X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fovpnmain.cgi;h=fb52e680162b3429769e8e441519dcbe55c44874;hp=9550ca6736cd56bfb1687b19a460fa7064a9b743;hb=f042e1d398bf4bade415773fe5849791f864444c;hpb=0fbba54e825ad4d21762e0deb788ec6614d0e744

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 9550ca6736..fb52e68016 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -213,7 +213,7 @@ sub writeserverconf {
     print CONF "writepid /var/run/openvpn.pid\n";
     print CONF "#DAN prepare OpenVPN for listening on blue and orange\n";
     print CONF ";local $sovpnsettings{'VPN_IP'}\n";
-    print CONF "dev $sovpnsettings{'DDEVICE'}\n";
+    print CONF "dev tun\n";
     print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
     print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
     print CONF "script-security 3 system\n";
@@ -231,15 +231,15 @@ sub writeserverconf {
     # Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500.
     # If we doesn't use one of them, we can use the configured mtu value.
     if ($sovpnsettings{'MSSFIX'} eq 'on') 
-	{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+	{ print CONF "tun-mtu 1500\n"; }
     elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') 
-	{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+	{ print CONF "tun-mtu 1500\n"; }
     elsif (($sovpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
 	($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
 	($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
-	{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; } 
+	{ print CONF "tun-mtu 1500\n"; } 
     else 
-	{ print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; }
+	{ print CONF "tun-mtu $sovpnsettings{'DMTU'}\n"; }
 
     if ($vpnsettings{'ROUTES_PUSH'} ne '') {
 		@temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'});
@@ -1167,7 +1167,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
     $vpnsettings{'VPN_IP'} = $cgiparams{'VPN_IP'};
 #new settings for daemon
     $vpnsettings{'DOVPN_SUBNET'} = $cgiparams{'DOVPN_SUBNET'};
-    $vpnsettings{'DDEVICE'} = $cgiparams{'DDEVICE'};
     $vpnsettings{'DPROTOCOL'} = $cgiparams{'DPROTOCOL'};
     $vpnsettings{'DDEST_PORT'} = $cgiparams{'DDEST_PORT'};
     $vpnsettings{'DMTU'} = $cgiparams{'DMTU'};
@@ -2138,7 +2137,7 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
    print CLIENTCONF "# Server Gateway Network\n"; 
    print CLIENTCONF "route $remsubnet[0] $remsubnet[1]\n";
    print CLIENTCONF "# tun Device\n"; 
-   print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\n"; 
+   print CLIENTCONF "dev tun\n"; 
    print CLIENTCONF "# Port and Protokoll\n"; 
    print CLIENTCONF "port $confighash{$cgiparams{'KEY'}}[29]\n"; 
    
@@ -2230,21 +2229,21 @@ else
     print CLIENTCONF "tls-client\r\n";
     print CLIENTCONF "client\r\n";
     print CLIENTCONF "nobind\r\n";
-    print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
+    print CLIENTCONF "dev tun\r\n";
     print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
 
     # Check if we are using fragment, mssfix or mtu-disc and set MTU to 1500
     # or use configured value.
     if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' )
-	{ print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+	{ print CLIENTCONF "tun-mtu 1500\r\n"; }
     elsif ($vpnsettings{MSSFIX} eq 'on')
-	{ print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+	{ print CLIENTCONF "tun-mtu 1500\r\n"; }
     elsif (($vpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
            ($vpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
            ($vpnsettings{'PMTU_DISCOVERY'} eq 'no' )) 
-	{ print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+	{ print CLIENTCONF "tun-mtu 1500\r\n"; }
     else
-	{ print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; }
+	{ print CLIENTCONF "tun-mtu $vpnsettings{'DMTU'}\r\n"; }
 
     if ( $vpnsettings{'ENABLED'} eq 'on'){
     	print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
@@ -2347,7 +2346,9 @@ else
 	&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
 	if ($confighash{$cgiparams{'KEY'}}) {
+		# Revoke certificate if certificate was deleted and rewrite the CRL
 		my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+		my $tempA = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
 
 ###
 # m.a.d net2net
@@ -3198,7 +3199,6 @@ END
 		@firen2nconf = <FILE>;
 		close (FILE);
 		chomp(@firen2nconf);
-
 	} else {
 
