Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- config/rootfiles/common/web-user-interface | 1 + doc/language_issues.de | 1 + doc/language_issues.en | 1 + doc/language_issues.es | 1 + doc/language_issues.fr | 1 + doc/language_issues.it | 1 + doc/language_issues.nl | 1 + doc/language_issues.pl | 1 + doc/language_issues.ru | 1 + doc/language_issues.tr | 1 + doc/language_missings | 8 ++ html/cgi-bin/vpnmain.cgi | 135 ++++++++++++++++++++- html/html/images/apple.png | Bin 0 -> 346 bytes langs/en/cgi-bin/en.pl | 1 + 14 files changed, 153 insertions(+), 1 deletion(-) create mode 100644 html/html/images/apple.png
diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface index 9aaa05631..7d67c346c 100644 --- a/config/rootfiles/common/web-user-interface +++ b/config/rootfiles/common/web-user-interface @@ -117,6 +117,7 @@ srv/web/ipfire/html/images/add.gif srv/web/ipfire/html/images/addblue.gif srv/web/ipfire/html/images/addgreen.gif srv/web/ipfire/html/images/address-book-new.png +srv/web/ipfire/html/images/apple.png srv/web/ipfire/html/images/application-certificate.png srv/web/ipfire/html/images/application-x-executable.png srv/web/ipfire/html/images/applications-accessories.png diff --git a/doc/language_issues.de b/doc/language_issues.de index 2dc986d0a..d53bfa601 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -767,6 +767,7 @@ WARNING: translation string unused: zoneconf val ppp assignment error WARNING: translation string unused: zoneconf val vlan amount assignment error WARNING: translation string unused: zoneconf val vlan tag assignment error WARNING: translation string unused: zoneconf val zoneslave amount error +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date! WARNING: untranslated string: fwhost cust geoipgrp = unknown string WARNING: untranslated string: fwhost err hostip = unknown string diff --git a/doc/language_issues.en b/doc/language_issues.en index 88fa6ed79..dc40a08bb 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -656,6 +656,7 @@ WARNING: untranslated string: downlink = Downlink WARNING: untranslated string: downlink speed = Downlink speed (kbit/sec) WARNING: untranslated string: downlink std class = downlink standard class WARNING: untranslated string: download = download +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: download ca certificate = Download CA certificate WARNING: untranslated string: download certificate = Download file WARNING: untranslated string: download host certificate = Download host certificate diff --git a/doc/language_issues.es b/doc/language_issues.es index ef78d6680..933e99eca 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -849,6 +849,7 @@ WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been WARNING: untranslated string: dnssec not supported = DNSSEC Not supported WARNING: untranslated string: dnssec validating = DNSSEC Validating WARNING: untranslated string: downlink = Downlink +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: download tls-auth key = Download tls-auth key WARNING: untranslated string: dpd delay = Delay WARNING: untranslated string: dpd timeout = Timeout diff --git a/doc/language_issues.fr b/doc/language_issues.fr index fd10b171e..fd9f8296c 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -807,6 +807,7 @@ WARNING: translation string unused: zoneconf val ppp assignment error WARNING: translation string unused: zoneconf val vlan amount assignment error WARNING: translation string unused: zoneconf val vlan tag assignment error WARNING: translation string unused: zoneconf val zoneslave amount error +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: fwhost cust geoipgrp = unknown string WARNING: untranslated string: fwhost err hostip = unknown string WARNING: untranslated string: guardian block a host = unknown string diff --git a/doc/language_issues.it b/doc/language_issues.it index 16ff776b5..e77b1ef3f 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -862,6 +862,7 @@ WARNING: untranslated string: dns use protocol for dns queries = Protocol for DN WARNING: untranslated string: dnsforward dnssec disabled = DNSSEC Validation is disabled WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: duration = Duration WARNING: untranslated string: eight hours = 8 Hours WARNING: untranslated string: email config = Configuration diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 328a8e1f2..ca6dec27e 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -865,6 +865,7 @@ WARNING: untranslated string: dnssec aware = DNSSEC Aware WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled WARNING: untranslated string: dnssec not supported = DNSSEC Not supported WARNING: untranslated string: dnssec validating = DNSSEC Validating +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: download tls-auth key = Download tls-auth key WARNING: untranslated string: drop outgoing = Log dropped outgoing packets WARNING: untranslated string: duration = Duration diff --git a/doc/language_issues.pl b/doc/language_issues.pl index ef78d6680..933e99eca 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -849,6 +849,7 @@ WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been WARNING: untranslated string: dnssec not supported = DNSSEC Not supported WARNING: untranslated string: dnssec validating = DNSSEC Validating WARNING: untranslated string: downlink = Downlink +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: download tls-auth key = Download tls-auth key WARNING: untranslated string: dpd delay = Delay WARNING: untranslated string: dpd timeout = Timeout diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 0a579d406..1fed38304 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -853,6 +853,7 @@ WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been WARNING: untranslated string: dnssec not supported = DNSSEC Not supported WARNING: untranslated string: dnssec validating = DNSSEC Validating WARNING: untranslated string: downlink = Downlink +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: download tls-auth key = Download tls-auth key WARNING: untranslated string: dpd delay = Delay WARNING: untranslated string: dpd timeout = Timeout diff --git a/doc/language_issues.tr b/doc/language_issues.tr index d04c99305..c716af76d 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -838,6 +838,7 @@ WARNING: untranslated string: dns use isp assigned nameservers = Use ISP-assigne WARNING: untranslated string: dns use protocol for dns queries = Protocol for DNS queries WARNING: untranslated string: dnsforward dnssec disabled = DNSSEC Validation is disabled WARNING: untranslated string: dnsforward forward_servers = Nameservers +WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: duration = Duration WARNING: untranslated string: email tls explicit = explicit (STARTTLS) WARNING: untranslated string: email tls implicit = implicit (TLS) diff --git a/doc/language_missings b/doc/language_missings index bfc3ba41f..cff74f9b0 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -32,6 +32,7 @@ < dh name is invalid < dns could not add server < done +< download apple profile < error the to date has to be later than the from date < g.dtm < g.lite @@ -248,6 +249,7 @@ < dns use isp assigned nameservers < dns use protocol for dns queries < downlink +< download apple profile < download dh parameter < download tls-auth key < dpd delay @@ -918,6 +920,7 @@ < ansi t1.483 < bewan adsl pci st < bewan adsl usb +< download apple profile < g.dtm < g.lite < upload fcdsl.o @@ -1031,6 +1034,7 @@ < dns tls hostname < dns use isp assigned nameservers < dns use protocol for dns queries +< download apple profile < duration < eight hours < email config @@ -1397,6 +1401,7 @@ < dns tls hostname < dns use isp assigned nameservers < dns use protocol for dns queries +< download apple profile < download dh parameter < download tls-auth key < drop outgoing @@ -1878,6 +1883,7 @@ < dns use isp assigned nameservers < dns use protocol for dns queries < downlink +< download apple profile < download dh parameter < download tls-auth key < dpd delay @@ -2729,6 +2735,7 @@ < dns use isp assigned nameservers < dns use protocol for dns queries < downlink +< download apple profile < download dh parameter < download tls-auth key < dpd delay @@ -3422,6 +3429,7 @@ < dns tls hostname < dns use isp assigned nameservers < dns use protocol for dns queries +< download apple profile < duration < email tls explicit < email tls implicit diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 2d0f57f98..9c0d72c88 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -19,6 +19,7 @@ # # ###############################################################################
+use MIME::Base64; use Net::DNS; use File::Copy; use File::Temp qw/ tempfile tempdir /; @@ -1178,6 +1179,122 @@ END print `/bin/cat ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1].p12`; exit (0);
+# Export Apple profile to browser +} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download apple profile'}) { + &General::readhasharray("${General::swroot}/vpn/config", %confighash); + my $key = $cgiparams{'KEY'}; + + my $uuid1 = "AAAABBBB"; + my $uuid2 = "CCCCDDDD"; + + my $cert = ""; + my $cert_uuid = "123456789"; + + # Read and encode certificate + if ($confighash{$key}[4] eq "cert") { + my $cert_path = "${General::swroot}/certs/$confighash{$key}[1].p12"; + + # Read certificate and encode it into Base64 + open(CERT, "<${cert_path}"); + local($/) = undef; # slurp + $cert = MIME::Base64::encode_base64(<CERT>); + close(CERT); + } + + print "Content-Type: application/octet-stream\n"; + print "Content-Disposition: attachment; filename=" . $confighash{$key}[1] . ".mobileconfig\n"; + print "\n"; # end headers + + print "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n"; + print "<plist version="1.0">\n"; + print " <dict>\n"; + print " <key>PayloadDisplayName</key>\n"; + print " <string>$confighash{$key}[1]</string>\n"; + print " <key>PayloadIdentifier</key>\n"; + print " <string>$confighash{$key}[1]</string>\n"; + print " <key>PayloadUUID</key>\n"; + print " <string>${uuid1}</string>\n"; + print " <key>PayloadType</key>\n"; + print " <string>Configuration</string>\n"; + print " <key>PayloadVersion</key>\n"; + print " <integer>1</integer>\n"; + print " <key>PayloadContent</key>\n"; + print " <array>\n"; + print " <dict>\n"; + print " <key>PayloadIdentifier</key>\n"; + print " <string>org.example.vpn1.conf1</string>\n"; + print " <key>PayloadUUID</key>\n"; + print " <string>${uuid2}</string>\n"; + print " <key>PayloadType</key>\n"; + print " <string>com.apple.vpn.managed</string>\n"; + print " <key>PayloadVersion</key>\n"; + print " <integer>1</integer>\n"; + print " <key>UserDefinedName</key>\n"; + print " <string>$confighash{$key}[1]</string>\n"; + print " <key>VPNType</key>\n"; + print " <string>IKEv2</string>\n"; + print " <key>IKEv2</key>\n"; + print " <dict>\n"; + print " <key>RemoteAddress</key>\n"; + print " <string>18.206.152.26</string>\n"; + + # Left ID + if ($confighash{$key}[9]) { + print " <key>LocalIdentifier</key>\n"; + print " <string>$confighash{$key}[9]</string>\n"; + } + + # Right ID + if ($confighash{$key}[7]) { + print " <key>RemoteIdentifier</key>\n"; + print " <string>$confighash{$key}[7]</string>\n"; + } + + if ($confighash{$key}[4] eq "cert") { + print " <key>AuthenticationMethod</key>\n"; + print " <string>Certificate</string>\n"; + + print " <key>PayloadCertificateUUID</key>\n"; + print " <string>${cert_uuid}</string>\n"; + } else { + print " <key>AuthenticationMethod</key>\n"; + print " <string>SharedSecret</string>\n"; + print " <key>SharedSecret</key>\n"; + print " <string>$confighash{$key}[5]</string>\n"; + } + + print " <key>ExtendedAuthEnabled</key>\n"; + print " <integer>0</integer>\n"; + print " </dict>\n"; + print " </dict>\n"; + + if ($confighash{$key}[4] eq "cert") { + print " <dict>\n"; + print " <key>PayloadIdentifier</key>\n"; + print " <string>org.example.vpn1.client</string>\n"; + print " <key>PayloadUUID</key>\n"; + print " <string>${cert_uuid}</string>\n"; + print " <key>PayloadType</key>\n"; + print " <string>com.apple.security.pkcs12</string>\n"; + print " <key>PayloadVersion</key>\n"; + print " <integer>1</integer>\n"; + print " <key>PayloadContent</key>\n"; + print " <data>\n"; + + foreach (split /\n/,${cert}) { + print " $_\n"; + } + + print " </data>\n"; + print " </dict>\n"; + } + + print " </array>\n"; + print " </dict>\n"; + print "</plist>\n"; + + # Done + exit(0); ### ### Display certificate ### @@ -2982,7 +3099,7 @@ END <th width='23%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></th> <th width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th> <th width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></th> - <th class='boldbase' align='center' colspan='6'><b>$Lang::tr{'action'}</b></th> + <th class='boldbase' align='center' colspan='7'><b>$Lang::tr{'action'}</b></th> </tr> END ; @@ -3082,6 +3199,22 @@ END } else { print "<td width='2%' $col> </td>"; } + + # Apple Profile + if ($confighash{$key}[3] eq 'host') { + print <<END; + <td align='center' $col> + <form method='post' action='$ENV{'SCRIPT_NAME'}'> + <input type='image' name='$Lang::tr{'download apple profile'}' src='/images/apple.png' alt='$Lang::tr{'download apple profile'}' title='$Lang::tr{'download apple profile'}' /> + <input type='hidden' name='ACTION' value='$Lang::tr{'download apple profile'}' /> + <input type='hidden' name='KEY' value='$key' /> + </form> + </td> +END + } else { + print "<td width='2%' $col> </td>"; + } + print <<END <td align='center' $col> <form method='post' action='$ENV{'SCRIPT_NAME'}'> diff --git a/html/html/images/apple.png b/html/html/images/apple.png new file mode 100644 index 0000000000000000000000000000000000000000..6571a749b693911b9c616b29a6b749b409935853 GIT binary patch literal 346 zcmeAS@N?(olHy`uVBq!ia0vp^A|TAc1|)ksWqE-VOR<w@2nP_<aHMnq`J4qFk;M!Q z+`=Ht$S`Y;1W@pgr;B5VMeo|n3%y+&1&)90SAU^usKGW{;e_aamc?fi3^}5X<b2Qn zkkiz0@`3z=`3c6HQMzor<s4k$A@_{mSXXqsyZ!ZNb7ShvpXbh;)A_&Vr2UaKiE{qA zlgkTRg{pHCFRV{c*4ffp`k{?K=eSIA{*IQ^Jqe38G4DxQx~gPKkT1WvQ*~<SP0PMk z$Da50g>5e-as->B0w#;z=wb9XPEh5Wee3MXypEOc8~ondH1Ay2V|w?oEt`%}g2C)Z zCR5BO#0eMt*&6iL??zAj*4dmoA2oFT_P=^$DO_>o$~Ql@9ECz-J>djav!H~Q|CLSb nF$uD(ZyYzx+c=dgd#Qd-dzV1X{ntx?;lSYO>gTe~DWM4fVRMKG
literal 0 HcmV?d00001
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index ff08bce0c..aaf1d4978 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -906,6 +906,7 @@ 'downlink speed' => 'Downlink speed (kbit/sec)', 'downlink std class' => 'downlink standard class', 'download' => 'download', +'download apple profile' => 'Download Apple Configuration Profile', 'download ca certificate' => 'Download CA certificate', 'download certificate' => 'Download file', 'download dh parameter' => 'Download Diffie-Hellman parameters',