fabianfrz · Aug 1, 2016
diff --git a/contrib/openvpn/client-export/template/openvpnmanager/license.txt b/contrib/openvpn/client-export/template/openvpnmanager/license.txt
diff --git a/contrib/openvpn/client-export/template/openvpnmanager/openvpn-postinstall.exe b/contrib/openvpn/client-export/template/openvpnmanager/openvpn-postinstall.exe
diff --git a/contrib/openvpn/client-export/template/procchain-import b/contrib/openvpn/client-export/template/procchain-import
diff --git a/contrib/openvpn/client-export/template/procchain-standard b/contrib/openvpn/client-export/template/procchain-standard
diff --git a/contrib/openvpn/client-export/template/procchain.exe b/contrib/openvpn/client-export/template/procchain.exe
diff --git a/src/etc/inc/openvpn-client-export.inc b/src/etc/inc/openvpn-client-export.inc
@@ -29,10 +29,6 @@
     POSSIBILITY OF SUCH DAMAGE.
 */
 
-global $current_openvpn_version, $current_openvpn_version_rev;
-$current_openvpn_version     = "2.3.6";
-$current_openvpn_version_rev = "01";
-
 function openvpn_client_export_prefix($srvid, $usrid = null, $crtid = null)
 {
     global $config;
@@ -455,134 +451,12 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys
     }
 }
 
-function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions, $openvpn_version = "x86-xp")
-{
-    global $config, $input_errors, $current_openvpn_version, $current_openvpn_version_rev;
-
-    switch ($openvpn_version) {
-        case "x86-xp":
-            $client_install_exe = "openvpn-install-{$current_openvpn_version}-I0{$current_openvpn_version_rev}-i686.exe";
-            break;
-        case "x64-xp":
-            $client_install_exe = "openvpn-install-{$current_openvpn_version}-I0{$current_openvpn_version_rev}-x86_64.exe";
-            break;
-        case "x86-win6":
-            $client_install_exe = "openvpn-install-{$current_openvpn_version}-I6{$current_openvpn_version_rev}-i686.exe";
-            break;
-        case "x64-win6":
-            $client_install_exe = "openvpn-install-{$current_openvpn_version}-I6{$current_openvpn_version_rev}-x86_64.exe";
-            break;
-        default:
-            $input_errors[] = gettext("Could not find matching OpenVPN architecture.");
-            return false;
-    }
-
-    $validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
-    if (!$validconfig) {
-        $input_errors[] = gettext("Could not validate OpenVPN config.");
-        return false;
-    }
-
-    list($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys) = $validconfig;
-
-    // create template directory
-    $tempdir = '/tmp/openvpn-export-' . uniqid();
-    mkdir($tempdir, 0700, true);
-
-    // create config directory
-    $confdir = "{$tempdir}/config";
-    if (!is_dir($conf_dir)) {
-        mkdir($confdir, 0700, true);
-    }
-
-    // copy the template directory
-    exec("cp -r /usr/local/opnsense/contrib/openvpn/client-export/template/* {$tempdir}");
-    // and put the required installer exe in place
-    exec("/bin/cp {$tempdir}/{$client_install_exe} {$tempdir}/openvpn-install.exe");
-    if (stristr($openvpn_version, "x64")) {
-        rename("{$tempdir}/openvpn-postinstall64.exe", "{$tempdir}/openvpn-postinstall.exe");
-    }
-
-    // write configuration file
-    $prefix = openvpn_client_export_prefix($srvid, $usrid, $crtid);
-    $cfgfile = "{$confdir}/{$prefix}-config.ovpn";
-    if (!empty($proxy) && $proxy['proxy_authtype'] != "none") {
-        $proxy['passwdfile'] = "{$prefix}-password";
-        $pwdfle = "{$proxy['user']}\r\n";
-        $pwdfle .= "{$proxy['password']}\r\n";
-        file_put_contents("{$confdir}/{$proxy['passwdfile']}", $pwdfle);
-    }
-    $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken,  $nokeys, $proxy, "", "baseconf", false, true, $openvpnmanager, $advancedoptions);
-    if (!$conf) {
-        $input_errors[] = gettext("Could not create a config to export.");
-        return false;
-    }
-
-    file_put_contents($cfgfile, $conf);
-
-    $cafile = "{$tempdir}/config/{$prefix}-ca.crt";
-    file_put_contents($cafile, $server_ca);
-    if ($settings['tls']) {
-        $tlsfile = "{$tempdir}/config/{$prefix}-tls.key";
-        file_put_contents($tlsfile, base64_decode($settings['tls']));
-    }
-
-    // write key files
-    if ($settings['mode'] != "server_user") {
-        $crtfile = "{$tempdir}/config/{$prefix}-{$user['name']}.crt";
-        file_put_contents($crtfile, base64_decode($cert['crt']));
-        $keyfile = "{$tempdir}/config/{$prefix}-{$user['name']}.key";
-        file_put_contents($keyfile, base64_decode($cert['prv']));
-        // convert to pkcs12 format
-        $p12file = "{$tempdir}/config/{$prefix}.p12";
-        if ($usetoken) {
-            openvpn_client_pem_to_pk12($p12file, $outpass, $crtfile, $keyfile);
-        } else {
-            openvpn_client_pem_to_pk12($p12file, $outpass, $crtfile, $keyfile, $cafile);
-        }
-    }
-
-    // 7zip the configuration data
-    chdir($tempdir);
-    $files  = "config ";
-    if ($openvpnmanager) {
-        $files .= "openvpnmanager ";
-    }
-
-    $files .= "openvpn-install.exe ";
-    $files .= "openvpn-postinstall.exe ";
-    if ($usetoken) {
-        $procchain =  ';!@Install@!UTF-8!
-RunProgram="openvpn-postinstall.exe /Import"
-;!@InstallEnd@!'
-;
-    } else {
-        $procchain =  ';!@Install@!UTF-8!
-RunProgram="openvpn-postinstall.exe"
-;!@InstallEnd@!';
-    }
-    file_put_contents("{$tempdir}/7zipConfig",$procchain);
-
-    exec("/usr/local/bin/7z -y a archive.7z {$files}");
-
-    // create the final installer
-    $outfile = "{$tempdir}-install.exe";
-    chdir('/tmp');
-    exec("/bin/cat {$tempdir}/7zS.sfx {$tempdir}/7zipConfig {$tempdir}/archive.7z > {$outfile}");
-
-    // cleanup
-    exec("/bin/rm -r {$tempdir}");
-
-    return $outfile;
-}
-
-function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions)
+function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions, $compression_type)
 {
     global $config;
 
