ne 'server' && $cgiparams{'REMOTE'} eq '') {
+                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
 
-           # Check if this is a N2N connection and drop temporary config.
-           if ($cgiparams{'TYPE'} eq 'net') {
-               unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-               rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
-           }
-           goto VPNCONF_ERROR;
-       }
+                       # Check if this is a N2N connection and drop temporary config.
+                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
 
-       # Check if a remote host/IP has been configured - the field can be empty on the server side.
-       if ($cgiparams{'REMOTE'} ne '') {
+                       goto VPNCONF_ERROR;
+               }
 
-           # Check if the given IP is valid - otherwise check if it is a valid domain.
-           if (! &General::validip($cgiparams{'REMOTE'})) {
+               # Check if a remote host/IP has been configured - the field can be empty on the server side.
+               if ($cgiparams{'REMOTE'} ne '') {
+                       # Check if the given IP is valid - otherwise check if it is a valid domain.
+                       if (! &General::validip($cgiparams{'REMOTE'})) {
+                               # Check for a valid domain.
+                               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
+                                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
 
-               # Check for a valid domain.
-               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
-                   $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+                                       # Check if this is a N2N connection and drop temporary config.
+                                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+                                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
 
-                   # Check if this is a N2N connection and drop temporary config.
-                   if ($cgiparams{'TYPE'} eq 'net') {
-                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
-                   }
-                   goto VPNCONF_ERROR;
+                                       goto VPNCONF_ERROR;
+                               }
+                       }
                }
-           }
        }
 
        if ($cgiparams{'TYPE'} ne 'host') {
@@ -4534,7 +4534,7 @@ END
     
 #default setzen
     if ($cgiparams{'DCIPHER'} eq '') {
-       $cgiparams{'DCIPHER'} =  'BF-CBC';     
+       $cgiparams{'DCIPHER'} =  'AES-256-CBC';
     }
     if ($cgiparams{'DDEST_PORT'} eq '') {
        $cgiparams{'DDEST_PORT'} =  '1194';     
@@ -4574,6 +4574,9 @@ END
     $selected{'DCIPHER'}{'AES-128-CBC'} = '';
     $selected{'DCIPHER'}{'AES-192-CBC'} = '';
     $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+    $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
+    $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
+    $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
     $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
     $checked{'DCOMPLZO'}{'off'} = '';
     $checked{'DCOMPLZO'}{'on'} = '';
@@ -4642,19 +4645,24 @@ END
     <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
         <td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
         <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
-        <td><select name='DCIPHER'><option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
-                                  <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
-                                  <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
-                                  <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
-                                  <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>                                                                 
-                                  <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
-                                  <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
-                                  <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
-                                  <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
-                                  <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
-                                  <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
-                                  <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td></tr>
-                                  <tr><td colspan='4'><hr /></td></tr>
+        <td><select name='DCIPHER'>
+               <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-256-CBC</option>
+               <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-192-CBC</option>
+               <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-128-CBC</option>
+               <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option>
+               <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
+               <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
+               <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
+               <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
+               <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
+               <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>
+               <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
+               <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
+               <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
+               <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
+               <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
+       </select></td></tr>
+    <tr><td colspan='4'><hr /></td></tr>
 END
 ;                                 
     
@@ -4740,8 +4748,8 @@ END
            <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
        </td></form>
        <form method='post' name='frmhostcrtb'><td width='3%' align='center'>
-           <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
-           <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+           <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
+           <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
        </td></form>
        <td width='4%'>&nbsp;</td></tr>
 END
@@ -4850,11 +4858,10 @@ END
 </tr>
 END
        ;
-        my $id = 0;
-        my $gif;
-        foreach my $key (sort { uc($confighash{$a}[1]) cmp uc($confighash{$b}[1]) } keys %confighash) {
-       if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-
+    my $id = 0;
+    my $gif;
+    foreach my $key (sort { ncmp ($confighash{$a}[1],$confighash{$b}[1]) } keys %confighash) {
+       if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
        if ($id % 2) {
            print "<tr bgcolor='$color{'color20'}'>\n";
        } else {
IPFire 2.x development tree