From fd5ccb2dd5d0d4ee15bcae61c720eede3874bfbf Mon Sep 17 00:00:00 2001 From: Erik Kapfer Date: Thu, 12 Jun 2014 09:11:52 +0200 Subject: [PATCH] openvpn: Renamed CA chart, added ta.key to chart. * Added keys to CA chart and renamed CA specifics infos to CA and key infos. * Added ta.key to CA/key chart listing. --- html/cgi-bin/ovpnmain.cgi | 74 +++++++++++++++++++++++++++++++++++++++ langs/de/cgi-bin/de.pl | 8 +++-- langs/en/cgi-bin/en.pl | 9 +++-- 3 files changed, 85 insertions(+), 6 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 506dce5d0..ed614d868 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -1530,6 +1530,17 @@ END exit(0); } +### +### Download tls-auth key +### +}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download tls-auth key'}) { + if ( -f "${General::swroot}/ovpn/certs/ta.key" ) { + print "Content-Type: application/octet-stream\r\n"; + print "Content-Disposition: filename=ta.key\r\n\r\n"; + print `/bin/cat ${General::swroot}/ovpn/certs/ta.key`; + exit(0); + } + ### ### Form for generating a root certificate ### @@ -2369,6 +2380,28 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { exit(0); } +### +### Display tls-auth key +### +} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show tls-auth key'}) { + + if (! -e "${General::swroot}/ovpn/certs/ta.key") { + $errormessage = $Lang::tr{'not present'}; + } else { + &Header::showhttpheaders(); + &Header::openpage($Lang::tr{'ovpn'}, 1, ''); + &Header::openbigbox('100%', 'LEFT', '', ''); + &Header::openbox('100%', 'LEFT', "$Lang::tr{'ta key'}:"); + my $output = `/bin/cat ${General::swroot}/ovpn/certs/ta.key`; + $output = &Header::cleanhtml($output,"y"); + print "
$output
\n"; + &Header::closebox(); + print "
$Lang::tr{'back'}
"; + &Header::closebigbox(); + &Header::closepage(); + exit(0); + } + ### ### Display Certificate Revoke List ### @@ -5214,6 +5247,8 @@ END ; &Header::closebox(); } + + # CA/key listing &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}"); print < @@ -5228,6 +5263,8 @@ END my $col2="bgcolor='$color{'color20'}'"; # DH parameter line my $col3="bgcolor='$color{'color22'}'"; + # ta.key line + my $col4="bgcolor='$color{'color20'}'"; if (-f "${General::swroot}/ovpn/ca/cacert.pem") { my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`; @@ -5333,6 +5370,40 @@ END ; } + # Adding ta.key to chart + if (-f "${General::swroot}/ovpn/certs/ta.key") { + my $tasubject = `/bin/cat ${General::swroot}/ovpn/certs/ta.key`; + $tasubject =~ /# (.*)[\n]/; + $tasubject = $1; + print < + $Lang::tr{'ta key'} + $tasubject +
+ + +
+
+ + +
+   + +END + ; + } else { + # Nothing + print < + $Lang::tr{'ta key'}: + $Lang::tr{'not present'} +   + +END + ; + } + if (! -f "${General::swroot}/ovpn/ca/cacert.pem") { print "
"; print ""; @@ -5391,6 +5462,9 @@ END
+ + + diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index c604ef05a..8437def7f 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -518,7 +518,7 @@ 'ccd used' => 'Genutzte Adressen', 'cert' => 'Zertifikat', 'certificate' => 'Zertifikat', -'certificate authorities' => 'Zertifizierungsstellen (CAs)', +'certificate authorities' => 'Zertifizierungsstellen und -keys', 'certificate does not have a valid ca associated with it' => 'Mit dem Zertifikat ist keine gültige CA verbunden.', 'certificate file move failed' => 'Verschieben der Zertifikatsdatei fehlgeschlagen', 'cfg restart' => 'Nach dem Wiederherstellen eines Konfigurationsarchivs wird ein Neustart empfohlen.', @@ -769,12 +769,13 @@ 'downlink std class' => 'Downloadstandardklasse', 'download' => 'herunterladen', 'download ca certificate' => 'CA-Zertifikat herunterladen', -'download certificate' => 'Zertifikate herunterladen', +'download certificate' => 'File herunterladen', 