Commit 07afd164 authored by Ad Schellevis's avatar Ad Schellevis

cleanup old php fpm leftover, related to https://github.com/opnsense/core/issues/42

parent a723fe13
......@@ -75,13 +75,13 @@ function getNasIP()
/* setup syslog logging */
openlog("openvpn", LOG_ODELAY, LOG_AUTH);
if (isset($_GET)) {
$authmodes = explode(",", $_GET['authcfg']);
$username = $_GET['username'];
$password = urldecode($_GET['password']);
$common_name = $_GET['cn'];
$modeid = $_GET['modeid'];
$strictusercn = $_GET['strictcn'] == "false" ? false : true;
if (count($argv) > 3) {
$authmodes = explode(",", $5);
$username = $1;
$password = urldecode($2);
$common_name = $3;
$modeid = $6;
$strictusercn = $4 == "false" ? false : true;
} else {
/* read data from environment */
$username = getenv("username");
......
......@@ -42,15 +42,8 @@ require_once("interfaces.inc");
openlog("openvpn", LOG_ODELAY, LOG_AUTH);
/* read data from command line */
if (isset($_GET)) {
$cert_depth = $_GET['certdepth'];
$cert_subject = urldecode($_GET['certsubject']);
$allowed_depth = $_GET['depth'];
$server_cn = $_GET['servercn'];
} else {
$cert_depth = intval($argv[1]);
$cert_subject = $argv[2];
}
$cert_depth = intval($argv[1]);
$cert_subject = $argv[2];
/* Reserved for future use in case we decide to verify CNs and such as well
$subj = explode("/", $cert_subject);
......
#!/bin/sh
if [ "$1" = "tls" ]; then
RESULT=$(/usr/local/sbin/fcgicli -f /usr/local/etc/inc/openvpn.tls-verify.php -d "servercn=$2&depth=$3&certdepth=$4&certsubject=$5")
RESULT=$(/usr/local/bin/php /usr/local/etc/inc/openvpn.tls-verify.php -d $2 $3)
else
# Single quoting $password breaks getting the value from the variable.
password=$(echo ${password} | /usr/bin/sed 's/&/%26/g')
RESULT=$(/usr/local/sbin/fcgicli -f /usr/local/etc/inc/openvpn.auth-user.php -d "username=$username&password=$password&cn=$common_name&strictcn=$3&authcfg=$2&modeid=$4")
password=$(echo -n "${password}" | openssl enc -base64 | sed -e 's/=/%3D/g')
username=$(echo -n "${username}" | openssl enc -base64 | sed -e 's/=/%3D/g')
RESULT=$(/usr/local/bin/php /etc/inc/openvpn.auth-user.php $username $password $common_name $3 $2 $4)
fi
if [ "${RESULT}" = "OK" ]; then
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment