Révision 95589abd
Ajouté par jim-p il y a presque 10 ans
etc/inc/vpn.inc | ||
---|---|---|
467 | 467 |
} |
468 | 468 |
} |
469 | 469 |
} else { |
470 |
list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, "local"); |
|
471 |
list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, "peer", $rgmap); |
|
470 | 472 |
|
471 |
$peerid_type = $ph1ent['peerid_type']; |
|
472 |
|
|
473 |
switch ($peerid_type) { |
|
474 |
case "peeraddress": |
|
475 |
$peerid_type = "address"; |
|
476 |
$peerid_data = $rgmap[$ph1ent['remote-gateway']]; |
|
477 |
break; |
|
478 |
|
|
479 |
case "address"; |
|
480 |
$peerid_data = $ph1ent['peerid_data']; |
|
481 |
break; |
|
482 |
|
|
483 |
case "fqdn"; |
|
484 |
case "keyid tag"; |
|
485 |
case "user_fqdn"; |
|
486 |
$peerid_data = $ph1ent['peerid_data']; |
|
487 |
break; |
|
488 |
} |
|
473 |
if (empty($peerid_data)) |
|
474 |
continue; |
|
489 | 475 |
|
490 |
if (!empty($peerid_data) && !empty($ph1ent['pre-shared-key'])) |
|
491 |
$pskconf .= trim($peerid_data) . " : PSK \"" . trim($ph1ent['pre-shared-key']) . "\"\n"; |
|
476 |
$myid = isset($ph1ent['mobile']) ? trim($myid_data) . " " : ""; |
|
477 |
$peerid = ($peerid_data != "allusers") ? trim($peerid_data) : ""; |
|
478 |
if (!empty($ph1ent['pre-shared-key'])) |
|
479 |
$pskconf .= $myid . $peerid . " : PSK \"" . trim($ph1ent['pre-shared-key']) . "\"\n"; |
|
492 | 480 |
} |
493 | 481 |
} |
494 | 482 |
} |
... | ... | |
561 | 549 |
if (!empty($ph1ent['iketype']) && $ph1ent['iketype'] != "ikev1") |
562 | 550 |
$keyexchange = "ikev2"; |
563 | 551 |
|
564 |
$myid_type = $ph1ent['myid_type']; |
|
565 |
switch ($myid_type) { |
|
566 |
case "myaddress": |
|
567 |
$myid_type = "address"; |
|
568 |
$myid_data = $ep; |
|
569 |
break; |
|
570 |
|
|
571 |
case "dyn_dns": |
|
572 |
$myid_type = "address"; |
|
573 |
$myid_data = resolve_retry($ph1ent['myid_data']); |
|
574 |
break; |
|
575 |
|
|
576 |
case "address"; |
|
577 |
$myid_data = $ph1ent['myid_data']; |
|
578 |
break; |
|
579 |
|
|
580 |
case "fqdn"; |
|
581 |
case "keyid tag"; |
|
582 |
case "user_fqdn"; |
|
583 |
case "asn1dn"; |
|
584 |
$myid_data = $ph1ent['myid_data']; |
|
585 |
if( $myid_data ) |
|
586 |
$myid_data = "{$myid_data}"; |
|
587 |
break; |
|
588 |
} |
|
589 |
|
|
590 |
$peerid_type = $ph1ent['peerid_type']; |
|
591 |
switch ($peerid_type) { |
|
592 |
case "peeraddress": |
|
593 |
$peerid_type = "address"; |
|
594 |
$peerid_data = $rgip; |
|
595 |
break; |
|
596 |
|
|
597 |
case "address"; |
|
598 |
$peerid_data = $ph1ent['peerid_data']; |
|
599 |
break; |
|
600 |
|
|
601 |
case "fqdn"; |
|
602 |
case "keyid tag"; |
|
603 |
case "user_fqdn"; |
|
604 |
case "asn1dn"; |
|
605 |
$peerid_data = $ph1ent['peerid_data']; |
|
606 |
if( $peerid_data ) |
|
607 |
$peerid_data = "{$peerid_data}"; |
|
608 |
break; |
|
609 |
} |
|
552 |
list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, "local"); |
|
553 |
list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, "peer", $rgmap); |
|
610 | 554 |
|
611 | 555 |
/* Only specify peer ID if we are not dealing with a mobile PSK-only tunnel */ |
612 | 556 |
$peerid_spec = ''; |
Formats disponibles : Unified diff
Move duplicated code into a function; Include local ID on mobile tunnel key line in ipsec.secrets.