| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Fix quite a few problems down the way.
|
|
|
|
| |
credentials.
|
|
|
|
| |
authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
|
|
|
|
| |
system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page.
|
| |
|
| |
|
|
|
|
| |
will break at least Viscosity export utility.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Simplify get_memory(). Tested on mips/i386
|
| |
|
| |
|
|
|
|
| |
not need to be present on all of the includes.
|
|
|
|
| |
Requested-by: cmb
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
The wrong variable was being checked, so the result was always false.
|
| |
|
|
|
|
| |
It had been failing on any change, including valid unused choices.
|
|
|
|
| |
consistency.
|
| |
|
|
|
|
| |
by Ermal.
|
|
|
|
|
|
|
|
| |
existing tab group. This requires that each page in the tab group call
add_package_tabs() with the tab group name before display_top_tabs() so
pages can be inserted. While far from optimal, this system is really a
stop-gap measure until a more intelligent menu/tab system can be
implemented. Discussed with Scott on IRC.
|
|
|
|
| |
to be specified. Upgraded 1.2.x configurations will default to 1024 bits.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
what configuration options are appropriate. The operational mode dictates
the authentication method. They are defines as follows ...
Peer to Peer ( SSL/TLS )
Peer to Peer ( Shared Key )
Remote Access ( SSL/TLS )
Remote Access ( User Auth )
Remote Access ( SSL/TLS + User Auth )
Some of these modes allow for user authentication using passwords. We now
use the etc/inc/openvpn.auth-user.php file to facilitate this by checking
the username and password supplied by OpenVPN against our centralized user
database.
The Server and Client user interfaces have also been updated to support
TLS packet authentication. This is an additional security option that is
optional.
|
|
|
|
| |
tos options from being set correctly in configuration files.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
on data that wasn't necessarily a valid array.
Modify the OpenVPN code to stop passing the array index around and then
immediately obtaining a reference to the array entry. We already have a
reference to the data, just pass it instead. Also add some check to make
certain tap configuration steps more conditional. Make sure we remove
configuration and pid files when they are no longer required. Fix a few
other OpenVPN related bugs.
|
|
|
|
|
| |
Add functions and interface code to handle local port conflict detection
and resolution.
|
|
|
|
|
|
|
|
|
|
| |
this information in the configuration as its not specific to the server.
It only contains the parameters ( a safe large prime number ) that is
used during a DH key exchange. Instead, we now use a system wide dh file
that is generated when the /var/etc/openvpn directory is setup. This
shaves 10 to 30 seconds off of the server config creation process. Also
correct a bug in the hack I added to work around carp related issues
that prevented filter re-configuration from working properly.
|
|
not use the pkg system and the configuration has been migrated to an
openvpn prefix. The centralized user and certificate manager is now used
to support the openvpn configurations. Most of the files removed in this
commit were not being referenced.
This commit also splits out the certificate management components into a
new system menu item.
|