(legacy) spaces and curly braces in openvpn.auth-user.php

(cherry picked from commit f64321db)

(legacy) spaces and curly braces in openvpn.auth-user.php
(cherry picked from commit f64321db)
d415996b · Ad Schellevis · Franco Fichtner · eccfa60f · d415996b
Commit d415996b authored Mar 22, 2016 by Ad Schellevis Committed by Franco Fichtner Apr 01, 2016
Show whitespace changes
Inline Side-by-side

Showing with 233 additions and 214 deletions

openvpn.auth-user.php src/etc/inc/openvpn.auth-user.php +233 -214

No files found.
--- a/src/etc/inc/openvpn.auth-user.php
+++ b/src/etc/inc/openvpn.auth-user.php
@@ -39,9 +39,11 @@ require_once("auth.inc");
 require_once("util.inc");
 require_once("interfaces.inc");

-function cisco_to_cidr($addr) {
-	if (!is_ipaddr($addr))
+function cisco_to_cidr($addr)
+{
+    if (!is_ipaddr($addr)) {
        return 0;
+    }
    $mask = decbin(~ip2long($addr));
    $mask = substr($mask, -32);
    $k = 0;
@@ -51,20 +53,22 @@ function cisco_to_cidr($addr) {
    return $k;
 }

-function cisco_extract_index($prule) {
-
+function cisco_extract_index($prule)
+{
    $index = explode("#", $prule);
-	if (is_numeric($index[1]))
+    if (is_numeric($index[1])) {
        return intval($index[1]);
-	else
+    } else {
        syslog(LOG_WARNING, "Error parsing rule {$prule}: Could not extract index");
+    }
    return -1;;
 }

 function parse_cisco_acl($attribs) {
    global $devname, $attributes;
-	if (!is_array($attribs))
+    if (!is_array($attribs)) {
        return "";
+    }
    $finalrules = "";
    if (is_array($attribs['ciscoavpair'])) {
        $inrules = array();
@@ -74,29 +78,31 @@ function parse_cisco_acl($attribs) {
            $dir = "";
            if (strstr($rule[0], "inacl")) {
                $dir = "in";
-			} else if (strstr($rule[0], "outacl"))
+            } elseif (strstr($rule[0], "outacl")) {
                $dir = "out";
-			else if (strstr($rule[0], "dns-servers")) {
+            } elseif (strstr($rule[0], "dns-servers")) {
                $attributes['dns-servers'] = explode(" ", $rule[1]);
                continue;
-			} else if (strstr($rule[0], "route")) {
-				if (!is_array($attributes['routes']))
+            } elseif (strstr($rule[0], "route")) {
+                if (!is_array($attributes['routes'])) {
                    $attributes['routes'] = array();
+                }
                $attributes['routes'][] = $rule[1];
                continue;
            }
            $rindex = cisco_extract_index($rule[0]);
-			if ($rindex < 0)
+            if ($rindex < 0) {
                continue;
+            }

            $rule = $rule[1];
            $rule = explode(" ", $rule);
            $tmprule = "";
            $index = 0;
            $isblock = false;
-			if ($rule[$index] == "permit")
+            if ($rule[$index] == "permit") {
                $tmprule = "pass {$dir} quick on {$devname} ";
-			else if ($rule[$index] == "deny") {
+            } elseif ($rule[$index] == "deny") {
                //continue;
                $isblock = true;
                $tmprule = "block {$dir} quick on {$devname} ";
@@ -111,7 +117,6 @@ function parse_cisco_acl($attribs) {
                case "udp":
                    $tmprule .= "proto {$rule[$index]} ";
                    break;
-
            }

