e-smith-base/sme10/e-smith-base-5.8.0-bz11374-pptp2vpn.patch

diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access        1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access    2021-03-03 13:28:59.005000000 -0500
@@ -0,0 +1 @@
+public
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault 1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault     2021-03-03 13:29:19.905000000 -0500
@@ -0,0 +1 @@
+no
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions      1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions  2021-03-03 13:26:20.122000000 -0500
@@ -0,0 +1 @@
+0
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status        1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status    2021-03-03 13:25:24.290000000 -0500
@@ -0,0 +1 @@
+disabled
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type  1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type      2021-03-03 13:25:50.502000000 -0500
@@ -0,0 +1 @@
+configuration
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess
--- e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess 2016-02-04 18:14:13.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess     2021-03-03 15:12:34.138000000 -0500
@@ -48,8 +48,8 @@
        <trans>Number of PPTP clients</trans>
     </entry>
      <entry>
-       <base>NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
-       <trans>The number of pptp clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
+       <base>NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
+       <trans>The number of VPN clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
     </entry>
     <entry>
         <base>LABEL_SSH_PORT</base>
@@ -124,6 +124,15 @@
        </trans>
     </entry>
     <entry>
+        <base>DESC_VPN</base>
+        <trans><![CDATA[ <hr class="sectionbar" /><h2>VPN Settings</h2>
+            You can allow VPN access to your server.
+            You should leave this feature disabled by setting the value
+            to the number 0 unless you require VPN access.
+            ]]>
+        </trans>
+    </entry>
+    <entry>
        <base>VALUE_ZERO_OR_POSITIVE</base>
        <trans>Value must be zero or a positive integer</trans>
     </entry>
@@ -243,4 +252,8 @@
        <base>LABEL_IPSECRW_RESET</base>
        <trans>Reset digital certificates</trans>
     </entry>
+    <entry>
+        <base>DESC_IPSEC_VPN_UNAVAILABLE</base>
+        <trans>IPSEC VPN is not installed. Please install the contrib if you need VPN access.</trans>
+    </entry>
 </lexicon>  
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf
--- e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf     2021-03-03 13:00:51.018000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf 2021-03-03 15:12:44.565000000 -0500
@@ -84,7 +84,6 @@
 pop3s=service|access|private|status|enabled
 popd=service|access|private|status|enabled
 pppoe=service|DemandIdleTime|no|InitscriptOrder|57|SynchronousPPP|no|status|disabled
-pptpd=service|sessions|10|status|disabled
 qmail=service|InitscriptOrder|80|status|enabled
 random=service|InitscriptOrder|20|status|enabled
 scanner=service|ScannerFns|iscan|UpdateTime|1:14|scanMail|yes|status|enabled
@@ -96,4 +95,5 @@
 sync=service|Host|service.e-smith.com|LastId|0|SuccessId|0|SyncFrequency|1|SyncMinute|57|status|disabled
 rsyslog=service|InitscriptOrder|05|status|enabled
 telnet=service|access|private|status|disabled
+vpn=configuration|sessions|10|status|disabled
 wibble=42
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess
--- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess  2021-03-03 13:00:51.242000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess      2021-03-03 15:12:09.789000000 -0500
@@ -60,6 +60,7 @@
 ok ($ua->{form}->find_input('sshAccess'), 'Finding the sshAccess field');
 ok ($ua->{form}->find_input('sshPermitRootLogin'), 'Finding the sshPermitRootLogin field');
 ok ($ua->{form}->find_input('sshTCPPort'), 'Finding the sshTCPPort field');
+ok ($ua->{form}->find_input('vpnSessions'), 'Finding the vpnSessions field');
 ok ($ua->{form}->find_input('sshPasswordAuthentication'), 'Finding the sshPasswordAuthentication field');
 ok ($ua->{form}->find_input('FTPLimits'), 'Finding the FTPLimits field');
 ok ($ua->{form}->find_input('TelnetAccess'), 'Finding the TelnetAccess field');
@@ -69,6 +70,7 @@
     $ua->field('sshAccess' => 'public');
     $ua->field('sshPermitRootLogin' => 'yes');
     $ua->field('sshTCPPort' => '22');
+    $ua->field('vpnSessions' => '10');
     $ua->field('sshPasswordAuthentication' => 'yes');
     $ua->field('FTPLimits' => 'normal');
     $ua->field('TelnetAccess' => 'private');
@@ -94,6 +96,8 @@
     
