Fixes 21

2015-09-28 17:25:43 +02:00
parent e001f16c2d
commit d1d4ac7358
7 changed files with 182 additions and 129 deletions
--- a/conf/openvpn_client.conf.tpl
+++ b/conf/openvpn_client.conf.tpl
@@ -23,6 +23,7 @@ comp-lzo adaptive
 # TLS
 tls-client
 <TPL:TA_COMMENT>tls-auth /etc/openvpn/keys/user_ta.key 1
 remote-cert-tls server
 ca /etc/openvpn/keys/ca-server.crt
 <TPL:CERT_COMMENT>cert /etc/openvpn/keys/user.crt
--- a/conf/ynh-vpnclient
+++ b/conf/ynh-vpnclient
@@ -114,6 +114,12 @@ start_openvpn() {
    sed 's|^<TPL:CERT_COMMENT>|;|' -i /etc/openvpn/client.conf
  fi
  if [ -e /etc/openvpn/keys/user_ta.key ]; then
    sed 's|^<TPL:TA_COMMENT>||' -i /etc/openvpn/client.conf
  else
    sed 's|^<TPL:TA_COMMENT>|;|' -i /etc/openvpn/client.conf
  fi
  if [[ "${proto}" =~ udp ]]; then
    sed 's|^<TPL:UDP_COMMENT>||' -i /etc/openvpn/client.conf
  else
--- a/sources/controller.php
+++ b/sources/controller.php
@@ -78,6 +78,7 @@ dispatch('/', function() {
  set('ip6_net', $ip6_net);
  set('crt_client_exists', file_exists('/etc/openvpn/keys/user.crt'));
  set('crt_client_key_exists', file_exists('/etc/openvpn/keys/user.key'));
  set('crt_client_ta_exists', file_exists('/etc/openvpn/keys/user_ta.key'));
  set('crt_server_ca_exists', file_exists('/etc/openvpn/keys/ca-server.crt'));
  set('faststatus', service_faststatus() == 0);
  set('raw_openvpn', $raw_openvpn);
@@ -180,6 +181,12 @@ dispatch_put('/settings', function() {
    } elseif($_POST['crt_client_key_delete'] == 1) {
      unlink('/etc/openvpn/keys/user.key');
    }
    if($_FILES['crt_client_ta']['error'] == UPLOAD_ERR_OK) {
      move_uploaded_file($_FILES['crt_client_ta']['tmp_name'], '/etc/openvpn/keys/user_ta.key');
    } elseif($_POST['crt_client_ta_delete'] == 1) {
      unlink('/etc/openvpn/keys/user_ta.key');
    }
    if($_FILES['crt_server_ca']['error'] == UPLOAD_ERR_OK) {
      move_uploaded_file($_FILES['crt_server_ca']['tmp_name'], '/etc/openvpn/keys/ca-server.crt');
--- a/sources/i18n/fr_FR/LC_MESSAGES/localization.mo
+++ b/sources/i18n/fr_FR/LC_MESSAGES/localization.mo
--- a/sources/i18n/fr_FR/LC_MESSAGES/localization.po
+++ b/sources/i18n/fr_FR/LC_MESSAGES/localization.po
@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: data 2\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-09-28 16:51+0200\n"
+"POT-Creation-Date: 2015-09-28 17:23+0200\n"
-"PO-Revision-Date: 2015-09-28 16:52+0200\n"
+"PO-Revision-Date: 2015-09-28 17:25+0200\n"
 "Last-Translator: samy boutayeb <samy@langues-etcetera.fr>\n"
 "Language-Team: none\n"
 "Language: fr\n"
@@ -19,62 +19,62 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n > 1);\n"
 "X-Generator: Poedit 1.8.4\n"
-#: sources/controller.php:102
+#: sources/controller.php:103
 msgid "The Server Address, the Server Port and the Protocol cannot be empty"
 msgstr ""
 "L'adresse du serveur, le port du serveur et le protocole ne peuvent pas être "
 "vides"
-#: sources/controller.php:106
+#: sources/controller.php:107
 msgid "The Server Port must be only composed of digits"
 msgstr "Le port du serveur ne peut correspondre qu'à des chiffres"
-#: sources/controller.php:110
+#: sources/controller.php:111
 msgid "The Protocol must be \"udp\" or \"tcp\""
 msgstr "Le protocole ne peut correspondre qu'à \"udp\" ou \"tcp\""
-#: sources/controller.php:114
+#: sources/controller.php:115
 msgid "You need to define two DNS resolver addresses"
 msgstr "Vous devez définir deux adresses de résolveur DNS"
-#: sources/controller.php:120
+#: sources/controller.php:121
 msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
 msgstr ""
 "Un certificat client est nécessaire si vous proposez une clé, et inversement"
-#: sources/controller.php:124
+#: sources/controller.php:125
 msgid "A Password is needed when you suggest a Username, or vice versa"
 msgstr ""
 "Un mot de passe est nécessaire si vous proposez un nom d'utilisateur, et "
 "inversement"
-#: sources/controller.php:128
+#: sources/controller.php:129
 msgid "You need a Server CA."
 msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
-#: sources/controller.php:132
+#: sources/controller.php:133
 msgid "You need either a Client Certificate, either a Username, or both"
 msgstr ""
 "Vous devez avoir soit un certificat client, soit un nom d'utilisateur, soit "
 "les deux"
-#: sources/controller.php:139
+#: sources/controller.php:140
 msgid "The IPv6 Delegated Prefix format looks bad"
 msgstr "Le format du préfixe IPv6 délégué semble incorrect"
-#: sources/controller.php:150
+#: sources/controller.php:151
 msgid "configuration not updated"
 msgstr "configuration non-mise à jour"
-#: sources/controller.php:197
+#: sources/controller.php:204
 msgid "Configuration updated and service successfully reloaded"
 msgstr "Configuration mise à jour et service correctement rechargé"
-#: sources/controller.php:199
+#: sources/controller.php:206
 msgid "Configuration updated but service reload failed"
 msgstr "Configuration mise à jour mais le rechargement du service a échoué"
-#: sources/controller.php:203
+#: sources/controller.php:210
 msgid "Service successfully disabled"
 msgstr "Service désactivé avec succès"
@@ -87,7 +87,7 @@ msgid "Error"
 msgstr "Erreur"
 #: sources/views/layout.html.php:54 sources/views/settings.html.php:117
-#: sources/views/settings.html.php:157
+#: sources/views/settings.html.php:131
 msgid "Notice"
 msgstr "Notice"
@@ -197,92 +197,105 @@ msgstr ""
 msgid "Authentication"
 msgstr "Authentification"
-#: sources/views/settings.html.php:128
+#: sources/views/settings.html.php:131
-msgid "Update Client Cert."
+msgid "You need to upload a Server CA for starting your VPN Client."
-msgstr "Actualiser le certificat client"
+msgstr "Vous devez transférer un CA de serveur pour démarrer votre client VPN."
-#: sources/views/settings.html.php:128
+#: sources/views/settings.html.php:135
-msgid "Upload Client Cert."
+msgid "Update Server CA"
-msgstr "Téléverser le certificat client"
+msgstr "Actualiser le CA du serveur"
-#: sources/views/settings.html.php:131 sources/views/settings.html.php:144
+#: sources/views/settings.html.php:135
-msgid "Delete this certificate"
+msgid "Upload Server CA"
-msgstr "Supprimer ce certificat"
+msgstr "Transférer le CA du serveur"
-#: sources/views/settings.html.php:136 sources/views/settings.html.php:149
+#: sources/views/settings.html.php:138
-#: sources/views/settings.html.php:169
+msgid "You cannot have no server CA"
 msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
 #: sources/views/settings.html.php:143 sources/views/settings.html.php:156
 #: sources/views/settings.html.php:169 sources/views/settings.html.php:182
 msgid "Browse"
 msgstr "Parcourir"
-#: sources/views/settings.html.php:141
+#: sources/views/settings.html.php:148
 msgid "Update Client Cert."
