Attachment #18011 for bug #53479

View | Details | Raw Unified | Return to bug 53479
Collapse All | Expand All

Lines 19-25 OVPNCONFIG="ovpnoptions" Link Here

(-)a/backend3/openvpn-server (-3 / +17 lines)
19	DEFAULT_SERVERNAME="openvpn-server"	19	DEFAULT_SERVERNAME="openvpn-server"
20	DEFAULT_OWN_CA="$CERTSDIR/$DEFAULT_SERVERNAME-CA.crt"	20	DEFAULT_OWN_CA="$CERTSDIR/$DEFAULT_SERVERNAME-CA.crt"
21	DEFAULT_CA="$SSL_CERTDIR/ca-root.pem"	21	DEFAULT_CA="$SSL_CERTDIR/ca-root.pem"
22	DHPARAM_NUMBITS="1024"	22	DHPARAM_NUMBITS="2048"
23	CACHEDIR="/var/cache/alterator/openvpn-server"	23	CACHEDIR="/var/cache/alterator/openvpn-server"
24	CCDDIR="$CHROOTDIR/$CONFDIR/ccd"	24	CCDDIR="$CHROOTDIR/$CONFDIR/ccd"
25	IFACESDIR="$ETCNET_IFACESDIR"	25	IFACESDIR="$ETCNET_IFACESDIR"
Lines 130-141 is_gost() Link Here
130	$OPENSSL "$1" -noout -text -in "$2" \| egrep -qs 'Public Key Algorithm:[[:blank:]]+GOST'	130	$OPENSSL "$1" -noout -text -in "$2" \| egrep -qs 'Public Key Algorithm:[[:blank:]]+GOST'
131	}	131	}
132		132
		133	check_dhparam()
		134	{
		135	[ -n "$in_dhparams" ] && DHPARAM_NUMBITS="$in_dhparams"
		136	}
		137
133	make_ssl_files()	138	make_ssl_files()
134	{	139	{
135	[ -n "$1" ] \|\| return	140	[ -n "$1" ] \|\| return
136	ssl_make_key "$1"	141	ssl_make_key "$1"
137	ssl_check_cert "$1" \|\| ssl_make_req "$1"	142	ssl_check_cert "$1" \|\| ssl_make_req "$1"
138	ssl_check_dhparam "$1" \|\| ssl_make_dhparam "$1" "$DHPARAM_NUMBITS"	143	ssl_check_dhparam "$1" && check_dhparam \|\| ssl_make_dhparam "$1" "$DHPARAM_NUMBITS"
139	}	144	}
140		145
141	### ip helpers	146	### ip helpers
Lines 307-312 list_clients() Link Here
307	ls "$CCDDIR" 2>/dev/null	312	ls "$CCDDIR" 2>/dev/null
308	}	313	}
309		314
		315	list_dhparams()
		316	{
		317	write_enum_item "2048"
		318	write_enum_item "3072"
		319	write_enum_item "4096"
		320	}
		321
310	list_client_networks()	322	list_client_networks()
311	{	323	{
312	local client_name="$1";shift	324	local client_name="$1";shift
Lines 1000-1006 on_message() Link Here
1000	;;	1012	;;
1001	avail_tls_ciphers) list_tls_ciphers \| write_enum	1013	avail_tls_ciphers) list_tls_ciphers \| write_enum
1002	;;	1014	;;
1003	avail_digests) list_digests \| write_enum	1015	avail_dhparams) list_dhparams \| write_enum
		1016	;;
		1017	avail_digests) list_digests \| write_enum
1004	;;	1018	;;
1005	esac	1019	esac
1006	;;	1020	;;




  (form-update-enum "ciphers" (woo-list "/openvpn-server/avail_ciphers"))
  (form-update-enum "tls_ciphers" (woo-list "/openvpn-server/avail_tls_ciphers"))
  (form-update-enum "digests" (woo-list "/openvpn-server/avail_digests"))
  (form-update-enum "dhparams" (woo-list "/openvpn-server/avail_dhparams"))
  (read-config))

(define (read-config)

	(form-update-enum "bridge" (woo-list "/openvpn-server/avail_bridges"))
	(form-update-value-list
	  '("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask"
		"gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "ciphers" "tls_ciphers" "digests" "ncp_disable" "dhparams")
	  cmd)
	(update-type-interface)))


			 'operation reason
			 (form-value-list
			   '("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask"
				 "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "tls_ciphers" "digests" "ncp_disable" "dhparams"))))))

(define (add-network)
  (write-config "add-server-network")

Lines 84-89 Link Here

(-)a/alterator-openvpn-server/ui/openvpn-server/index.html (+4 lines)
84	<span translate="_" name="ncp_disable">Disable NCP</span>	84	<span translate="_" name="ncp_disable">Disable NCP</span>
85	</td>	85	</td>
86	</tr>	86	</tr>
		87	<tr>
		88	<td><span translate="_" name="dhparams">DH Parameter:</span></td>
		89	<td><select name="dhparams"></select></td>
		90	</tr>
87	<tr>	91	<tr>
88	<td><span translate="_" name="vpnpool_start" style="display:none">VPN addresses start:</span></td>	92	<td><span translate="_" name="vpnpool_start" style="display:none">VPN addresses start:</span></td>
89	<td><input type="text" class="text" name="vpnpool_start" style="width:150px; display:none"/></td>	93	<td><input type="text" class="text" name="vpnpool_start" style="width:150px; display:none"/></td>

Return to bug 53479

Lines 30-35 Link Here

(-)a/ui/openvpn-server/ajax.scm (-2 / +3 lines)
30	(form-update-enum "ciphers" (woo-list "/openvpn-server/avail_ciphers"))	30	(form-update-enum "ciphers" (woo-list "/openvpn-server/avail_ciphers"))
31	(form-update-enum "tls_ciphers" (woo-list "/openvpn-server/avail_tls_ciphers"))	31	(form-update-enum "tls_ciphers" (woo-list "/openvpn-server/avail_tls_ciphers"))
32	(form-update-enum "digests" (woo-list "/openvpn-server/avail_digests"))	32	(form-update-enum "digests" (woo-list "/openvpn-server/avail_digests"))
		33	(form-update-enum "dhparams" (woo-list "/openvpn-server/avail_dhparams"))
33	(read-config))	34	(read-config))
34		35
35	(define (read-config)	36	(define (read-config)
Lines 38-44 Link Here
38	(form-update-enum "bridge" (woo-list "/openvpn-server/avail_bridges"))	39	(form-update-enum "bridge" (woo-list "/openvpn-server/avail_bridges"))
39	(form-update-value-list	40	(form-update-value-list
40	'("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask"	41	'("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask"
41	"gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "ciphers" "tls_ciphers" "digests" "ncp_disable")	42	"gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "ciphers" "tls_ciphers" "digests" "ncp_disable" "dhparams")
42	cmd)	43	cmd)
43	(update-type-interface)))	44	(update-type-interface)))
44		45
Lines 64-70 Link Here
64	'operation reason	65	'operation reason
65	(form-value-list	66	(form-value-list
66	'("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask"	67	'("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask"
67	"gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "tls_ciphers" "digests" "ncp_disable"))))))	68	"gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "tls_ciphers" "digests" "ncp_disable" "dhparams"))))))
68		69
69	(define (add-network)	70	(define (add-network)
70	(write-config "add-server-network")	71	(write-config "add-server-network")