     is ($db->get('ftp')->prop('access'), 'private', "ftp access is private");
     is ($db->get('ftp')->prop('accessLimits'), 'normal', "ftp access limits are normal");
+    is ($db->get('vpn')->prop('sessions') ,'10', "Got the right session count for vpn");
+    is ($db->get('vpn')->prop('status') ,'enabled', "vpn is enabled");
     is ($db->get('telnet')->prop('access'), 'private', "Private telnet turned on");
 }
 
@@ -107,6 +111,12 @@
     <page name="First"  post-event="change_settings()"
        pre-event="print_status_message()">
 
+       <field type="text" id="vpnSessions" size="3" validation="zero_or_positive(), vpn_and_dhcp_range()"
+           value="get_vpn_sessions()">
+           <label>LABEL_PPTP</label>
+           <description>DESC_VPN</description>
+       </field>
+
         <subroutine src="show_ipsecrw_section()"/>
 
         <subroutine src="show_valid_from_list()"/>
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts
--- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts  2021-03-03 13:00:51.243000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts      2021-03-03 15:11:52.696000000 -0500
@@ -211,6 +211,10 @@
             >
             <label>FORWARDING_ADDRESS</label>
         </field>
+        <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
+            'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
+            <label>VPN_CLIENT_ACCESS</label>
+        </field>
         <subroutine src="print_ipsec_client_section()" />
         <subroutine src="print_groupMemberships_field()" />
         <subroutine src="print_save_or_add_button()" />
@@ -237,7 +241,7 @@
             <label>FORWARDING_ADDRESS</label>
         </field>
         <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
-            'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
+            'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
             <label>VPN_CLIENT_ACCESS</label>
         </field>  
         <subroutine src="print_ipsec_client_section()" />
diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm
--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm 2021-03-03 13:00:51.290000000 -0500
+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm     2021-03-03 15:12:22.456000000 -0500
@@ -1682,7 +1682,7 @@
         (
          title => gettext("Select end of DHCP host number range"),
          text  =>
-         gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for pptp sessions."),
+         gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for vpn sessions."),
          value   => $serverEnd
         );
 
@@ -1692,11 +1692,11 @@
     {
         if ( isValidIP($choice) )
         {
-        # retrieve values to verifiy if ip_count > pptp_sessions
+        # retrieve values to verifiy if ip_count > vpn_sessions
         my $ip_start      = unpack 'N', inet_aton($serverStart);
         my $ip_end        = unpack 'N', inet_aton($choice);
         my $ip_count      = $ip_end - $ip_start;
-        my $pptp_sessions = $db->get_prop('pptpd','sessions');
+        my $vpn_sessions = $db->get_prop('vpn','sessions');
 
            my $dhcp_net = ipv4_network($choice, $priv_mask);
            if ($dhcp_net eq $priv_net)
@@ -1709,7 +1709,7 @@
                if (cmpIP($serverStart, $choice) < 0)
                {
                    if (((cmpIP($priv_ip, $serverStart) < 0) ||
-                       (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $pptp_sessions))
+                       (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $vpn_sessions))
                    {
                        # need to check for valid range as well.
                        unless ($choice eq $serverEnd)
@@ -1718,12 +1718,12 @@
                        }
                        goto DNS_FORWARDER;
                    }
-            # We want to verify that the number of pptp_IP reserved is not superior
+            # We want to verify that the number of vpn_IP reserved is not superior
             # than the number of dhcp_IP set in the range
-            elsif ($ip_count <= $pptp_sessions)
+            elsif ($ip_count <= $vpn_sessions)
             {
-            $errmsg = gettext("There is not enough IP in the range to include all your pptp sessions");
-            $choice = $pptp_sessions . ' allowed pptp clients';
+            $errmsg = gettext("There is not enough IP in the range to include all your vpn sessions");
+            $choice = $vpn_sessions . ' allowed vpn clients';
             }
                    else
                    {
diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm
--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm     2021-03-03 13:00:51.243000000 -0500
+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm 2021-03-03 15:11:40.938000000 -0500
@@ -43,6 +43,7 @@
                validate_network_and_mask ip_number_or_blank subnet_mask_or_blank
                show_telnet_section get_serial_console show_ftp_section
                get_ipsecrw_sessions show_ipsecrw_section 
+               get_vpn_sessions
 );
 
 
@@ -143,6 +144,23 @@
     return ($access  eq 'public') ? 'normal' : 'private';
 }
 
+=head2 get_vpn_sessions
+
+Get the # of vpn sessions defined in the sessions property of the generik vpn config file variable
+
+=cut
+
+  sub get_vpn_sessions {
+  my $status = get_prop('','vpn','status');
+  if (defined($status) && ($status eq 'enabled')) {
+    
+    return(get_prop('','vpn','sessions') || '0');
+  }
+  else {
+    return('0');
+  }
+}
+
 =head2 get_ssh_permit_root_login
 
 returns 'yes' or 'no' depending on whether ssh permit root login is enabled
@@ -355,13 +373,13 @@
 
 =pod
 
-=head2 pptp_and_dhcp_range
+=head2 vpn_and_dhcp_range
 
-Validate the input of pptp session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
+Validate the input of vpn session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
 
 =cut
 
-sub pptp_and_dhcp_range
+sub vpn_and_dhcp_range
 {
   my $self = shift;
   my $val = shift || 0;
@@ -375,7 +393,7 @@
         my $ip_end       = unpack 'N', inet_aton($dhcp_end);
         my $ip_count     = $ip_end - $ip_start;
         return 'OK' if( $val < $ip_count );
-        return $self->localise('NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
+        return $self->localise('NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
         }
     else
         {
@@ -646,6 +664,7 @@
     my $sshTCPPort = ($q->param ('sshTCPPort') || '22');
     my $ftplogin = ($q->param ('FTPPasswordLogin') || 'private');
     my $ftpaccess = ($q->param ('FTPAccess') || 'off');
+    my $vpnSessions = ($q->param ('vpnSessions') || '0');
 #    my $serialConsole = ($q->param ('serialConsole') || 'disabled');
 
     #------------------------------------------------------------
@@ -697,6 +716,17 @@
        }
     }
 
+    if ($vpnSessions == 0)
+    {
+       $db->get('vpn')->set_prop('sessions', $vpnSessions);
+       $db->get('vpn')->set_prop('status', 'disabled');
+    }
+    else
+    {
+       $db->get('vpn')->set_prop('status', 'enabled');
+       $db->get('vpn')->set_prop('sessions', $vpnSessions);
+    }
+
 
 # REMOVED by markk, May 16 2005 - see DPAR MN00084537
 #    $rec = $db->get('serial-console');
@@ -761,7 +791,7 @@
     my $q = $self->cgi;
 
     # Don't show ipsecrw setting unless the status property exists
-    return '' unless ($db->get('ipsec') 
+    return $self->localise('DESC_IPSEC_VPN_UNAVAILABLE') unless ($db->get('ipsec') 
                        && $db->get('ipsec')->prop('RoadWarriorStatus'));
 
     print $q->Tr(
diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm
--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm     2021-03-03 13:00:51.244000000 -0500
+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm 2021-03-03 15:10:48.081000000 -0500
@@ -51,6 +51,7 @@
     reset_password
     check_password
     print_save_or_add_button
+    get_vpn_value
     print_ipsec_client_section
     get_prop
 
@@ -285,7 +286,10 @@
             ($rec ? ($rec->prop('EmailForward')) : 'local'); 
         my $fwd = $cgi->param('ForwardAddress') ? 
             $cgi->param('ForwardAddress') :
-            ($rec ? ($rec->prop('ForwardAddress')) : '');
+            ($rec ? ($rec->prop('ForwardAddress')) : ''); 
+        my $vpn = $cgi->param('VPNClientAccess') ?
+            $cgi->param('VPNClientAccess') : 
+            ($rec ? ($rec->prop('VPNClientAccess')) : get_vpn_value() );
         # now that we're down with the 411, let's set the values
         $cgi->param(-name=>'FirstName', -value=>$fn);
         $cgi->param(-name=>'LastName', -value=>$ln);
@@ -296,6 +300,7 @@
         $cgi->param(-name=>'Phone', -value=>$phone);
         $cgi->param(-name=>'EmailForward', -value=>$emf);
         $cgi->param(-name=>'ForwardAddress', -value=>$fwd);
+        $cgi->param(-name=>'VPNClientAccess', -value=>$vpn);
     } else {
         print qq(
             <td><input type="text" name="acctName" value="$an">
@@ -461,6 +466,18 @@
     return $configdb->get('ldap')->prop($CGIParam2DBfield{$field});
 }
 