     $uniq = uniqid();
     $tempdir = "/tmp/openvpn-export-{$uniq}";
-    $zipfile = "/tmp/{$uniq}-Viscosity.visc.zip";
 
     $validconfig = openvpn_client_export_validate_config($srvid, $usrid, $crtid);
     if (!$validconfig) {
@@ -678,12 +552,18 @@ EOF;
     }
 
     // Zip Viscosity file
-    exec("cd {$tempdir}/.. && /usr/local/bin/7z -tzip -y a {$zipfile} Viscosity.visc");
+    if ($compression_type == 'targz') {
+        $outputfile = "/tmp/{$uniq}-Viscosity.visz";
+        exec("cd {$tempdir}/.. && /usr/bin/tar cfz {$outputfile} Viscosity.visc");
+    } else {
+        $outputfile = "/tmp/{$uniq}-Viscosity.visc.zip";
+        exec("cd {$tempdir}/.. && /usr/local/bin/7z -tzip -y a {$outputfile} Viscosity.visc");
+    }
 
     // Remove temporary directory
     exec("rm -rf {$tempdir}");
 
-    return $zipfile;
+    return $outputfile;
 }
 
 function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipconf = false)

diff --git a/src/www/vpn_openvpn_export.php b/src/www/vpn_openvpn_export.php
@@ -224,10 +224,10 @@
             $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $openvpnmanager, $advancedoptions);
         } elseif ($act == "visc") {
             $exp_name = urlencode($exp_name."-Viscosity.visc.zip");
-            $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions);
-        } elseif (substr($act, 0, 4) == "inst") {
-            $exp_name = urlencode($exp_name."-install.exe");
-            $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, substr($act, 5));
+            $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, 'zip');
+        } elseif ($act == "visz") {
+            $exp_name = urlencode($exp_name."-Viscosity.visz");
+            $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, 'targz');
         } elseif ( $act == 'skconf')  {
             $exp_path = openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, false);
             $exp_name = urlencode($exp_name."-config.ovpn");
@@ -604,14 +604,9 @@
                               <option value="confinlineios"><?=gettext("OpenVPN Connect (iOS/Android)");?></option>
                               <option value="confinline"><?=gettext("Others");?></option>
                             </optgroup>
-                            <optgroup label="<?=sprintf(gettext("Windows Installers (%s-Ix%s)"), $current_openvpn_version, $current_openvpn_version_rev);?>">
-                              <option value="inst-x86-xp"><?=gettext("x86-xp");?></option>
-                              <option value="inst-x64-xp"><?=gettext("x64-xp");?></option>
-                              <option value="inst-x86-win6"><?=gettext("x86-win6");?></option>
-                              <option value="inst-x64-win6"><?=gettext("x64-win6");?></option>
-                            </optgroup>
-                            <optgroup label="<?=gettext("Mac OSX");?>">
-                              <option value="visc"><?=gettext("Viscosity Bundle");?></option>
+                            <optgroup label="<?=gettext("Mac OSX / Windows");?>">
+                              <option value="visc"><?=gettext("Viscosity Bundle (OSX)");?></option>
+                              <option value="visz"><?=gettext("Viscosity Bundle (Windows)");?></option>
                             </optgroup>
                           </select>
                         </td>
@@ -636,14 +631,9 @@
                               <option value="confinlineios"><?=gettext("OpenVPN Connect (iOS/Android)");?></option>
                               <option value="confinline"><?=gettext("Others");?></option>
                             </optgroup>
-                            <optgroup label="<?=sprintf(gettext("Windows Installers (%s-Ix%s)"), $current_openvpn_version, $current_openvpn_version_rev);?>">
-                              <option value="inst-x86-xp"><?=gettext("x86-xp");?></option>
-                              <option value="inst-x64-xp"><?=gettext("x64-xp");?></option>
-                              <option value="inst-x86-win6"><?=gettext("x86-win6");?></option>
-                              <option value="inst-x64-win6"><?=gettext("x64-win6");?></option>
-                            </optgroup>
-                            <optgroup label="<?=gettext("Mac OSX");?>">
-                              <option value="visc"><?=gettext("Viscosity Bundle");?></option>
+                            <optgroup label="<?=gettext("Mac OSX / Windows");?>">
+                              <option value="visc"><?=gettext("Viscosity Bundle (OSX)");?></option>
+                              <option value="visz"><?=gettext("Viscosity Bundle (Windows)");?></option>
                             </optgroup>
 <?php
                             if ($server['mode'] == 'server_tls'):?>
@@ -679,14 +669,9 @@
                               <option value="confinlineios"><?=gettext("OpenVPN Connect (iOS/Android)");?></option>
                               <option value="confinline"><?=gettext("Others");?></option>
                             </optgroup>
-                            <optgroup label="<?=sprintf(gettext("Windows Installers (%s-Ix%s)"), $current_openvpn_version, $current_openvpn_version_rev);?>">
-                              <option value="inst-x86-xp"><?=gettext("x86-xp");?></option>
-                              <option value="inst-x64-xp"><?=gettext("x64-xp");?></option>
-                              <option value="inst-x86-win6"><?=gettext("x86-win6");?></option>
-                              <option value="inst-x64-win6"><?=gettext("x64-win6");?></option>
-                            </optgroup>
-                            <optgroup label="<?=gettext("Mac OSX");?>">
-                              <option value="visc"><?=gettext("Viscosity Bundle");?></option>
+                            <optgroup label="<?=gettext("Mac OSX / Windows");?>">
+                              <option value="visc"><?=gettext("Viscosity Bundle (OSX)");?></option>
+                              <option value="visz"><?=gettext("Viscosity Bundle (Windows)");?></option>
                             </optgroup>
                           </select>
                         </td>
@@ -715,15 +700,13 @@
                       </tbody>
                     </table>
                     <div class="hidden" for="help_for_clientpkg">
-                      <br/>
-                      <?= gettext('The "XP" Windows installers work on Windows XP and later versions. The "win6" Windows installers include a new tap-windows6 driver that works only on Windows Vista and later.') ?><br/>
                       <br/><br/>
                       <strong><?= gettext("Links to OpenVPN clients for various platforms:") ?></strong><br/>
-                      <a href="http://openvpn.net/index.php/open-source/downloads.html"><?= gettext("OpenVPN Community Client") ?></a> - <?=gettext("Binaries for Windows, Source for other platforms. Packaged above in the Windows Installers")?><br/>
+                      <a href="http://www.sparklabs.com/viscosity/"><?= gettext("Viscosity") ?></a> - <?= gettext("Recommended client for Mac OSX and Windows") ?><br/>
+                      <a href="http://openvpn.net/index.php/open-source/downloads.html"><?= gettext("OpenVPN Community Client") ?></a> - <?=gettext("Binaries for Windows, Source for other platforms.")?><br/>
                       <a href="https://play.google.com/store/apps/details?id=de.blinkt.openvpn"><?= gettext("OpenVPN For Android") ?></a> - <?=gettext("Recommended client for Android")?><br/>
                       <a href="http://www.featvpn.com/"><?= gettext("FEAT VPN For Android") ?></a> - <?=gettext("For older versions of Android")?><br/>
                       <?= gettext("OpenVPN Connect") ?>: <a href="https://play.google.com/store/apps/details?id=net.openvpn.openvpn"><?=gettext("Android (Google Play)")?></a> or <a href="https://itunes.apple.com/us/app/openvpn-connect/id590379981"><?=gettext("iOS (App Store)")?></a> - <?= gettext("Recommended client for iOS") ?>
-                      <br/><a href="http://www.sparklabs.com/viscosity/"><?= gettext("Viscosity") ?></a> - <?= gettext("Recommended client for Mac OSX") ?>
                       <br/><a href="http://code.google.com/p/tunnelblick/"><?= gettext("Tunnelblick") ?></a> - <?= gettext("Free client for OSX") ?>
                       <br/><br/>
                       <?= gettext("If you expect to see a certain client in the list but it is not there, it is usually due to a CA mismatch between the OpenVPN server instance and the client certificates found in the User Manager.") ?><br/>