summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-08-19 22:49:11 +0200
committerChristian Poessinger <christian@poessinger.com>2019-09-04 14:56:12 +0200
commitf892e6846dc62ba992f8d233f0d8eb5a089249c3 (patch)
treeb41923eb67243a029e261a1d0d2f68d1fab54b18 /src
parent212348145838e8791474b987efc624cba3fb8b00 (diff)
downloadvyos-1x-f892e6846dc62ba992f8d233f0d8eb5a089249c3.tar.gz
vyos-1x-f892e6846dc62ba992f8d233f0d8eb5a089249c3.zip
openvpn: T1548: remove authy 2fa provider
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device. (cherry picked from commit 5d858f0e6ad05b032c88c88a08c15d0876c44e8b)
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/interface-openvpn.py31
1 files changed, 0 insertions, 31 deletions
diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py
index e4bde7bb0..a8313378b 100755
--- a/src/conf_mode/interface-openvpn.py
+++ b/src/conf_mode/interface-openvpn.py
@@ -219,10 +219,6 @@ client-config-dir /opt/vyatta/etc/openvpn/ccd/{{ intf }}
{% for option in options -%}
{{ option }}
{% endfor -%}
-
-{%- if server_2fa_authy_key %}
-plugin /usr/lib/authy/authy-openvpn.so https://api.authy.com/protected/json {{ server_2fa_authy_key }} nopam
-{% endif %}
"""
client_tmpl = """
@@ -269,8 +265,6 @@ default_config_data = {
'remote_address': '',
'remote_host': [],
'remote_port': '',
- 'server_2fa_authy_key': '',
- 'server_2fa_authy': [],
'client': [],
'server_domain': '',
'server_max_conn': '',
@@ -453,31 +447,6 @@ def get_config():
if conf.exists('replace-default-route local'):
openvpn['redirect_gateway'] = 'local def1'
- # Two Factor Authentication providers
- # currently limited to authy
- if conf.exists('2-factor-authentication authy api-key'):
- openvpn['server_2fa_authy_key'] = conf.return_value('2-factor-authentication authy api-key')
-
- # Authy users (must be email address)
- for user in conf.list_nodes('server 2-factor-authentication authy user'):
- # set configuration level
- conf.set_level('interfaces openvpn ' + openvpn['intf'] + ' 2-factor-authentication authy user ' + user)
- data = {
- 'user': user,
- 'country_code': '',
- 'mobile_number': ''
- }
-
- # Country calling codes
- if conf.exists('country-calling-code'):
- data['country_code'] = conf.return_value('country-calling-code')
-
- # Mobile phone number
- if conf.exists('phone-number'):
- data['mobile_number'] = conf.return_value('phone-number')
-
- openvpn['server_2fa_authy'].append(data)
-
# Topology for clients
if conf.exists('server topology'):
openvpn['server_topology'] = conf.return_value('server topology')