+=head2 get_vpn_value()
+
+Routine to display default value for VPN
+
+=cut
+
+sub get_vpn_value
+{
+    my $vpn = $configdb->get('vpn') || return 'no';
+    return $configdb->get('vpn')->prop('AccessDefault') || 'no';
+}
+
 =head1 VALIDATION ROUTINES
 
 =head2 pseudonym_clash
@@ -718,8 +735,9 @@
             'Street'         => $self->{cgi}->param('Street'),
             'EmailForward'   => $self->{cgi}->param('EmailForward'),
             'ForwardAddress' => $self->{cgi}->param('ForwardAddress'),
-            'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
+        #    'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
         );
+       $newProperties{'VPNClientAccess'} = $self->{cgi}->param('VPNClientAccess') if defined $self->{cgi}->param('VPNClientAccess');
 
         $acct->merge_props(%newProperties);
 
1	jpp	1.1	diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access
2			--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access 1969-12-31 19:00:00.000000000 -0500
3			+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access 2021-03-03 13:28:59.005000000 -0500
4			@@ -0,0 +1 @@
5			+public
6			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault
7			--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault 1969-12-31 19:00:00.000000000 -0500
8			+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault 2021-03-03 13:29:19.905000000 -0500
9			@@ -0,0 +1 @@
10			+no
11			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions
12			--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions 1969-12-31 19:00:00.000000000 -0500
13			+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions 2021-03-03 13:26:20.122000000 -0500
14			@@ -0,0 +1 @@
15			+0
16			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status
17			--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status 1969-12-31 19:00:00.000000000 -0500
18			+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status 2021-03-03 13:25:24.290000000 -0500
19			@@ -0,0 +1 @@
20			+disabled
21			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type
22			--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type 1969-12-31 19:00:00.000000000 -0500
23			+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type 2021-03-03 13:25:50.502000000 -0500
24			@@ -0,0 +1 @@
25			+configuration
26			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess
27			--- e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess 2016-02-04 18:14:13.000000000 -0500
28			+++ e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess 2021-03-03 15:12:34.138000000 -0500
29			@@ -48,8 +48,8 @@
30			<trans>Number of PPTP clients</trans>
31			</entry>
32			<entry>
33			- <base>NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
34			- <trans>The number of pptp clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
35			+ <base>NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
36			+ <trans>The number of VPN clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
37			</entry>
38			<entry>
39			<base>LABEL_SSH_PORT</base>
40			@@ -124,6 +124,15 @@
41			</trans>
42			</entry>
43			<entry>
44			+ <base>DESC_VPN</base>
45			+ <trans><![CDATA[ <hr class="sectionbar" /><h2>VPN Settings</h2>
46			+ You can allow VPN access to your server.
47			+ You should leave this feature disabled by setting the value
48			+ to the number 0 unless you require VPN access.
49			+ ]]>
50			+ </trans>
51			+ </entry>
52			+ <entry>
53			<base>VALUE_ZERO_OR_POSITIVE</base>
54			<trans>Value must be zero or a positive integer</trans>
55			</entry>
56			@@ -243,4 +252,8 @@
57			<base>LABEL_IPSECRW_RESET</base>
58			<trans>Reset digital certificates</trans>
59			</entry>
60			+ <entry>
61			+ <base>DESC_IPSEC_VPN_UNAVAILABLE</base>
62			+ <trans>IPSEC VPN is not installed. Please install the contrib if you need VPN access.</trans>
63			+ </entry>
64			</lexicon>
65			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf
66			--- e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf 2021-03-03 13:00:51.018000000 -0500
