Hi all, this is a minimal solution of an update to OpenVPN 2.6.x IMO . This patch series should be a help for mainly Adolf (might be great if you go for a checkout) but please give it all a try and test it if it reaches the goal.
Best,
Erik
Am Donnerstag, dem 21.03.2024 um 13:24 +0100 schrieb Erik Kapfer:
This process may should be continued with some of the following updates to make sure the directives are included even the update with this changes has over jumped ?! otherwise, the "Advanced server options" page needs to be saved via WUI to bring OpenVPN to life.
Signed-off-by: Erik Kapfer erik.kapfer@ipfire.org
config/rootfiles/core/185/update.sh | 11 +++++++++++ 1 file changed, 11 insertions(+)
diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh index 2c95c4102..247661481 100644 --- a/config/rootfiles/core/185/update.sh +++ b/config/rootfiles/core/185/update.sh @@ -35,6 +35,17 @@ done /etc/init.d/ntp stop /etc/init.d/squid stop +# OpenVPN add and change new 2.6.x directives for NCP. +if pgrep openvpn > /dev/null; then
- /usr/local/bin/openvpnctrl -k > /dev/null
- sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-
256-GCM/' /var/ipfire/ovpn/server.conf
- sed -i 's/^cipher/data-ciphers-fallback/'
/var/ipfire/ovpn/server.conf
- /usr/local/bin/openvpnctrl -s > /dev/null
+else
- sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-
256-GCM/' /var/ipfire/ovpn/server.conf
- sed -i 's/^cipher/data-ciphers-fallback/'
/var/ipfire/ovpn/server.conf +fi
# Extract files extract_files