This process may should be continued with some of the following updates to make sure the directives are included even the update with this changes has over jumped ?! otherwise, the "Advanced server options" page needs to be saved via WUI to bring OpenVPN to life.
Signed-off-by: Erik Kapfer erik.kapfer@ipfire.org --- config/rootfiles/core/185/update.sh | 11 +++++++++++ 1 file changed, 11 insertions(+)
diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh index 2c95c4102..247661481 100644 --- a/config/rootfiles/core/185/update.sh +++ b/config/rootfiles/core/185/update.sh @@ -35,6 +35,17 @@ done /etc/init.d/ntp stop /etc/init.d/squid stop
+# OpenVPN add and change new 2.6.x directives for NCP. +if pgrep openvpn > /dev/null; then + /usr/local/bin/openvpnctrl -k > /dev/null + sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf + sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf + /usr/local/bin/openvpnctrl -s > /dev/null +else + sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf + sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf +fi + # Extract files extract_files