summaryrefslogtreecommitdiffstats
path: root/etc/inc/openvpn.inc
diff options
context:
space:
mode:
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r--etc/inc/openvpn.inc13
1 files changed, 11 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index efea035..1225f40 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -342,8 +342,11 @@ EOD;
openvpn_add_keyfile($cert['crt'], $conf, $mode_id, "cert");
openvpn_add_keyfile($cert['prv'], $conf, $mode_id, "key");
- if ($mode == 'server')
- openvpn_add_keyfile($settings['dh_params'], $conf, $mode_id, "dh");
+ if ($mode == 'server') {
+ $path_ovdh = $g['varetc_path']."/openvpn/dh-parameters";
+ $conf .= "dh {$path_ovdh}\n";
+ }
+
if ($settings['crl'])
openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify");
if ($settings['tls'])
@@ -465,6 +468,12 @@ function openvpn_resync_all() {
chown($path_ovpn, 'nobody');
chgrp($path_ovpn, 'nobody');
+ $path_ovdh = $g['varetc_path']."/openvpn/dh-parameters";
+ if (!file_exists($path_ovdh)) {
+ echo "Setting up OpenVPN environment ...\n";
+ exec("/usr/bin/openssl dhparam -out {$path_ovdh} 1024");
+ }
+
$path_csc = $g['varetc_path']."/openvpn_csc";
safe_mkdir($path_csc);
OpenPOWER on IntegriCloud