From a79fa1d627d96b002b199871d5ae4cc045fffee2 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Fri, 16 Apr 2010 23:17:36 +0200 Subject: [PATCH] Fixed bug 490 additional option is added to support crypto chips, but this is still disabled --- html/cgi-bin/ovpnmain.cgi | 84 ++++++++++++++++++++++++++++++++++----- 1 file changed, 74 insertions(+), 10 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 3bbcf1ca1..ca7c2df9b 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -70,6 +70,8 @@ $cgiparams{'DHCP_DOMAIN'} = ''; $cgiparams{'DHCP_DNS'} = ''; $cgiparams{'DHCP_WINS'} = ''; $cgiparams{'DCOMPLZO'} = 'off'; +$cgiparams{'MSSFIX'} = ''; + &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'}); # prepare openvpn config file @@ -332,6 +334,12 @@ sub writeserverconf { if ($sovpnsettings{CLIENT2CLIENT} eq 'on') { print CONF "client-to-client\n"; } + if ($sovpnsettings{MSSFIX} eq 'on') { + print CONF "mssfix\n"; + } + if ($sovpnsettings{FRAGMENT} ne '') { + print CONF "fragment $sovpnsettings{'FRAGMENT'}\n"; + } if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) { print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n"; } @@ -358,8 +366,7 @@ sub writeserverconf { if ($sovpnsettings{DHCP_WINS} eq '') { print CONF "max-clients 100\n"; - } - + } if ($sovpnsettings{DHCP_WINS} ne '') { print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n"; } @@ -449,6 +456,21 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'}; $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'}; + if ($cgiparams{'FRAGMENT'} eq '') { + delete $vpnsettings{'FRAGMENT'}; + } else { + if ($cgiparams{'FRAGMENT'} !~ /^[0-9]+$/) { + $errormessage = "Incorrect value, please insert only numbers."; + goto ADV_ERROR; + } else { + $vpnsettings{'FRAGMENT'} = $cgiparams{'FRAGMENT'}; + } + } + if ($cgiparams{'MSSFIX'} ne 'on') { + delete $vpnsettings{'MSSFIX'}; + } else { + $vpnsettings{'MSSFIX'} = $cgiparams{'MSSFIX'}; + } if ($cgiparams{'DHCP_DOMAIN'} ne ''){ unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) { $errormessage = $Lang::tr{'invalid input for dhcp domain'}; @@ -1380,7 +1402,13 @@ END } print CLIENTCONF "verb 3\r\n"; print CLIENTCONF "ns-cert-type server\r\n"; - print CLIENTCONF "tls-remote $vpnsettings{ROOTCERT_HOSTNAME}\r\n"; + print CLIENTCONF "tls-remote $vpnsettings{ROOTCERT_HOSTNAME}\r\n"; + if ($vpnsettings{MSSFIX} eq 'on') { + print CLIENTCONF "mssfix\r\n"; + } + if ($vpnsettings{FRAGMENT} ne '') { + print CLIENTCONF "fragment $vpnsettings{'FRAGMENT'}\r\n"; + } close(CLIENTCONF); $zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n"; my $status = $zip->writeToFileNamed($zippathname); @@ -1500,6 +1528,10 @@ ADV_ERROR: $checked{'REDIRECT_GW_DEF1'}{'off'} = ''; $checked{'REDIRECT_GW_DEF1'}{'on'} = ''; $checked{'REDIRECT_GW_DEF1'}{$cgiparams{'REDIRECT_GW_DEF1'}} = 'CHECKED'; + $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED'; + $checked{'MSSFIX'}{'off'} = ''; + $checked{'MSSFIX'}{'on'} = ''; + $checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED'; $selected{'LOG_VERB'}{'1'} = ''; $selected{'LOG_VERB'}{'2'} = ''; $selected{'LOG_VERB'}{'3'} = ''; @@ -1513,6 +1545,8 @@ ADV_ERROR: $selected{'LOG_VERB'}{'11'} = ''; $selected{'LOG_VERB'}{'0'} = ''; $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED'; + + &Header::showhttpheaders(); &Header::openpage($Lang::tr{'status ovpn'}, 1, ''); @@ -1552,7 +1586,7 @@ ADV_ERROR: $Lang::tr{'misc-options'} - + Client-To-Client @@ -1564,20 +1598,50 @@ ADV_ERROR: Max-Clients - - - Keppalive (ping/ping-restart) - - + + + Keppalive
+ (ping/ping-restart) + + + + + fragment
+ + Default: 1300 + + + mssfix + + Default: on + + +
- +
$Lang::tr{'log-options'}
VERB