67			+++ e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf 2021-03-03 15:12:44.565000000 -0500
68			@@ -84,7 +84,6 @@
69			pop3s=service\|access\|private\|status\|enabled
70			popd=service\|access\|private\|status\|enabled
71			pppoe=service\|DemandIdleTime\|no\|InitscriptOrder\|57\|SynchronousPPP\|no\|status\|disabled
72			-pptpd=service\|sessions\|10\|status\|disabled
73			qmail=service\|InitscriptOrder\|80\|status\|enabled
74			random=service\|InitscriptOrder\|20\|status\|enabled
75			scanner=service\|ScannerFns\|iscan\|UpdateTime\|1:14\|scanMail\|yes\|status\|enabled
76			@@ -96,4 +95,5 @@
77			sync=service\|Host\|service.e-smith.com\|LastId\|0\|SuccessId\|0\|SyncFrequency\|1\|SyncMinute\|57\|status\|disabled
78			rsyslog=service\|InitscriptOrder\|05\|status\|enabled
79			telnet=service\|access\|private\|status\|disabled
80			+vpn=configuration\|sessions\|10\|status\|disabled
81			wibble=42
82			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess
83			--- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess 2021-03-03 13:00:51.242000000 -0500
84			+++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess 2021-03-03 15:12:09.789000000 -0500
85			@@ -60,6 +60,7 @@
86			ok ($ua->{form}->find_input('sshAccess'), 'Finding the sshAccess field');
87			ok ($ua->{form}->find_input('sshPermitRootLogin'), 'Finding the sshPermitRootLogin field');
88			ok ($ua->{form}->find_input('sshTCPPort'), 'Finding the sshTCPPort field');
89			+ok ($ua->{form}->find_input('vpnSessions'), 'Finding the vpnSessions field');
90			ok ($ua->{form}->find_input('sshPasswordAuthentication'), 'Finding the sshPasswordAuthentication field');
91			ok ($ua->{form}->find_input('FTPLimits'), 'Finding the FTPLimits field');
92			ok ($ua->{form}->find_input('TelnetAccess'), 'Finding the TelnetAccess field');
93			@@ -69,6 +70,7 @@
94			$ua->field('sshAccess' => 'public');
95			$ua->field('sshPermitRootLogin' => 'yes');
96			$ua->field('sshTCPPort' => '22');
97			+ $ua->field('vpnSessions' => '10');
98			$ua->field('sshPasswordAuthentication' => 'yes');
99			$ua->field('FTPLimits' => 'normal');
100			$ua->field('TelnetAccess' => 'private');
101			@@ -94,6 +96,8 @@
102
103			is ($db->get('ftp')->prop('access'), 'private', "ftp access is private");
104			is ($db->get('ftp')->prop('accessLimits'), 'normal', "ftp access limits are normal");
105			+ is ($db->get('vpn')->prop('sessions') ,'10', "Got the right session count for vpn");
106			+ is ($db->get('vpn')->prop('status') ,'enabled', "vpn is enabled");
107			is ($db->get('telnet')->prop('access'), 'private', "Private telnet turned on");
108			}
109
110			@@ -107,6 +111,12 @@
111			<page name="First" post-event="change_settings()"
112			pre-event="print_status_message()">
113
114			+ <field type="text" id="vpnSessions" size="3" validation="zero_or_positive(), vpn_and_dhcp_range()"
115			+ value="get_vpn_sessions()">
116			+ <label>LABEL_PPTP</label>
117			+ <description>DESC_VPN</description>
118			+ </field>
119			+
120			<subroutine src="show_ipsecrw_section()"/>
121
122			<subroutine src="show_valid_from_list()"/>
123			diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts
124			--- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts 2021-03-03 13:00:51.243000000 -0500
125			+++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts 2021-03-03 15:11:52.696000000 -0500
126			@@ -211,6 +211,10 @@
127			>
128			<label>FORWARDING_ADDRESS</label>
129			</field>
130			+ <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
131			+ 'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
132			+ <label>VPN_CLIENT_ACCESS</label>
133			+ </field>
134			<subroutine src="print_ipsec_client_section()" />
135			<subroutine src="print_groupMemberships_field()" />
136			<subroutine src="print_save_or_add_button()" />
137			@@ -237,7 +241,7 @@
138			<label>FORWARDING_ADDRESS</label>
139			</field>
140			<field type="select" id="VPNClientAccess" options="'yes' => 'YES',
141			- 'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
