Commit 10c6828e authored by Ad Schellevis's avatar Ad Schellevis
parent 0dd120ff
...@@ -899,6 +899,10 @@ EOD; ...@@ -899,6 +899,10 @@ EOD;
case 'eap-tls': case 'eap-tls':
$authentication = "leftauth=eap-tls\n\trightauth=eap-tls"; $authentication = "leftauth=eap-tls\n\trightauth=eap-tls";
break; break;
case 'eap-mschapv2':
$authentication = "leftauth = pubkey\n\trightauth = eap-mschapv2";
$authentication .= "\n\teap_identity=%any";
break;
case 'xauth_rsa_server': case 'xauth_rsa_server':
$authentication = "leftauth = pubkey\n\trightauth = pubkey"; $authentication = "leftauth = pubkey\n\trightauth = pubkey";
$authentication .= "\n\trightauth2 = xauth-generic"; $authentication .= "\n\trightauth2 = xauth-generic";
......
...@@ -178,6 +178,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -178,6 +178,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// For RSA methods, require the CA/Cert. // For RSA methods, require the CA/Cert.
switch ($method) { switch ($method) {
case "eap-tls": case "eap-tls":
case "eap-mschapv2":
if ($pconfig['iketype'] != 'ikev2') { if ($pconfig['iketype'] != 'ikev2') {
$input_errors[] = sprintf(gettext("%s can only be used with IKEv2 type VPNs."), strtoupper($method)); $input_errors[] = sprintf(gettext("%s can only be used with IKEv2 type VPNs."), strtoupper($method));
} }
...@@ -430,6 +431,7 @@ include("head.inc"); ...@@ -430,6 +431,7 @@ include("head.inc");
case 'hybrid_rsa_server': case 'hybrid_rsa_server':
case 'xauth_rsa_server': case 'xauth_rsa_server':
case 'rsasig': case 'rsasig':
case 'eap-mschapv2':
$(".auth_eap_tls").show(); $(".auth_eap_tls").show();
$(".auth_eap_tls :input").prop( "disabled", false ); $(".auth_eap_tls :input").prop( "disabled", false );
$(".auth_eap_tls_caref").show(); $(".auth_eap_tls_caref").show();
...@@ -651,6 +653,7 @@ include("head.inc"); ...@@ -651,6 +653,7 @@ include("head.inc");
'xauth_rsa_server' => array( 'name' => 'Mutual RSA + Xauth', 'mobile' => true ), 'xauth_rsa_server' => array( 'name' => 'Mutual RSA + Xauth', 'mobile' => true ),
'xauth_psk_server' => array( 'name' => 'Mutual PSK + Xauth', 'mobile' => true ), 'xauth_psk_server' => array( 'name' => 'Mutual PSK + Xauth', 'mobile' => true ),
'eap-tls' => array( 'name' => 'EAP-TLS', 'mobile' => true), 'eap-tls' => array( 'name' => 'EAP-TLS', 'mobile' => true),
'eap-mschapv2' => array( 'name' => 'EAP-MSCHAPV2', 'mobile' => true),
'rsasig' => array( 'name' => 'Mutual RSA', 'mobile' => false ), 'rsasig' => array( 'name' => 'Mutual RSA', 'mobile' => false ),
'pre_shared_key' => array( 'name' => 'Mutual PSK', 'mobile' => false ) ); 'pre_shared_key' => array( 'name' => 'Mutual PSK', 'mobile' => false ) );
foreach ($p1_authentication_methods as $method_type => $method_params) : foreach ($p1_authentication_methods as $method_type => $method_params) :
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment