Use 0 when configuring tls-auth in server.

author: Ermal Luçi <eri@pfsense.org> 2010-03-01 21:04:35 +0000
committer: Ermal Luçi <eri@pfsense.org> 2010-03-01 21:04:35 +0000
commit: db746ce207a6c97f0e46fe15bb7af8eb950441f6 (patch)
tree: 79752b77af9022c62f88910f247ec7c47db23bd5 /etc/inc/openvpn.inc
parent: b6d0c86f52d4229444e5b358066fc209b75acc3e (diff)
download: pfsense-db746ce207a6c97f0e46fe15bb7af8eb950441f6.zip
pfsense-db746ce207a6c97f0e46fe15bb7af8eb950441f6.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 3e2964b..09f9056 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -512,8 +512,13 @@ function openvpn_reconfigure($mode,& $settings) {
 				$conf .= "dh {$g['etc_path']}/dh-parameters.{$settings['dh_length']}\n";
 			if ($settings['crl'])
 				openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify");
-			if ($settings['tls'])
-				openvpn_add_keyfile($settings['tls'], $conf, $mode_id, "tls-auth", $settings['mode'] == "server_tls" ? "0" : "1");
+			if ($settings['tls']) {
+				if ($settings['mode'] == "server_tls" || $settings['mode'] == "server_tls_user")
+					$tlsopt = 0;
+				else
+					$tlsopt = 1;
+				openvpn_add_keyfile($settings['tls'], $conf, $mode_id, "tls-auth", $tlsopt);
+			}
 			break;
 	}
author	Ermal Luçi <eri@pfsense.org>	2010-03-01 21:04:35 +0000
committer	Ermal Luçi <eri@pfsense.org>	2010-03-01 21:04:35 +0000
commit	db746ce207a6c97f0e46fe15bb7af8eb950441f6 (patch)
tree	79752b77af9022c62f88910f247ec7c47db23bd5 /etc/inc/openvpn.inc
parent	b6d0c86f52d4229444e5b358066fc209b75acc3e (diff)
download	pfsense-db746ce207a6c97f0e46fe15bb7af8eb950441f6.zip pfsense-db746ce207a6c97f0e46fe15bb7af8eb950441f6.tar.gz