 msgstr "Actualiser le certificat client"
 #: sources/views/settings.html.php:148
 msgid "Upload Client Cert."
 msgstr "Téléverser un certificat client"
 #: sources/views/settings.html.php:151 sources/views/settings.html.php:164
 #: sources/views/settings.html.php:177
 msgid "Delete this certificate"
 msgstr "Supprimer ce certificat"
 #: sources/views/settings.html.php:161
 msgid "Update Client Key"
 msgstr "Actualiser la clé client"
-#: sources/views/settings.html.php:141
+#: sources/views/settings.html.php:161
 msgid "Upload Client Key"
-msgstr "Téléverser la clé client"
+msgstr "Téléverser un clé client"
-#: sources/views/settings.html.php:147
+#: sources/views/settings.html.php:167 sources/views/settings.html.php:180
 msgid "Make sure your browser is able to read the key file before uploading"
 msgstr ""
 "Assurez-vous que votre navigateur peut lire le fichier contenant la clé "
 "avant de le téléverser"
-#: sources/views/settings.html.php:149
+#: sources/views/settings.html.php:169 sources/views/settings.html.php:182
 msgid "make sure your browser is able to read the key file before uploading"
 msgstr ""
 "assurez-vous que votre navigateur peut lire le fichier contenant la clé "
 "avant de le téléverser"
-#: sources/views/settings.html.php:157
+#: sources/views/settings.html.php:174
-msgid "You need to upload a Server CA for starting your VPN Client."
+msgid "ta.key"
-msgstr "Vous devez transférer un CA de serveur pour démarrer votre client VPN."
+msgstr "ta.key"
 #: sources/views/settings.html.php:161
 msgid "Update Server CA"
 msgstr "Actualiser le CA du serveur"
 #: sources/views/settings.html.php:161
 msgid "Upload Server CA"
 msgstr "Transférer le CA du serveur"
 #: sources/views/settings.html.php:164
 msgid "You cannot have no server CA"
 msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
 #: sources/views/settings.html.php:174
 msgid "Update Shared-Secret"
 msgstr "Actualiser le secret partagé"
 #: sources/views/settings.html.php:174
 msgid "Upload Shared-Secret"
 msgstr "Téléverser un secret partagé"
 #: sources/views/settings.html.php:187
 msgid "Username"
 msgstr "Nom d'utilisateur"
-#: sources/views/settings.html.php:176 sources/views/settings.html.php:183
+#: sources/views/settings.html.php:189 sources/views/settings.html.php:196
 msgid "Leave empty if not necessary"
 msgstr "Laisser vide si non nécessaire"
-#: sources/views/settings.html.php:181
+#: sources/views/settings.html.php:194
 msgid "Password"
 msgstr "Mot de passe"
-#: sources/views/settings.html.php:191
+#: sources/views/settings.html.php:204
 msgid "DNS"
 msgstr "DNS"
-#: sources/views/settings.html.php:196
+#: sources/views/settings.html.php:209
 msgid "First resolver"
 msgstr "Premier résolveur"
-#: sources/views/settings.html.php:198 sources/views/settings.html.php:205
+#: sources/views/settings.html.php:211 sources/views/settings.html.php:218
 msgid "IPv6 or IPv4"
 msgstr "IPv6 ou IPv4"
-#: sources/views/settings.html.php:203
+#: sources/views/settings.html.php:216
 msgid "Second resolver"
 msgstr "Second résolveur"
-#: sources/views/settings.html.php:213
+#: sources/views/settings.html.php:226
 msgid "Reloading may take a few minutes. Be patient."
 msgstr "Le rechargement peut prendre quelques minutes. Soyez patient."
-#: sources/views/settings.html.php:213
+#: sources/views/settings.html.php:226
 msgid "Save and reload"
 msgstr "Sauvegarder et recharger"
--- a/sources/i18n/localization.pot
+++ b/sources/i18n/localization.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-09-28 16:51+0200\n"
+"POT-Creation-Date: 2015-09-28 17:23+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,55 +17,55 @@ msgstr ""
 "Content-Type: text/plain; charset=CHARSET\n"
 "Content-Transfer-Encoding: 8bit\n"
-#: sources/controller.php:102
+#: sources/controller.php:103
 msgid "The Server Address, the Server Port and the Protocol cannot be empty"
 msgstr ""
-#: sources/controller.php:106
+#: sources/controller.php:107
 msgid "The Server Port must be only composed of digits"
 msgstr ""
-#: sources/controller.php:110
+#: sources/controller.php:111
 msgid "The Protocol must be \"udp\" or \"tcp\""
 msgstr ""
-#: sources/controller.php:114
+#: sources/controller.php:115
 msgid "You need to define two DNS resolver addresses"
 msgstr ""
-#: sources/controller.php:120
+#: sources/controller.php:121
 msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
 msgstr ""
-#: sources/controller.php:124
+#: sources/controller.php:125
 msgid "A Password is needed when you suggest a Username, or vice versa"
 msgstr ""
-#: sources/controller.php:128
+#: sources/controller.php:129
 msgid "You need a Server CA."
 msgstr ""
-#: sources/controller.php:132
+#: sources/controller.php:133
 msgid "You need either a Client Certificate, either a Username, or both"
 msgstr ""
-#: sources/controller.php:139
+#: sources/controller.php:140
 msgid "The IPv6 Delegated Prefix format looks bad"
 msgstr ""
-#: sources/controller.php:150
+#: sources/controller.php:151
 msgid "configuration not updated"
 msgstr ""
-#: sources/controller.php:197
+#: sources/controller.php:204
 msgid "Configuration updated and service successfully reloaded"
 msgstr ""
-#: sources/controller.php:199
+#: sources/controller.php:206
 msgid "Configuration updated but service reload failed"
 msgstr ""
-#: sources/controller.php:203
+#: sources/controller.php:210
 msgid "Service successfully disabled"
 msgstr ""
@@ -78,7 +78,7 @@ msgid "Error"
 msgstr ""
 #: sources/views/layout.html.php:54 sources/views/settings.html.php:117
-#: sources/views/settings.html.php:157
+#: sources/views/settings.html.php:131
 msgid "Notice"
 msgstr ""
@@ -181,87 +181,100 @@ msgstr ""
 msgid "Authentication"
 msgstr ""
-#: sources/views/settings.html.php:128
+#: sources/views/settings.html.php:131
 msgid "Update Client Cert."
 msgstr ""
 #: sources/views/settings.html.php:128
 msgid "Upload Client Cert."
 msgstr ""
 #: sources/views/settings.html.php:131 sources/views/settings.html.php:144
 msgid "Delete this certificate"
 msgstr ""
 #: sources/views/settings.html.php:136 sources/views/settings.html.php:149
 #: sources/views/settings.html.php:169
 msgid "Browse"
 msgstr ""
 #: sources/views/settings.html.php:141
 msgid "Update Client Key"
 msgstr ""
 #: sources/views/settings.html.php:141
 msgid "Upload Client Key"
 msgstr ""
 #: sources/views/settings.html.php:147
 msgid "Make sure your browser is able to read the key file before uploading"
 msgstr ""
 #: sources/views/settings.html.php:149
 msgid "make sure your browser is able to read the key file before uploading"
 msgstr ""
 #: sources/views/settings.html.php:157
 msgid "You need to upload a Server CA for starting your VPN Client."
