correct bugs on web interface

httpd.go

@@ -49,7 +49,8 @@ func parseJsonQuery(r *http.Request) (*jsonInput, error) {
 }
 
 func (h *HttpServer) handler(w http.ResponseWriter, r *http.Request) {
-	fmt.Fprintf(w, "nothing here\n")
+	w.Header().Set("Content-type", "application/javascript")
+	fmt.Fprintf(w, "\n")
 }
 
 func (h *HttpServer) versionHandler(w http.ResponseWriter, r *http.Request) {
@@ -80,6 +81,8 @@ func (h *HttpServer) helpHandler(w http.ResponseWriter, r *http.Request) {
 func (h *HttpServer) ajaxHandler(w http.ResponseWriter, r *http.Request) {
 	var sslUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageAny}
 
+	w.Header().Set("Content-type", "application/json")
+
 	// deactivate if there is no https auth
 	if h.key == "" || h.cert == "" || h.certPool == nil {
 		http.Error(w, "No security, deactivated", 403)
@@ -133,7 +136,7 @@ func (h *HttpServer) ajaxHandler(w http.ResponseWriter, r *http.Request) {
 	case "stats":
 		jsonStr, err := json.Marshal(h.ovpn.Stats())
 		if err != nil {
-			fmt.Fprintf(w, "Error : %s", err)
+			http.Error(w, fmt.Sprintf("%s", err), 500)
 		}
 		fmt.Fprintf(w, "%s", jsonStr)
 
@@ -141,12 +144,10 @@ func (h *HttpServer) ajaxHandler(w http.ResponseWriter, r *http.Request) {
 		if err := h.ovpn.Kill(req.Params.Session, req.Params.Id); err != nil {
 			http.Error(w, fmt.Sprintf("%s", err), 500)
 		}
-
+		fmt.Fprintf(w, "{}")
 	default:
 		http.Error(w, "Invalid request", 500)
-
 	}
-
 	return
 }
 
@@ -184,7 +185,7 @@ func NewHTTPServer(port, key, cert, ca, minProfile, neededProfile string, s *Ope
 		server := &http.Server{
 			Addr: port,
 			TLSConfig: &tls.Config{
-				ClientAuth: tls.RequestClientCert,
+				ClientAuth: tls.RequireAndVerifyClientCert,
 				ClientCAs:  h.certPool,
 			},
 		}