Commit 07afd164 authored by Ad Schellevis's avatar Ad Schellevis

cleanup old php fpm leftover, related to https://github.com/opnsense/core/issues/42

parent a723fe13
...@@ -75,13 +75,13 @@ function getNasIP() ...@@ -75,13 +75,13 @@ function getNasIP()
/* setup syslog logging */ /* setup syslog logging */
openlog("openvpn", LOG_ODELAY, LOG_AUTH); openlog("openvpn", LOG_ODELAY, LOG_AUTH);
if (isset($_GET)) { if (count($argv) > 3) {
$authmodes = explode(",", $_GET['authcfg']); $authmodes = explode(",", $5);
$username = $_GET['username']; $username = $1;
$password = urldecode($_GET['password']); $password = urldecode($2);
$common_name = $_GET['cn']; $common_name = $3;
$modeid = $_GET['modeid']; $modeid = $6;
$strictusercn = $_GET['strictcn'] == "false" ? false : true; $strictusercn = $4 == "false" ? false : true;
} else { } else {
/* read data from environment */ /* read data from environment */
$username = getenv("username"); $username = getenv("username");
......
...@@ -42,15 +42,8 @@ require_once("interfaces.inc"); ...@@ -42,15 +42,8 @@ require_once("interfaces.inc");
openlog("openvpn", LOG_ODELAY, LOG_AUTH); openlog("openvpn", LOG_ODELAY, LOG_AUTH);
/* read data from command line */ /* read data from command line */
if (isset($_GET)) { $cert_depth = intval($argv[1]);
$cert_depth = $_GET['certdepth']; $cert_subject = $argv[2];
$cert_subject = urldecode($_GET['certsubject']);
$allowed_depth = $_GET['depth'];
$server_cn = $_GET['servercn'];
} else {
$cert_depth = intval($argv[1]);
$cert_subject = $argv[2];
}
/* Reserved for future use in case we decide to verify CNs and such as well /* Reserved for future use in case we decide to verify CNs and such as well
$subj = explode("/", $cert_subject); $subj = explode("/", $cert_subject);
......
#!/bin/sh #!/bin/sh
if [ "$1" = "tls" ]; then if [ "$1" = "tls" ]; then
RESULT=$(/usr/local/sbin/fcgicli -f /usr/local/etc/inc/openvpn.tls-verify.php -d "servercn=$2&depth=$3&certdepth=$4&certsubject=$5") RESULT=$(/usr/local/bin/php /usr/local/etc/inc/openvpn.tls-verify.php -d $2 $3)
else else
# Single quoting $password breaks getting the value from the variable. # Single quoting $password breaks getting the value from the variable.
password=$(echo ${password} | /usr/bin/sed 's/&/%26/g') password=$(echo -n "${password}" | openssl enc -base64 | sed -e 's/=/%3D/g')
RESULT=$(/usr/local/sbin/fcgicli -f /usr/local/etc/inc/openvpn.auth-user.php -d "username=$username&password=$password&cn=$common_name&strictcn=$3&authcfg=$2&modeid=$4") username=$(echo -n "${username}" | openssl enc -base64 | sed -e 's/=/%3D/g')
RESULT=$(/usr/local/bin/php /etc/inc/openvpn.auth-user.php $username $password $common_name $3 $2 $4)
fi fi
if [ "${RESULT}" = "OK" ]; then if [ "${RESULT}" = "OK" ]; then
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment