Commit 5db0c310 authored by Ad Schellevis's avatar Ad Schellevis Committed by Franco Fichtner

(openvpn, export) add reneg-sec, closes https://github.com/opnsense/core/issues/1147

(cherry picked from commit 902b9431)
parent 6681e855
...@@ -186,6 +186,9 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys ...@@ -186,6 +186,9 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys
$conf .= "auth {$digest}{$nl}"; $conf .= "auth {$digest}{$nl}";
$conf .= "tls-client{$nl}"; $conf .= "tls-client{$nl}";
$conf .= "client{$nl}"; $conf .= "client{$nl}";
if (!empty($settings['reneg-sec'])) {
$conf .= "reneg-sec {$settings['reneg-sec']}{$nl}";
}
if (($expformat != "inlinedroid") && ($expformat != "inlineios")) { if (($expformat != "inlinedroid") && ($expformat != "inlineios")) {
$conf .= "resolv-retry infinite{$nl}"; $conf .= "resolv-retry infinite{$nl}";
} }
...@@ -631,6 +634,9 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco ...@@ -631,6 +634,9 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco
$conf .= "auth {$digest}\n"; $conf .= "auth {$digest}\n";
$conf .= "pull\n"; $conf .= "pull\n";
$conf .= "resolv-retry infinite\n"; $conf .= "resolv-retry infinite\n";
if (!empty($settings['reneg-sec'])) {
$conf .= "reneg-sec {$settings['reneg-sec']}\n";
}
$conf .= "remote {$server_host} {$server_port}\n"; $conf .= "remote {$server_host} {$server_port}\n";
if (!empty($settings['local_network'])) { if (!empty($settings['local_network'])) {
$conf .= openvpn_gen_routes($settings['local_network'], 'ipv4'); $conf .= openvpn_gen_routes($settings['local_network'], 'ipv4');
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment