From mboxrd@z Thu Jan 1 00:00:00 1970 From: Erik Kapfer To: development@lists.ipfire.org Subject: [PATCH] OpenVPN: Added needed directive for v2.4 update Date: Thu, 15 Feb 2018 05:43:49 +0100 Message-ID: <1518669829-22328-1-git-send-email-erik.kapfer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8902000788518314641==" List-Id: --===============8902000788518314641== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable script-security: The support for the 'system' flag has been removed due to se= curity implications with shell expansions when executing scripts via system() call. For more informations: https://community.openvpn.net/openvpn/wiki/Openvpn= 24ManPage . ncp-disable: Negotiable crypto parameters has been disabled for the first. Signed-off-by: Erik Kapfer --- html/cgi-bin/ovpnmain.cgi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 0a18ec7..a7daf89 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -216,7 +216,7 @@ sub writeserverconf { print CONF "dev tun\n"; print CONF "proto $sovpnsettings{'DPROTOCOL'}\n"; print CONF "port $sovpnsettings{'DDEST_PORT'}\n"; - print CONF "script-security 3 system\n"; + print CONF "script-security 3\n"; print CONF "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600\n= "; print CONF "client-config-dir /var/ipfire/ovpn/ccd\n"; print CONF "tls-server\n"; @@ -289,6 +289,7 @@ sub writeserverconf { }=09 print CONF "status-version 1\n"; print CONF "status /var/run/ovpnserver.log 30\n"; + print CONF "ncp-disable\n"; print CONF "cipher $sovpnsettings{DCIPHER}\n"; if ($sovpnsettings{'DAUTH'} eq '') { print CONF ""; --=20 2.7.4 --===============8902000788518314641==--