Merge remote-tracking branch 'origin/next' into thirteen

[people/pmueller/ipfire-2.x.git] / html / cgi-bin / ovpnmain.cgi

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 4bfb6aa2c6c970ed62d43ef48c6d3b2b01c1dcb0..990fe6600bc7867d4c26027fed9786092c9e5c5c 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -334,6 +334,7 @@ sub writeserverconf {
     print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
     print CONF "script-security 3 system\n";
     print CONF "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600\n";
+    print CONF "client-config-dir /var/ipfire/ovpn/ccd\n";
     print CONF "tls-server\n";
     print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
     print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
@@ -359,7 +360,7 @@ sub writeserverconf {
        print CONF "mssfix\n";
     }
     if ($sovpnsettings{FRAGMENT} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') {
-       print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";
+       print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";   
     }
     if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {  
        print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
@@ -572,6 +573,10 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
        }
        &write_routepushfile;
        undef $vpnsettings{'ROUTES_PUSH'};
+    }
+       else {
+       undef $vpnsettings{'ROUTES_PUSH'};
+       &write_routepushfile;
     }
     if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) {
         $errormessage = $Lang::tr{'invalid input for max clients'};
@@ -1889,7 +1894,6 @@ ADV_ERROR:
     if ($cgiparams{'MAX_CLIENTS'} eq '') {
        $cgiparams{'MAX_CLIENTS'} =  '100';     
     }
-    
     if ($cgiparams{'KEEPALIVE_1'} eq '') {
        $cgiparams{'KEEPALIVE_1'} =  '10';     
     }
@@ -1897,7 +1901,7 @@ ADV_ERROR:
        $cgiparams{'KEEPALIVE_2'} =  '60';     
     }
     if ($cgiparams{'LOG_VERB'} eq '') {
-       $cgiparams{'LOG_VERB'} =  '3';     
+       $cgiparams{'LOG_VERB'} =  '3';
     }
     $checked{'CLIENT2CLIENT'}{'off'} = '';
     $checked{'CLIENT2CLIENT'}{'on'} = '';
@@ -2906,7 +2910,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
 
            # Sign the certificate request and move it
            # Sign the host certificate request
-           system('/usr/bin/openssl', 'ca', '-days', '999999',
+           system('/usr/bin/openssl', 'ca', '-days', "$cgiparams{'DAYS_VALID'}",
                '-batch', '-notext',
                '-in', $filename,
                '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
@@ -3085,7 +3089,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
            }
        
            # Sign the host certificate request
-           system('/usr/bin/openssl', 'ca', '-days', '999999',
+           system('/usr/bin/openssl', 'ca', '-days', "$cgiparams{'DAYS_VALID'}",
                '-batch', '-notext',
                '-in',  "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
                '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
@@ -3869,7 +3873,7 @@ END
        ;
         my $id = 0;
         my $gif;
-        foreach my $key (keys %confighash) {
+        foreach my $key (sort { uc($confighash{$a}[1]) cmp uc($confighash{$b}[1]) } keys %confighash) {
        if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
 
        if ($id % 2) {