 		$errormessage = "Filecount does not match only 2 files are allowed\n";
@@ -3239,6 +3239,13 @@ END
     unless(-d "${General::swroot}/ovpn/n2nconf/"){mkdir "${General::swroot}/ovpn/n2nconf", 0755 or die "Unable to create dir $!";}
     unless(-d "${General::swroot}/ovpn/n2nconf/$n2nname[0]"){mkdir "${General::swroot}/ovpn/n2nconf/$n2nname[0]", 0770 or die "Unable to create dir $!";}   
 
+	#Add collectd settings to configfile
+	open(FILE, ">> $tempdir/$uplconffilename") or die 'Unable to open config file.';
+	print FILE "# Logfile\n";
+	print FILE "status-version 1\n";
+	print FILE "status /var/run/openvpn/$n2nname[0]-n2n 10\n";
+	close FILE;
+
 	move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename2");
 
 	if ($? ne 0) {
@@ -4951,9 +4958,6 @@ END
     $checked{'ENABLED_ORANGE'}{'off'} = '';
     $checked{'ENABLED_ORANGE'}{'on'} = '';
     $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
-    $selected{'DDEVICE'}{'tun'} = '';
-    $selected{'DDEVICE'}{'tap'} = '';
-    $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
 
     $selected{'DPROTOCOL'}{'udp'} = '';
     $selected{'DPROTOCOL'}{'tcp'} = '';
@@ -5045,10 +5049,6 @@ END
     print <<END;
     <tr><td class='base' nowrap='nowrap' colspan='2'>$Lang::tr{'local vpn hostname/ip'}:<br /><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
 	<td class='boldbase' nowrap='nowrap' colspan='2'>$Lang::tr{'ovpn subnet'}<br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
-    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
-        <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
-               			<!-- this is still not working
-               			    <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select>--> </td>				    
     <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
         <td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
                			    <option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>				    
@@ -5549,42 +5549,49 @@ END
     }
 
 	print <<END
-	<hr size='1'>
+
+	<br><hr><br>
+
 	<form method='post' enctype='multipart/form-data'>
-	<table width='100%' border='0'cellspacing='1' cellpadding='0'>
-	<tr>
-		<td class'base'><b>$Lang::tr{'upload ca certificate'}</b></td>
-	</tr>
-	<tr>
-		<td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
-		<td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td>
-		<td nowrap='nowrap'><input type='file' name='FH' size='25' />
-		<td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
-	</tr>
+		<table border='0' width='100%'>
+			<tr>
+				<td colspan='4'><b>$Lang::tr{'upload ca certificate'}</b></td>
+			</tr>
 
-	<tr align='right'>
-		<td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
-	</tr>
+			<tr>
+				<td width='10%'>$Lang::tr{'ca name'}:</td>
+				<td width='30%'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'></td>
+				<td width='30%'><input type='file' name='FH' size='25'>
+				<td width='30%'align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}'></td>
+			</tr>
 
-	<tr><td colspan=4><hr /></td></tr><tr>
-	<tr>
-		<td class'base'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
-	</tr>
+			<tr>
+				<td colspan='3'>&nbsp;</td>
+				<td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
+			</tr>
+		</table>
 
-	<tr>
-		<td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh upload'}:</td>
-		<td nowrap='nowrap'><size='15' align='left'/></td>
-		<td nowrap='nowrap'><input type='file' name='FH' size='25' />
-		<td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}' /></td>
-	</tr>
-	<tr>
-		<td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh new key'}:</td>
-		<td nowrap='nowrap'><size='15' align='left'/></td>
-		<td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
-	</tr>
-	</table>
+		<br>
+
+		<table border='0' width='100%'>
+			<tr>
+				<td colspan='4'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
+			</tr>
+
+			<tr>
+				<td width='40%'>$Lang::tr{'ovpn dh upload'}:</td>
+				<td width='30%'><input type='file' name='FH' size='25'>
+				<td width='30%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}'></td>
+			</tr>
+
+			<tr>
+				<td width='40%'>$Lang::tr{'ovpn dh new key'}:</td>
+				<td colspan='2' width='60%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+			</tr>
+		</table>
+	</form>
 	
-	<tr><td colspan=4><hr /></td></tr><tr>
+	<br><hr>
 END
 	;