Update OpenVPN config and add openvpn_rm option

conf/openvpn_client.conf.tpl

@@ -14,6 +14,7 @@ dev tun
 tun-ipv6
 keepalive 10 30
 comp-lzo adaptive
+resolv-retry infinite
 
 # Authentication by login
 <TPL:LOGIN_COMMENT>auth-user-pass /etc/openvpn/keys/credentials
@@ -25,6 +26,7 @@ comp-lzo adaptive
 tls-client
 <TPL:TA_COMMENT>tls-auth /etc/openvpn/keys/user_ta.key 1
 remote-cert-tls server
+ns-cert-type server
 ca /etc/openvpn/keys/ca-server.crt
 <TPL:CERT_COMMENT>cert /etc/openvpn/keys/user.crt
 <TPL:CERT_COMMENT>key /etc/openvpn/keys/user.key

sources/controller.php

@@ -84,10 +84,6 @@ function readAutoConf($file) {
     $config['crt_client_ta'] = str_replace('|', "\n", $config['crt_client_ta']);
   }
 
-  if(!empty($config['openvpn_add'])) {
-    $config['openvpn_add'] = str_replace('|', "\n", $config['openvpn_add']);
-  }
-
   return $config;
 }
 
@@ -126,14 +122,20 @@ dispatch_put('/settings', function() {
     $config = $_POST;
     $autoconf = false;
 
-    if($_FILES['cubefile']['error'] == UPLOAD_ERR_OK) {
-      $config = readAutoConf($_FILES['cubefile']['tmp_name']);
-      $autoconf = true;
-    }
-    $ip6_net = empty($config['ip6_net']) ? 'none' : $config['ip6_net'];
-    $ip6_addr = 'none';
-
     try {
+      if($_FILES['cubefile']['error'] == UPLOAD_ERR_OK) {
+        $config = readAutoConf($_FILES['cubefile']['tmp_name']);
+
+        if(is_null($config)) {
+          throw new Exception(_('Json Syntax Error, please check your dot cube file'));
+        }
+
+        $autoconf = true;
+      }
+  
+      $ip6_net = empty($config['ip6_net']) ? 'none' : $config['ip6_net'];
+      $ip6_addr = 'none';
+
       if(empty($config['server_name']) || empty($config['server_port']) || empty($config['server_proto'])) {
         throw new Exception(_('The Server Address, the Server Port and the Protocol cannot be empty'));
       }
@@ -207,9 +209,32 @@ dispatch_put('/settings', function() {
     if($autoconf) {
       copy('/etc/openvpn/client.conf.tpl.restore', '/etc/openvpn/client.conf.tpl');
 
+      if(!empty($config['openvpn_rm'])) {
+        $raw_openvpn = explode("\n", file_get_contents('/etc/openvpn/client.conf.tpl'));
+        $fopenvpn = fopen('/etc/openvpn/client.conf.tpl', 'w');
+
+        foreach($raw_openvpn AS $opt) {
+          $filtered = false;
+
+          if(!preg_match('/^#/', $opt) && !preg_match('/<TPL:/', $opt)) {
+            foreach($config['openvpn_rm'] AS $filter) {
+              if(preg_match("/$filter/i", $opt)) {
+                $filtered = true;
+              }
+            }
+          }
+
+          if(!$filtered) {
+            fwrite($fopenvpn, "$opt\n");
+          }
+        }
+
+        fclose($fopenvpn);
+      }
+
       if(!empty($config['openvpn_add'])) {
         $raw_openvpn = file_get_contents('/etc/openvpn/client.conf.tpl');
-        $raw_openvpn .= "\n# Custom\n".$config['openvpn_add'];
+        $raw_openvpn .= "\n# Custom\n".implode("\n", $config['openvpn_add']);
 
         file_put_contents('/etc/openvpn/client.conf.tpl', $raw_openvpn);
       }

sources/i18n/fr_FR/LC_MESSAGES/localization.po

@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: data 2\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-09-29 02:43+0200\n"
-"PO-Revision-Date: 2015-09-29 02:45+0200\n"
+"POT-Creation-Date: 2015-09-29 14:09+0200\n"
+"PO-Revision-Date: 2015-09-29 14:10+0200\n"
 "Last-Translator: samy boutayeb <samy@langues-etcetera.fr>\n"
 "Language-Team: none\n"
 "Language: fr\n"
@@ -19,62 +19,66 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n > 1);\n"
 "X-Generator: Poedit 1.8.4\n"
 
-#: sources/controller.php:138
+#: sources/controller.php:130
+msgid "Json Syntax Error, please check your dot cube file"
+msgstr "Error de syntaxe Json, merci de vérifier votre fichier .cube"
+
+#: sources/controller.php:140
 msgid "The Server Address, the Server Port and the Protocol cannot be empty"
 msgstr ""
 "L'adresse du serveur, le port du serveur et le protocole ne peuvent pas être "
 "vides"
 
-#: sources/controller.php:142
+#: sources/controller.php:144
 msgid "The Server Port must be only composed of digits"
 msgstr "Le port du serveur ne peut correspondre qu'à des chiffres"
 
-#: sources/controller.php:146
+#: sources/controller.php:148
 msgid "The Protocol must be \"udp\" or \"tcp\""
 msgstr "Le protocole ne peut correspondre qu'à \"udp\" ou \"tcp\""
 
-#: sources/controller.php:150
+#: sources/controller.php:152
 msgid "You need to define two DNS resolver addresses"
 msgstr "Vous devez définir deux adresses de résolveur DNS"
 
-#: sources/controller.php:154
+#: sources/controller.php:156
 msgid "A Password is needed when you suggest a Username, or vice versa"
 msgstr ""
 "Un mot de passe est nécessaire si vous proposez un nom d'utilisateur, et "
 "inversement"
 
-#: sources/controller.php:161
+#: sources/controller.php:163
 msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
 msgstr ""
 "Un certificat client est nécessaire si vous proposez une clé, et inversement"
 
-#: sources/controller.php:165
+#: sources/controller.php:167
 msgid "You need a Server CA."
 msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
 
-#: sources/controller.php:169
+#: sources/controller.php:171
 msgid "You need either a Client Certificate, either a Username, or both"
 msgstr ""
 "Vous devez avoir soit un certificat client, soit un nom d'utilisateur, soit "
 "les deux"
 
-#: sources/controller.php:176
+#: sources/controller.php:178
 msgid "The IPv6 Delegated Prefix format looks bad"
 msgstr "Le format du préfixe IPv6 délégué semble incorrect"
 
-#: sources/controller.php:187
+#: sources/controller.php:189
 msgid "configuration not updated"
 msgstr "configuration non-mise à jour"
 
-#: sources/controller.php:285
+#: sources/controller.php:310
 msgid "Configuration updated and service successfully reloaded"
 msgstr "Configuration mise à jour et service correctement rechargé"
 
-#: sources/controller.php:287
+#: sources/controller.php:312
 msgid "Configuration updated but service reload failed"
 msgstr "Configuration mise à jour mais le rechargement du service a échoué"
 
-#: sources/controller.php:291
+#: sources/controller.php:316
 msgid "Service successfully disabled"
 msgstr "Service désactivé avec succès"
 

sources/i18n/localization.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-09-29 02:43+0200\n"
+"POT-Creation-Date: 2015-09-29 14:09+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,55 +17,59 @@ msgstr ""
 "Content-Type: text/plain; charset=CHARSET\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: sources/controller.php:138
+#: sources/controller.php:130
+msgid "Json Syntax Error, please check your dot cube file"
+msgstr ""
+
+#: sources/controller.php:140
 msgid "The Server Address, the Server Port and the Protocol cannot be empty"
 msgstr ""
 
-#: sources/controller.php:142
+#: sources/controller.php:144
 msgid "The Server Port must be only composed of digits"
 msgstr ""
 
-#: sources/controller.php:146
+#: sources/controller.php:148
 msgid "The Protocol must be \"udp\" or \"tcp\""
 msgstr ""
 
-#: sources/controller.php:150
+#: sources/controller.php:152
 msgid "You need to define two DNS resolver addresses"
 msgstr ""
 
-#: sources/controller.php:154
+#: sources/controller.php:156
 msgid "A Password is needed when you suggest a Username, or vice versa"
 msgstr ""
 
-#: sources/controller.php:161
+#: sources/controller.php:163
 msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
 msgstr ""
 
-#: sources/controller.php:165
+#: sources/controller.php:167
 msgid "You need a Server CA."
 msgstr ""
 
-#: sources/controller.php:169
+#: sources/controller.php:171
 msgid "You need either a Client Certificate, either a Username, or both"
 msgstr ""
 
-#: sources/controller.php:176
+#: sources/controller.php:178
 msgid "The IPv6 Delegated Prefix format looks bad"
 msgstr ""
 
-#: sources/controller.php:187
+#: sources/controller.php:189
 msgid "configuration not updated"
 msgstr ""
 
-#: sources/controller.php:285
+#: sources/controller.php:310
 msgid "Configuration updated and service successfully reloaded"
 msgstr ""
 
-#: sources/controller.php:287
+#: sources/controller.php:312
 msgid "Configuration updated but service reload failed"
 msgstr ""
 
-#: sources/controller.php:291
+#: sources/controller.php:316
 msgid "Service successfully disabled"
 msgstr ""