142			+ 'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
143			<label>VPN_CLIENT_ACCESS</label>
144			</field>
145			<subroutine src="print_ipsec_client_section()" />
146			diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm
147			--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm 2021-03-03 13:00:51.290000000 -0500
148			+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm 2021-03-03 15:12:22.456000000 -0500
149			@@ -1682,7 +1682,7 @@
150			(
151			title => gettext("Select end of DHCP host number range"),
152			text =>
153			- gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for pptp sessions."),
154			+ gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for vpn sessions."),
155			value => $serverEnd
156			);
157
158			@@ -1692,11 +1692,11 @@
159			{
160			if ( isValidIP($choice) )
161			{
162			- # retrieve values to verifiy if ip_count > pptp_sessions
163			+ # retrieve values to verifiy if ip_count > vpn_sessions
164			my $ip_start = unpack 'N', inet_aton($serverStart);
165			my $ip_end = unpack 'N', inet_aton($choice);
166			my $ip_count = $ip_end - $ip_start;
167			- my $pptp_sessions = $db->get_prop('pptpd','sessions');
168			+ my $vpn_sessions = $db->get_prop('vpn','sessions');
169
170			my $dhcp_net = ipv4_network($choice, $priv_mask);
171			if ($dhcp_net eq $priv_net)
172			@@ -1709,7 +1709,7 @@
173			if (cmpIP($serverStart, $choice) < 0)
174			{
175			if (((cmpIP($priv_ip, $serverStart) < 0) \|\|
176			- (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $pptp_sessions))
177			+ (cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $vpn_sessions))
178			{
179			# need to check for valid range as well.
180			unless ($choice eq $serverEnd)
181			@@ -1718,12 +1718,12 @@
182			}
183			goto DNS_FORWARDER;
184			}
185			- # We want to verify that the number of pptp_IP reserved is not superior
186			+ # We want to verify that the number of vpn_IP reserved is not superior
187			# than the number of dhcp_IP set in the range
188			- elsif ($ip_count <= $pptp_sessions)
189			+ elsif ($ip_count <= $vpn_sessions)
190			{
191			- $errmsg = gettext("There is not enough IP in the range to include all your pptp sessions");
192			- $choice = $pptp_sessions . ' allowed pptp clients';
193			+ $errmsg = gettext("There is not enough IP in the range to include all your vpn sessions");
194			+ $choice = $vpn_sessions . ' allowed vpn clients';
195			}
196			else
197			{
198			diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm
199			--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm 2021-03-03 13:00:51.243000000 -0500
200			+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm 2021-03-03 15:11:40.938000000 -0500
201			@@ -43,6 +43,7 @@
202			validate_network_and_mask ip_number_or_blank subnet_mask_or_blank
203			show_telnet_section get_serial_console show_ftp_section
204			get_ipsecrw_sessions show_ipsecrw_section
205			+ get_vpn_sessions
206			);
207
208
209			@@ -143,6 +144,23 @@
210			return ($access eq 'public') ? 'normal' : 'private';
211			}
212
213			+=head2 get_vpn_sessions
214			+
215			+Get the # of vpn sessions defined in the sessions property of the generik vpn config file variable
216			+
217			+=cut
218			+
219			+ sub get_vpn_sessions {
220			+ my $status = get_prop('','vpn','status');
221			+ if (defined($status) && ($status eq 'enabled')) {
222			+
223			+ return(get_prop('','vpn','sessions') \|\| '0');
224			+ }
225			+ else {
226			+ return('0');
227			+ }
228			+}
229			+
230			=head2 get_ssh_permit_root_login
231
232			returns 'yes' or 'no' depending on whether ssh permit root login is enabled
233			@@ -355,13 +373,13 @@
234
235			=pod
236
237			-=head2 pptp_and_dhcp_range
238			+=head2 vpn_and_dhcp_range
239
240			-Validate the input of pptp session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
241			+Validate the input of vpn session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
242
243			=cut
244
245			-sub pptp_and_dhcp_range
246			+sub vpn_and_dhcp_range
247			{
