Make a function to resync all OpenVPN CSCs and use it when saving an OpenVPN server. Fixes #6139
Review license / copyright on all files (final round)
Review license / copyright on all files (1st round)
Add missing recommended key lengths to OpenVPN options
Add key lengths to the OpenVPN options, for asymmetric keys of size 3072 (for current use), 7680, 15360 (for long term resistance), 8192 and 16384 (common binary exponents).
These are both supported by OpenVPN anyhow, and for certain uses are currently recommended (eg long term resistance to replay/decryption). See keylength.com for citations....
Trim the OpenVPN tunnel network before use, and on save. Fixes #6198
Merge pull request #2829 from phil-davis/openvpn-widget
(cherry picked from commit 1dae6c0f4184ac72c252fb934d2bfa4fd3a967fe)
Only specify auth-user-pass for TLS mode. Ticket #5941
Fix OpenVPN ifconfig. Ticket #5930
Use high level functions
Internationalize etc inc i through s
Fix style issues.
Review of CARP uniqid changes.
It turns out that current CARP implementation is not much different from an IP alias.
This commit converts the IP alias to also use the CARP uniqid scheme, this simplify the code in all other places because now we have only two different cases to deal with:...
Omit topology for tap OpenVPN, as it has no meaning in that context
Remove stray }
The topology line also must be skipped if an SSL/TLS mode is used with a CIDR less than 30.
Update license on files from /etc/inc
Remove spaces at EOL as requested
redmine 5702 - change to use high level IPv4 functions where low level ip2long32() etc are used
Consolidate OpenVPN kill_client routine
After a gitsync just now I started getting "cannot redeclarekill_client" error messages. Whatever it was that caused this to starthappening, the kill_client() function in these 2 places is identical.Might as well put it in openvpn.inc
Remove all pfSense_MODULE and pfSense_BUILDER_BINARIES definitions, whatever was the reason they were added, it was never finished and it's not being used
Fixed #5602 by dynamically updating hte help text based on the cert selected.
Code style and white space in etc
Prioritize and separate server certs for OpenVPN servers to make it more clear they should be using certificates created as Server certificates for this purpose -- it's still valid to use non-server certs but it's not what most people intend to do. Ticket #5602
whitespace/style fixups
Fix PHP error on boot/resync of OpenVPN
Omit topology from the config when using shared key mode.
Nuke openvpn_cleanup_csc, the job is done better by openvpn_delete_csc
Properly omit tunnel network when it's empty in the CSC
GUI/Backend changes to move topology_subnet checkbox to a topology drop-down selection. Issue #5526
P2P is there but commented out for now.
Backend changes to OpenVPN CSC handling to allow per-server configuration. Ticket #5526Still needs GUI work and other items mentioned on https://redmine.pfsense.org/issues/5526
Tidy up Boolean operators for HTML5
Remove the XHTML standard Boolean operators (makes reading HTML muchsimpler).
Put some OpenVPN functions into include file
Forum:https://forum.pfsense.org/index.php?topic=103036.msg574854#msg574854
A few functions were in both client and server PHP already and were thesame.build_crl_list() was missing from client PHP.build_cert_list() was slightly different in server and client PHP. I...
Integrate bootstrap etc/inc with master
This applies the little changes in etc/inc master to the bootstrapbranch so that etc/inc in bootstrap will now just have the realdifferences that are due to real bootstrap changes.
Merge branch 'master' into bootstrap
Move main pfSense content to src/