diff options
| author | jim-p <jimp@pfsense.org> | 2011-11-11 15:08:42 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-11-11 15:08:42 -0500 |
| commit | 9eced774415768ccc0516a9101a632bb07bd530e (patch) | |
| tree | 8c24d632f7f605ac0d85395a151826a926461fdb | |
| parent | 1379d66f11aaf72982a70287b83e24efcd18898e (diff) | |
| download | pfsense-9eced774415768ccc0516a9101a632bb07bd530e.zip pfsense-9eced774415768ccc0516a9101a632bb07bd530e.tar.gz | |
username-as-common-name is not compatible with server-bridge, so don't put it in the config if server-bridge is active. Testing is needed to determine if there is any other negative impact, but with both present, openvpn will not start.
| -rw-r--r-- | etc/inc/openvpn.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index f94967c..b4de58a 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -452,7 +452,9 @@ function openvpn_reconfigure($mode, $settings) { case 'server_user': $conf .= "client-cert-not-required\n"; case 'server_tls_user': - $conf .= "username-as-common-name\n"; + /* username-as-common-name is not compatible with server-bridge */ + if (stristr($conf, "server-bridge") === false) + $conf .= "username-as-common-name\n"; if (!empty($settings['authmode'])) { $authcfgs = explode(",", $settings['authmode']); $sed = "\$authmodes=array("; |
