function OpenVPNCLientStart($id){
$unix=new unix();
$sock=new sockets();
$main_path="/etc/artica-postfix/openvpn/clients";
chdir("/root");
$count=0;
if(!is_numeric($id)){echo "Starting......: OpenVPN client $id is not numeric (".__LINE__.")\n";return;}
if($id==0){echo "Starting......: OpenVPN client $id is not a valid integer (".__LINE__.")\n";return;}
if(!is_file("$main_path/$id/settings.ovpn")){
BuildOpenVpnSingleClient($id);
if(!is_file("$main_path/$id/settings.ovpn")){
echo "Starting......: OpenVPN client $id, unable to stat $main_path/$id/settings.ovpn (".__LINE__.")\n";
return;
}
}
$pid=vpn_client_pid($id);
if($unix->process_exists($pid)){
echo "Starting......: OpenVPN client $id, Already running PID $pid\n";
return;
}
BuildOpenVpnSingleClient($id);
$bridge=OpenVPNCLientIsOnTap($id);
if(!$bridge){
$tun=OpenVPNCLientStartGetDev($id);
if($tun<>null){
if(!is_file("/dev/net/$tun")){
echo "Starting......: OpenVPN client TUN $id,creating dev \"$tun\"\n";
system($unix->find_program("mknod") ." /dev/net/$tun c 10 200 >/dev/null 2>&1");
system($unix->find_program("chmod"). " 600 /dev/net/$tun >/dev/null 2>&1");
}}
}else{
$tap=OpenVPNCLientStartGetTAPDev($id);
echo "Starting......: OpenVPN client TAP $id,creating dev \"$tap\"\n";
system("$openvpn --mktun --dev $tap");
}
if(is_file("$main_path/$id/auth-user-pass")){
echo "Starting......: OpenVPN client [$id] authentication is enabled...\n";
$EnableAuth=" --auth-user-pass $main_path/$id/auth-user-pass";
}
echo "Starting......: OpenVPN client [$id] log file will be $main_path/$id/openvpn-status.log\n";
shell_exec("/bin/chmod -R 600 $main_path/$id");
$cmd="openvpn --askpass $main_path/$id/keypassword$EnableAuth --config $main_path/$id/settings.ovpn --writepid $main_path/$id/pid --daemon --log $main_path/$id/log";
$cmd=$cmd. " --status $main_path/$id/openvpn-status.log 10";
if($GLOBALS["VERBOSE"]){echo "\n\n$cmd\n\n";}
shell_exec($cmd);
$count=0;
$pid=vpn_client_pid($id);
for($i=0;$i<7;$i++){
$count++;
echo "Starting......: OpenVPN client [$id] (pid=$pid), waiting for pid $i/7\n";
if($unix->process_exists($pid)){break;}
if($count>5){echo "Starting......: OpenVPN client $id, time-out\n";break;}
$pid=vpn_client_pid($id);
if($pid==null){sleep(5);continue;}
if($unix->process_exists($id)){break;}
sleep(5);
}
$pid=vpn_client_pid($id);
if(!$unix->process_exists($pid)){
echo "Starting......: OpenVPN client $id, failed \"$cmd\"\n";
iptables_delete_client_rules($id);
return;
}
echo "Starting......: OpenVPN client $id, success running pid number $pid\n";
if(!$bridge){
$ethlink=trim(@file_get_contents("$main_path/$id/ethlink"));
if(trim($ethlink)==null){
$ethlink=OpenVpnClientGetDefaultethLink();
echo "Starting......: OpenVPN client $id, no ethlink...create a default one for $ethlink\n";
@file_put_contents("$main_path/$id/ethlink",$ethlink);
}
if($ethlink<>null){
iptables_delete_client_rules($id);
BuildIpTablesClient($ethlink,$id);
}else{
echo "Starting......: OpenVPN client $id, no ethlink...in $main_path/$id/ethlink\n";
}
}
BuildClientRoute($id);
}
function BuildOpenVpnClients()
{
chdir("/root");
iptables_delete_client_rules();
$main_path = "/etc/artica-postfix/openvpn/clients";
$sql = "SELECT * FROM vpnclient WHERE connexion_type=2 and enabled=1 ORDER BY ID";
$q = new mysql();
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo "Starting......: OpenVPN client, mysql database error, starting from cache\n";
return null;
}
@mkdir("/etc/artica-postfix/openvpn/clients", 0666, true);
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$subpath = "{$main_path}/{$ligne["ID"]}";
@mkdir("{$subpath}", 0666, true);
$password = base64_decode($ligne["keypassword"]);
if ($password == null) {
$password = "******";
}
echo "Starting......: OpenVPN client, building configuration for {$ligne["connexion_name"]}\n";
@file_put_contents("{$subpath}/ca.crt", $ligne["ca_bin"]);
@file_put_contents("{$subpath}/certificate.crt", $ligne["cert_bin"]);
@file_put_contents("{$subpath}/master-key.key", $ligne["key_bin"]);
@file_put_contents("{$subpath}/settings.ovpn", $ligne["ovpn"]);
@file_put_contents("{$subpath}/ethlink", $ligne["ethlisten"]);
@file_put_contents("{$subpath}/keypassword", $password);
BuildOpenVpnClients_changeConfig($subpath, "{$ligne["ID"]}");
}
}
