diff options
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r-- | etc/inc/openvpn.inc | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index efea035..1225f40 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -342,8 +342,11 @@ EOD; openvpn_add_keyfile($cert['crt'], $conf, $mode_id, "cert"); openvpn_add_keyfile($cert['prv'], $conf, $mode_id, "key"); - if ($mode == 'server') - openvpn_add_keyfile($settings['dh_params'], $conf, $mode_id, "dh"); + if ($mode == 'server') { + $path_ovdh = $g['varetc_path']."/openvpn/dh-parameters"; + $conf .= "dh {$path_ovdh}\n"; + } + if ($settings['crl']) openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify"); if ($settings['tls']) @@ -465,6 +468,12 @@ function openvpn_resync_all() { chown($path_ovpn, 'nobody'); chgrp($path_ovpn, 'nobody'); + $path_ovdh = $g['varetc_path']."/openvpn/dh-parameters"; + if (!file_exists($path_ovdh)) { + echo "Setting up OpenVPN environment ...\n"; + exec("/usr/bin/openssl dhparam -out {$path_ovdh} 1024"); + } + $path_csc = $g['varetc_path']."/openvpn_csc"; safe_mkdir($path_csc); |