248			my $self = shift;
249			my $val = shift \|\| 0;
250			@@ -375,7 +393,7 @@
251			my $ip_end = unpack 'N', inet_aton($dhcp_end);
252			my $ip_count = $ip_end - $ip_start;
253			return 'OK' if( $val < $ip_count );
254			- return $self->localise('NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
255			+ return $self->localise('NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
256			}
257			else
258			{
259			@@ -646,6 +664,7 @@
260			my $sshTCPPort = ($q->param ('sshTCPPort') \|\| '22');
261			my $ftplogin = ($q->param ('FTPPasswordLogin') \|\| 'private');
262			my $ftpaccess = ($q->param ('FTPAccess') \|\| 'off');
263			+ my $vpnSessions = ($q->param ('vpnSessions') \|\| '0');
264			# my $serialConsole = ($q->param ('serialConsole') \|\| 'disabled');
265
266			#------------------------------------------------------------
267			@@ -697,6 +716,17 @@
268			}
269			}
270
271			+ if ($vpnSessions == 0)
272			+ {
273			+ $db->get('vpn')->set_prop('sessions', $vpnSessions);
274			+ $db->get('vpn')->set_prop('status', 'disabled');
275			+ }
276			+ else
277			+ {
278			+ $db->get('vpn')->set_prop('status', 'enabled');
279			+ $db->get('vpn')->set_prop('sessions', $vpnSessions);
280			+ }
281			+
282
283			# REMOVED by markk, May 16 2005 - see DPAR MN00084537
284			# $rec = $db->get('serial-console');
285			@@ -761,7 +791,7 @@
286			my $q = $self->cgi;
287
288			# Don't show ipsecrw setting unless the status property exists
289			- return '' unless ($db->get('ipsec')
290			+ return $self->localise('DESC_IPSEC_VPN_UNAVAILABLE') unless ($db->get('ipsec')
291			&& $db->get('ipsec')->prop('RoadWarriorStatus'));
292
293			print $q->Tr(
294			diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm
295			--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm 2021-03-03 13:00:51.244000000 -0500
296			+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm 2021-03-03 15:10:48.081000000 -0500
297			@@ -51,6 +51,7 @@
298			reset_password
299			check_password
300			print_save_or_add_button
301			+ get_vpn_value
302			print_ipsec_client_section
303			get_prop
304
305			@@ -285,7 +286,10 @@
306			($rec ? ($rec->prop('EmailForward')) : 'local');
307			my $fwd = $cgi->param('ForwardAddress') ?
308			$cgi->param('ForwardAddress') :
309			- ($rec ? ($rec->prop('ForwardAddress')) : '');
310			+ ($rec ? ($rec->prop('ForwardAddress')) : '');
311			+ my $vpn = $cgi->param('VPNClientAccess') ?
312			+ $cgi->param('VPNClientAccess') :
313			+ ($rec ? ($rec->prop('VPNClientAccess')) : get_vpn_value() );
314			# now that we're down with the 411, let's set the values
315			$cgi->param(-name=>'FirstName', -value=>$fn);
316			$cgi->param(-name=>'LastName', -value=>$ln);
317			@@ -296,6 +300,7 @@
318			$cgi->param(-name=>'Phone', -value=>$phone);
319			$cgi->param(-name=>'EmailForward', -value=>$emf);
320			$cgi->param(-name=>'ForwardAddress', -value=>$fwd);
321			+ $cgi->param(-name=>'VPNClientAccess', -value=>$vpn);
322			} else {
323			print qq(
324			<td><input type="text" name="acctName" value="$an">
325			@@ -461,6 +466,18 @@
326			return $configdb->get('ldap')->prop($CGIParam2DBfield{$field});
327			}
328
329			+=head2 get_vpn_value()
330			+
331			+Routine to display default value for VPN
332			+
333			+=cut
334			+
335			+sub get_vpn_value
336			+{
337			+ my $vpn = $configdb->get('vpn') \|\| return 'no';
338			+ return $configdb->get('vpn')->prop('AccessDefault') \|\| 'no';
339			+}
340			+
341			=head1 VALIDATION ROUTINES
342
343			=head2 pseudonym_clash
344			@@ -718,8 +735,9 @@
345			'Street' => $self->{cgi}->param('Street'),
346			'EmailForward' => $self->{cgi}->param('EmailForward'),
347			'ForwardAddress' => $self->{cgi}->param('ForwardAddress'),
348			- 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
349			+ # 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
350			);
351			+ $newProperties{'VPNClientAccess'} = $self->{cgi}->param('VPNClientAccess') if defined $self->{cgi}->param('VPNClientAccess');
352
353			$acct->merge_props(%newProperties);
354