            $index++;
@@ -120,9 +125,10 @@ function parse_cisco_acl($attribs) {
                $index++;
                $tmprule .= "from {$rule[$index]} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
-			} else if (trim($rule[$index]) == "any") {
+                }
+            } elseif (trim($rule[$index]) == "any") {
                $tmprule .= "from any";
                $index++;
            } else {
@@ -131,17 +137,19 @@ function parse_cisco_acl($attribs) {
                $netmask = cisco_to_cidr($rule[$index]);
                $tmprule .= "/{$netmask} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
                }
+            }
            /* Destination */
            if (trim($rule[$index]) == "host") {
                $index++;
                $tmprule .= "to {$rule[$index]} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
-			} else if (trim($rule[$index]) == "any") {
+                }
+            } elseif (trim($rule[$index]) == "any") {
                $index++;
                $tmprule .= "to any";
            } else {
@@ -150,32 +158,37 @@ function parse_cisco_acl($attribs) {
                $netmask = cisco_to_cidr($rule[$index]);
                $tmprule .= "/{$netmask} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
                }
+            }

-			if ($isblock == true)
+            if ($isblock == true) {
                continue;
+            }

-			if ($dir == "in")
+            if ($dir == "in") {
                $inrules[$rindex] = $tmprule;
-			else if ($dir == "out")
+            } elseif ($dir == "out") {
                $outrules[$rindex] = $tmprule;
            }
-
+        }

        $state = "";
-		if (!empty($outrules))
+        if (!empty($outrules)) {
            $state = "no state";
+        }
        ksort($inrules, SORT_NUMERIC);
-		foreach ($inrules as $inrule)
+        foreach ($inrules as $inrule) {
            $finalrules .= "{$inrule} {$state}\n";
+        }
        if (!empty($outrules)) {
            ksort($outrules, SORT_NUMERIC);
-			foreach ($outrules as $outrule)
+            foreach ($outrules as $outrule) {
                $finalrules .= "{$outrule} {$state}\n";
            }
        }
+    }
    return $finalrules;
 }

@@ -186,15 +199,16 @@ function parse_cisco_acl($attribs) {
 * We will use our local hostname to make up the nas_id
 */
 if (!function_exists("getNasID")) {
-function getNasID()
-{
+    function getNasID()
+    {
        global $g;

        $nasId = gethostname();
-    if(empty($nasId))
+        if (empty($nasId)) {
            $nasId = $g['product_name'];
+        }
        return $nasId;
-}
+    }
 }

 /* setup syslog logging */
@@ -245,12 +259,14 @@ if (!is_array($authmodes)) {
 $attributes = array();
 foreach ($authmodes as $authmode) {
    $authcfg = auth_get_authserver($authmode);
-	if (!$authcfg && $authmode != "local")
+    if (!$authcfg && $authmode != "local") {
        continue;
+    }

    $authenticated = authenticate_user($username, $password, $authcfg);
-	if ($authenticated == true)
+    if ($authenticated == true) {
        break;
+    }
 }

 if ($authenticated == false) {
@@ -261,14 +277,15 @@ if ($authenticated == false) {

 if (empty($common_name)) {
    $common_name = getenv("common_name");
-	if (empty($common_name))
+    if (empty($common_name)) {
        $common_name = getenv("username");
+    }
 }

 $devname = getenv("dev");
-if (empty($devname))
+if (empty($devname)) {
    $devname = "openvpn";
-
+}

 $rules = parse_cisco_acl($attributes);
 if (!empty($rules)) {
@@ -281,13 +298,15 @@ if (!empty($rules)) {
 $content = "";
 if (is_array($attributes['dns-servers'])) {
    foreach ($attributes['dns-servers'] as $dnssrv) {
-                if (is_ipaddr($dnssrv))
+        if (is_ipaddr($dnssrv)) {
            $content .= "push \"dhcp-option DNS {$dnssrv}\"\n";
        }
+    }
 }
 if (is_array($attributes['routes'])) {
-        foreach ($attributes['routes'] as $route)
+    foreach ($attributes['routes'] as $route) {
        $content .= "push \"route {$route} vpn_gateway\"\n";
+    }
 }

 if (isset($attributes['framed_ip'])) {