 msgstr ""
-#: sources/views/settings.html.php:161
+#: sources/views/settings.html.php:135
 msgid "Update Server CA"
 msgstr ""
-#: sources/views/settings.html.php:161
+#: sources/views/settings.html.php:135
 msgid "Upload Server CA"
 msgstr ""
-#: sources/views/settings.html.php:164
+#: sources/views/settings.html.php:138
 msgid "You cannot have no server CA"
 msgstr ""
 #: sources/views/settings.html.php:143 sources/views/settings.html.php:156
 #: sources/views/settings.html.php:169 sources/views/settings.html.php:182
 msgid "Browse"
 msgstr ""
 #: sources/views/settings.html.php:148
 msgid "Update Client Cert."
 msgstr ""
 #: sources/views/settings.html.php:148
 msgid "Upload Client Cert."
 msgstr ""
 #: sources/views/settings.html.php:151 sources/views/settings.html.php:164
 #: sources/views/settings.html.php:177
 msgid "Delete this certificate"
 msgstr ""
 #: sources/views/settings.html.php:161
 msgid "Update Client Key"
 msgstr ""
 #: sources/views/settings.html.php:161
 msgid "Upload Client Key"
 msgstr ""
 #: sources/views/settings.html.php:167 sources/views/settings.html.php:180
 msgid "Make sure your browser is able to read the key file before uploading"
 msgstr ""
 #: sources/views/settings.html.php:169 sources/views/settings.html.php:182
 msgid "make sure your browser is able to read the key file before uploading"
 msgstr ""
 #: sources/views/settings.html.php:174
 msgid "ta.key"
 msgstr ""
 #: sources/views/settings.html.php:174
 msgid "Update Shared-Secret"
 msgstr ""
 #: sources/views/settings.html.php:174
 msgid "Upload Shared-Secret"
 msgstr ""
 #: sources/views/settings.html.php:187
 msgid "Username"
 msgstr ""
-#: sources/views/settings.html.php:176 sources/views/settings.html.php:183
+#: sources/views/settings.html.php:189 sources/views/settings.html.php:196
 msgid "Leave empty if not necessary"
 msgstr ""
-#: sources/views/settings.html.php:181
+#: sources/views/settings.html.php:194
 msgid "Password"
 msgstr ""
-#: sources/views/settings.html.php:191
+#: sources/views/settings.html.php:204
 msgid "DNS"
 msgstr ""
-#: sources/views/settings.html.php:196
+#: sources/views/settings.html.php:209
 msgid "First resolver"
 msgstr ""
-#: sources/views/settings.html.php:198 sources/views/settings.html.php:205
+#: sources/views/settings.html.php:211 sources/views/settings.html.php:218
 msgid "IPv6 or IPv4"
 msgstr ""
-#: sources/views/settings.html.php:203
+#: sources/views/settings.html.php:216
 msgid "Second resolver"
 msgstr ""
-#: sources/views/settings.html.php:213
+#: sources/views/settings.html.php:226
 msgid "Reloading may take a few minutes. Be patient."
 msgstr ""
-#: sources/views/settings.html.php:213
+#: sources/views/settings.html.php:226
 msgid "Save and reload"
 msgstr ""
--- a/sources/views/settings.html.php
+++ b/sources/views/settings.html.php
@@ -124,6 +124,26 @@
        </div>
        <div style="padding: 14px 14px 0 10px">
          <div class="form-group">
            <?php if(!$crt_server_ca_exists): ?>
              <div class="alert alert-dismissible alert-warning fade in" style="margin: 2px 16px 17px" role="alert">
                <button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">&times;</span><span class="sr-only">Close</span></button>
                <strong><?= _('Notice') ?>:</strong> <?= _("You need to upload a Server CA for starting your VPN Client.") ?>
              </div>
            <?php endif; ?>
            <label for="crt_server_ca" class="col-sm-3 control-label"><?= $crt_server_ca_exists ? _('Update Server CA') : _('Upload Server CA') ?></label>
            <div class="input-group col-sm-9" style="padding: 0 15px">
              <?php if($crt_server_ca_exists): ?>
                <a class="btn btn-danger not-allowed btn-disabled input-group-addon" id="crt_server_ca_deletebtn" data-toggle="tooltip" data-title="<?= _('You cannot have no server CA') ?>"><span class="glyphicon glyphicon-remove"></span></a>
