Revision e62e2f8b
Added by Ermal Luçi over 15 years ago
| etc/inc/openvpn.inc | ||
|---|---|---|
| 353 | 353 |
switch($settings['mode']) {
|
| 354 | 354 |
case 'p2p_tls': |
| 355 | 355 |
case 'server_tls': |
| 356 |
case 'server_user': |
|
| 356 | 357 |
case 'server_tls_user': |
| 357 | 358 |
$conf .= "tls-server\n"; |
| 358 | 359 |
break; |
| ... | ... | |
| 487 | 488 |
case 'p2p_tls': |
| 488 | 489 |
case 'server_tls': |
| 489 | 490 |
case 'server_tls_user': |
| 491 |
case 'server_user': |
|
| 490 | 492 |
$ca = lookup_ca($settings['caref']); |
| 491 | 493 |
openvpn_add_keyfile($ca['crt'], $conf, $mode_id, "ca"); |
| 492 | 494 |
$cert = lookup_cert($settings['certref']); |
| ... | ... | |
| 497 | 499 |
if ($settings['crl']) |
| 498 | 500 |
openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify"); |
| 499 | 501 |
if ($settings['tls']) {
|
| 500 |
if ($settings['mode'] == "server_tls" || $settings['mode'] == "server_tls_user")
|
|
| 502 |
if (stristr($settings['mode'], "server"))
|
|
| 501 | 503 |
$tlsopt = 0; |
| 502 | 504 |
else |
| 503 | 505 |
$tlsopt = 1; |
| 504 | 506 |
openvpn_add_keyfile($settings['tls'], $conf, $mode_id, "tls-auth", $tlsopt); |
| 505 | 507 |
} |
| 506 | 508 |
break; |
| 507 |
case 'server_user': |
|
| 508 |
$ca = lookup_ca($settings['caref']); |
|
| 509 |
openvpn_add_keyfile($ca['crt'], $conf, $mode_id, "ca"); |
|
| 510 |
$cert = lookup_cert($settings['certref']); |
|
| 511 |
openvpn_add_keyfile($cert['crt'], $conf, $mode_id, "cert"); |
|
| 512 |
openvpn_add_keyfile($cert['prv'], $conf, $mode_id, "key"); |
|
| 513 |
if ($mode == 'server') |
|
| 514 |
$conf .= "dh {$g['etc_path']}/dh-parameters.{$settings['dh_length']}\n";
|
|
| 515 |
if ($settings['crl']) |
|
| 516 |
openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify"); |
|
| 517 |
break; |
|
| 518 | 509 |
} |
| 519 | 510 |
|
| 520 | 511 |
if ($settings['compression']) |
Also available in: Unified diff
Add tls-auth to server even when authenticating in user/pass mode.