ALT Linux Bugzilla
– Attachment 18011 Details for
Bug 53479
Ошибки при попытке запустить сервер OpenVPN
New bug
|
Search
|
[?]
|
Help
Register
|
Log In
[x]
|
Forgot Password
Login:
[x]
|
EN
|
RU
[patch]
Патч, исправляющий ошибку с DHPARAM_NUMBITS
alterator-openvpn-server-0.8.7-alt-fix-dh-param.patch (text/plain), 3.66 KB, created by
Alexey Volkov
on 2025-03-18 15:26:48 MSK
(
hide
)
Description:
Патч, исправляющий ошибку с DHPARAM_NUMBITS
Filename:
MIME Type:
Creator:
Alexey Volkov
Created:
2025-03-18 15:26:48 MSK
Size:
3.66 KB
patch
obsolete
>diff --git a/backend3/openvpn-server b/backend3/openvpn-server >--- a/backend3/openvpn-server >+++ b/backend3/openvpn-server >@@ -19,7 +19,7 @@ OVPNCONFIG="ovpnoptions" > DEFAULT_SERVERNAME="openvpn-server" > DEFAULT_OWN_CA="$CERTSDIR/$DEFAULT_SERVERNAME-CA.crt" > DEFAULT_CA="$SSL_CERTDIR/ca-root.pem" >-DHPARAM_NUMBITS="1024" >+DHPARAM_NUMBITS="2048" > CACHEDIR="/var/cache/alterator/openvpn-server" > CCDDIR="$CHROOTDIR/$CONFDIR/ccd" > IFACESDIR="$ETCNET_IFACESDIR" >@@ -130,12 +130,17 @@ is_gost() > $OPENSSL "$1" -noout -text -in "$2" | egrep -qs 'Public Key Algorithm:[[:blank:]]+GOST' > } > >+check_dhparam() >+{ >+ [ -n "$in_dhparams" ] && DHPARAM_NUMBITS="$in_dhparams" >+} >+ > make_ssl_files() > { > [ -n "$1" ] || return > ssl_make_key "$1" > ssl_check_cert "$1" || ssl_make_req "$1" >- ssl_check_dhparam "$1" || ssl_make_dhparam "$1" "$DHPARAM_NUMBITS" >+ ssl_check_dhparam "$1" && check_dhparam || ssl_make_dhparam "$1" "$DHPARAM_NUMBITS" > } > > ### ip helpers >@@ -307,6 +312,13 @@ list_clients() > ls "$CCDDIR" 2>/dev/null > } > >+list_dhparams() >+{ >+ write_enum_item "2048" >+ write_enum_item "3072" >+ write_enum_item "4096" >+} >+ > list_client_networks() > { > local client_name="$1";shift >@@ -1000,7 +1012,9 @@ on_message() > ;; > avail_tls_ciphers) list_tls_ciphers | write_enum > ;; >- avail_digests) list_digests | write_enum >+ avail_dhparams) list_dhparams | write_enum >+ ;; >+ avail_digests) list_digests | write_enum > ;; > esac > ;; >diff --git a/ui/openvpn-server/ajax.scm b/ui/openvpn-server/ajax.scm >--- a/ui/openvpn-server/ajax.scm >+++ b/ui/openvpn-server/ajax.scm >@@ -30,6 +30,7 @@ > (form-update-enum "ciphers" (woo-list "/openvpn-server/avail_ciphers")) > (form-update-enum "tls_ciphers" (woo-list "/openvpn-server/avail_tls_ciphers")) > (form-update-enum "digests" (woo-list "/openvpn-server/avail_digests")) >+ (form-update-enum "dhparams" (woo-list "/openvpn-server/avail_dhparams")) > (read-config)) > > (define (read-config) >@@ -38,7 +39,7 @@ > (form-update-enum "bridge" (woo-list "/openvpn-server/avail_bridges")) > (form-update-value-list > '("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask" >- "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "ciphers" "tls_ciphers" "digests" "ncp_disable") >+ "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "ciphers" "tls_ciphers" "digests" "ncp_disable" "dhparams") > cmd) > (update-type-interface))) > >@@ -64,7 +65,7 @@ > 'operation reason > (form-value-list > '("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask" >- "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "tls_ciphers" "digests" "ncp_disable")))))) >+ "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "tls_ciphers" "digests" "ncp_disable" "dhparams")))))) > > (define (add-network) > (write-config "add-server-network") >diff --git a/alterator-openvpn-server/ui/openvpn-server/index.html b/alterator-openvpn-server/ui/openvpn-server/index.html >--- a/ui/openvpn-server/index.html >+++ b/ui/openvpn-server/index.html >@@ -84,6 +84,10 @@ > <span translate="_" name="ncp_disable">Disable NCP</span> > </td> > </tr> >+ <tr> >+ <td><span translate="_" name="dhparams">DH Parameter:</span></td> >+ <td><select name="dhparams"></select></td> >+ </tr> > <tr> > <td><span translate="_" name="vpnpool_start" style="display:none">VPN addresses start:</span></td> > <td><input type="text" class="text" name="vpnpool_start" style="width:150px; display:none"/></td>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=18011">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 53479
: 18011 |
18012