                <input id="crt_server_ca_delete" name="crt_server_ca_delete" type="checkbox" value="1" style="display: none" />
              <?php endif; ?>
              <input type="text" class="form-control fileinput" id="crt_server_ca_choosertxt" placeholder="-----BEGIN CERTIFICATE-----" readonly="readonly" />
              <input id="crt_server_ca" name="crt_server_ca" type="file" style="display: none" />
              <a class="btn input-group-addon fileinput" id="crt_server_ca_chooserbtn" data-toggle="tooltip" data-title="<?= _('Browse') ?>"><span class="glyphicon glyphicon-search"></span></a>
            </div>
          </div>
          <div class="form-group">
            <label for="crt_client" class="col-sm-3 control-label"><?= $crt_client_exists ? _('Update Client Cert.') : _('Upload Client Cert.') ?></label>
            <div class="input-group col-sm-9" style="padding: 0 15px">
@@ -151,22 +171,15 @@
          </div>
          <div class="form-group">
-            <?php if(!$crt_server_ca_exists): ?>
+            <label for="crt_client_ta" class="col-sm-3 control-label" data-toggle="tooltip" data-title="<?= _('ta.key') ?>"><?= $crt_client_ta_exists ? _('Update Shared-Secret') : _('Upload Shared-Secret') ?></label>
              <div class="alert alert-dismissible alert-warning fade in" style="margin: 2px 16px 17px" role="alert">
                <button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">&times;</span><span class="sr-only">Close</span></button>
                <strong><?= _('Notice') ?>:</strong> <?= _("You need to upload a Server CA for starting your VPN Client.") ?>
              </div>
            <?php endif; ?>
            <label for="crt_server_ca" class="col-sm-3 control-label"><?= $crt_server_ca_exists ? _('Update Server CA') : _('Upload Server CA') ?></label>
            <div class="input-group col-sm-9" style="padding: 0 15px">
-              <?php if($crt_server_ca_exists): ?>
+              <?php if($crt_client_ta_exists): ?>
-                <a class="btn btn-danger not-allowed btn-disabled input-group-addon" id="crt_server_ca_deletebtn" data-toggle="tooltip" data-title="<?= _('You cannot have no server CA') ?>"><span class="glyphicon glyphicon-remove"></span></a>
+                <a class="btn btn-danger input-group-addon deletefile" id="crt_client_ta_deletebtn" data-toggle="tooltip" data-title="<?= _('Delete this certificate') ?>"><span class="glyphicon glyphicon-remove"></span></a>
-                <input id="crt_server_ca_delete" name="crt_server_ca_delete" type="checkbox" value="1" style="display: none" />
+                <input id="crt_client_ta_delete" name="crt_client_ta_delete" type="checkbox" value="1" style="display: none" />
              <?php endif; ?>
-              <input type="text" class="form-control fileinput" id="crt_server_ca_choosertxt" placeholder="-----BEGIN CERTIFICATE-----" readonly="readonly" />
+              <input type="text" class="form-control fileinput" id="crt_client_ta_choosertxt" data-toggle="tooltip" data-title="<?= _('Make sure your browser is able to read the key file before uploading') ?>" placeholder="-----BEGIN PRIVATE KEY-----" readonly="readonly" />
-              <input id="crt_server_ca" name="crt_server_ca" type="file" style="display: none" />
+              <input id="crt_client_ta" name="crt_client_ta" type="file" style="display: none" />
-              <a class="btn input-group-addon fileinput" id="crt_server_ca_chooserbtn" data-toggle="tooltip" data-title="<?= _('Browse') ?>"><span class="glyphicon glyphicon-search"></span></a>
+              <a class="btn input-group-addon fileinput" id="crt_client_ta_chooserbtn" data-toggle="tooltip" data-title="<?= _('Browse') ?> (<?= _('make sure your browser is able to read the key file before uploading') ?>)"><span class="glyphicon glyphicon-search"></span></a>
            </div>
          </div>