'download dh parameter' => 'Diffie-Hellman-Parameter herunterladen', 'download host certificate' => 'Host-Zertifikat herunterladen', 'download new ruleset' => 'Neuen Regelsatz herunterladen', 'download pkcs12 file' => 'PKCS12-Datei herunterladen', 'download root certificate' => 'Root-Zertifikat herunterladen', +'download tls-auth key' => 'tls-auth Key herunterladen', 'dpd action' => 'Aktion für Dead Peer Detection', 'dpd delay' => 'Verzögerung', 'dpd timeout' => 'Zeitüberschreitung', @@ -1935,7 +1936,7 @@ 'shares' => 'Freigaben', 'show ajax speedmeter in footer' => 'Ajax Speed Anzeige', 'show ca certificate' => 'CA Zertifikat anzeigen', -'show certificate' => 'Zertifikat anzeigen', +'show certificate' => 'File anzeigen', 'show crl' => 'Certificate Revocation List anzeigen', 'show dh' => 'Diffie-Hellman-Parameter anzeigen', 'show host certificate' => 'Host-Zertifikat anzeigen', @@ -2078,6 +2079,7 @@ 'time server' => 'Zeitserver', 'timeout must be a number' => 'Wartezeit muss eine Zahl sein.', 'title' => 'Titel', +'ta key' => 'Key tls-auth', 'to' => 'Bis', 'to email adr' => 'An Email Adresse', 'to install an update' => 'Um ein Update zu installieren, laden Sie zuerst die folgende .tgz.gpg Datei hoch:', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index f87607fbb..5efbe1c23 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -536,7 +536,7 @@ 'ccd used' => 'Used addresses', 'cert' => 'Certificate', 'certificate' => 'Certificate', -'certificate authorities' => 'Certificate Authorities', +'certificate authorities' => 'Certificate Authorities and -keys', 'certificate does not have a valid ca associated with it' => 'Certificate does not have a valid CA associated with it.', 'certificate file move failed' => 'Certificate file move failed', 'cfg restart' => 'A reboot is suggested after restoring a configuration archive.', @@ -795,12 +795,13 @@ 'downlink std class' => 'downlink standard class', 'download' => 'download', 'download ca certificate' => 'Download CA certificate', -'download certificate' => 'Download certificate', +'download certificate' => 'Download file', 'download dh parameter' => 'Download Diffie-Hellman parameters', 'download host certificate' => 'Download host certificate', 'download new ruleset' => 'Download new ruleset', 'download pkcs12 file' => 'Download PKCS12 file', 'download root certificate' => 'Download root certificate', +'download tls-auth key' => 'Download tls-auth key', 'dpd action' => 'Action', 'dpd delay' => 'Delay', 'dpd timeout' => 'Timeout', @@ -1969,7 +1970,7 @@ 'show ajax speedmeter in footer' => 'Show Ajax speedmeter', 'show areas' => 'show areas', 'show ca certificate' => 'Show CA certificate', -'show certificate' => 'Show certificate', +'show certificate' => 'Show file', 'show crl' => 'Show certificate revocation list', 'show dh' => 'Show Diffie-Hellman parameters', 'show host certificate' => 'Show host certificate', @@ -1977,6 +1978,7 @@ 'show lines' => 'Show lines', 'show root certificate' => 'Show root certificate', 'show share options' => 'Show shares options', +'show tls-auth key' => 'Show tls-auth key', 'shuffle' => 'Shuffle', 'shutdown' => 'Shutdown', 'shutdown ask' => 'Shutdown?', @@ -2088,6 +2090,7 @@ 'system log viewer' => 'System Log Viewer', 'system logs' => 'System Logs', 'system status information' => 'System Status Information', +'ta key' => 'Key tls-auth', 'telephone not set' => 'Telephone not set.', 'template' => 'Preset', 'template warning' => 'You have two options to set up Qos. The First, you press the save button and generate the classes and rules on your own. The second, you press the preset button and classes and rules will be set up by a template.', -- 2.39.2
CA-Upload
$Lang::tr{'ca name'}: