diff options
author | jim-p <jimp@pfsense.org> | 2010-09-21 15:39:57 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-09-21 15:39:57 -0400 |
commit | 6db0238173e36182f2abc4dfcdda3a7c05babd11 (patch) | |
tree | 26468c2a130b4451d07dcb0332a46aa5f942ffb6 /etc/inc/openvpn.inc | |
parent | c492948a820e7b8e6fc34cee099309307a4d3f7b (diff) | |
download | pfsense-6db0238173e36182f2abc4dfcdda3a7c05babd11.zip pfsense-6db0238173e36182f2abc4dfcdda3a7c05babd11.tar.gz |
Allow selecting an OpenVPN Server CRL if we are in an SSL mode.
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r-- | etc/inc/openvpn.inc | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index a71a9ba..e41d39e 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -506,8 +506,10 @@ function openvpn_reconfigure($mode,& $settings) { openvpn_add_keyfile($cert['prv'], $conf, $mode_id, "key"); if ($mode == 'server') $conf .= "dh {$g['etc_path']}/dh-parameters.{$settings['dh_length']}\n"; - if ($settings['crl']) - openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify"); + if (!empty($settings['crlref'])) { + $crl = lookup_crl($settings['crlref']); + openvpn_add_keyfile($crl['text'], $conf, $mode_id, "crl-verify"); + } if ($settings['tls']) { if (stristr($settings['mode'], "server")) $tlsopt = 0; |