(ipsec) add left=%any option + some minor validation cleanups

41157c89 · Ad Schellevis · dfaf2321 · 41157c89 · 41157c89
Commit 41157c89 authored Jul 22, 2016 by Ad Schellevis
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 32 deletions

ipsec.inc src/etc/inc/ipsec.inc +3 -1

vpn_ipsec_phase1.php src/www/vpn_ipsec_phase1.php +16 -31

No files found.
--- a/src/etc/inc/ipsec.inc
+++ b/src/etc/inc/ipsec.inc
@@ -86,7 +86,9 @@ $p2_pfskeygroups = array(
 */
 function ipsec_get_phase1_src(& $ph1ent) {
    if (!empty($ph1ent['interface'])) {
-        if (!is_ipaddr($ph1ent['interface'])) {
+        if ($ph1ent['interface'] == 'any') {
+            return '%any';
+        } elseif (!is_ipaddr($ph1ent['interface'])) {
          if (strpos($ph1ent['interface'],'_vip') !== false) {
              // if this is a vip, set the interface to $ph1ent['interface']
              $if = $ph1ent['interface'];

--- a/src/www/vpn_ipsec_phase1.php
+++ b/src/www/vpn_ipsec_phase1.php
@@ -247,48 +247,30 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        }
    }

-    if ($pconfig['myid_type'] == "address" and $pconfig['myid_data'] == "") {
+    if ($pconfig['interface'] == 'any' && $pconfig['myid_type'] == "myaddress") {
+        $input_errors[] = gettext("Please select an identifier (My Identifier) other then 'any' when selecting 'Any' interface");
+    } elseif ($pconfig['myid_type'] == "address" && $pconfig['myid_data'] == "") {
        $input_errors[] = gettext("Please enter an address for 'My Identifier'");
-    }
-
-    if ($pconfig['myid_type'] == "keyid tag" and $pconfig['myid_data'] == "") {
+    } elseif ($pconfig['myid_type'] == "keyid tag" && $pconfig['myid_data'] == "") {
        $input_errors[] = gettext("Please enter a keyid tag for 'My Identifier'");
-    }
-
-    if ($pconfig['myid_type'] == "fqdn" and $pconfig['myid_data'] == "") {
+    } elseif ($pconfig['myid_type'] == "fqdn" && $pconfig['myid_data'] == "") {
        $input_errors[] = gettext("Please enter a fully qualified domain name for 'My Identifier'");
-    }
-
-    if ($pconfig['myid_type'] == "user_fqdn" and $pconfig['myid_data'] == "") {
+    } elseif ($pconfig['myid_type'] == "user_fqdn" && $pconfig['myid_data'] == "") {
        $input_errors[] = gettext("Please enter a user and fully qualified domain name for 'My Identifier'");
-    }
-
-    if ($pconfig['myid_type'] == "dyn_dns" and $pconfig['myid_data'] == "") {
+    } elseif ($pconfig['myid_type'] == "dyn_dns" && $pconfig['myid_data'] == "") {
        $input_errors[] = gettext("Please enter a dynamic domain name for 'My Identifier'");
-    }
-
-    if ((($pconfig['myid_type'] == "address") && !is_ipaddr($pconfig['myid_data']))) {
+    } elseif ((($pconfig['myid_type'] == "address") && !is_ipaddr($pconfig['myid_data']))) {
        $input_errors[] = gettext("A valid IP address for 'My identifier' must be specified.");
-    }
-
-    if ((($pconfig['myid_type'] == "fqdn") && !is_domain($pconfig['myid_data']))) {
+    } elseif ((($pconfig['myid_type'] == "fqdn") && !is_domain($pconfig['myid_data']))) {
        $input_errors[] = gettext("A valid domain name for 'My identifier' must be specified.");
-    }
-
-    if ($pconfig['myid_type'] == "fqdn") {
-        if (is_domain($pconfig['myid_data']) == false) {
-            $input_errors[] = gettext("A valid FQDN for 'My identifier' must be specified.");
-        }
-    }
-
-    if ($pconfig['myid_type'] == "user_fqdn") {
+    } elseif ($pconfig['myid_type'] == "fqdn" && !is_domain($pconfig['myid_data'])) {
+        $input_errors[] = gettext("A valid FQDN for 'My identifier' must be specified.");
+    } elseif ($pconfig['myid_type'] == "user_fqdn") {
        $user_fqdn = explode("@", $pconfig['myid_data']);
        if (is_domain($user_fqdn[1]) == false) {
            $input_errors[] = gettext("A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.");
        }
-    }
-
-    if ($pconfig['myid_type'] == "dyn_dns") {
+    } elseif ($pconfig['myid_type'] == "dyn_dns") {
        if (is_domain($pconfig['myid_data']) == false) {
            $input_errors[] = gettext("A valid Dynamic DNS address for 'My identifier' must be specified.");
        }
@@ -620,6 +602,9 @@ include("head.inc");
                        </option>
 <?php                  endforeach;
 ?>
+                        <option value="any" <?= $pconfig['interface'] == "any" ? "selected=\"selected\"" : "" ?>>
+                            <?=gettext("Any");?>
+                        </option>
                      </select>
                      <div class="hidden" for="help_for_interface">
                        <?=gettext("Select the interface for the local endpoint of this phase1 entry."); ?>