From 9334c9428c4dcf8d575bfb50d6a33d10b67b5e14 Mon Sep 17 00:00:00 2001
From: vindenesen <vindenesen@gmail.com>
Date: Thu, 19 Sep 2019 20:31:58 +0200
Subject: OpenVPN - Added setting for minimum tls version

---
 interface-definitions/interfaces-openvpn.xml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'interface-definitions')

diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml
index d282a8773..39fa8e6a6 100644
--- a/interface-definitions/interfaces-openvpn.xml
+++ b/interface-definitions/interfaces-openvpn.xml
@@ -543,6 +543,29 @@
                   <help>File containing this host's private key</help>
                 </properties>
               </leafNode>
+              <leafNode name="minimum-tls-version">
+                <properties>
+                  <help>Specify the minimum required TLS version</help>
+                  <completionHelp>
+                    <list>1.0 1.1 1.2</list>
+                  </completionHelp>
+                  <valueHelp>
+                    <format>1.0</format>
+                    <description>TLS v1.0</description>
+                  </valueHelp>
+                  <valueHelp>
+                    <format>1.1</format>
+                    <description>TLS v1.1</description>
+                  </valueHelp>
+                  <valueHelp>
+                    <format>1.2</format>
+                    <description>TLS v1.2</description>
+                  </valueHelp>
+                  <constraint>
+                    <regex>(1.0|1.1|1.2)</regex>
+                  </constraint>
+                </properties>
+              </leafNode>
               <leafNode name="role">
                 <properties>
                   <help>File containing this host's private key</help>
-- 
cgit v1.2.3


From 87500058e11f6846a5ba18dfa17ea685bcdca5ae Mon Sep 17 00:00:00 2001
From: vindenesen <vindenesen@gmail.com>
Date: Fri, 20 Sep 2019 13:52:44 +0200
Subject: OpenVPN - changed tls-minimum-version to tls-version-min

---
 interface-definitions/interfaces-openvpn.xml | 2 +-
 src/conf_mode/interface-openvpn.py           | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'interface-definitions')

diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml
index 39fa8e6a6..f11f27e23 100644
--- a/interface-definitions/interfaces-openvpn.xml
+++ b/interface-definitions/interfaces-openvpn.xml
@@ -543,7 +543,7 @@
                   <help>File containing this host's private key</help>
                 </properties>
               </leafNode>
-              <leafNode name="minimum-tls-version">
+              <leafNode name="tls-version-min">
                 <properties>
                   <help>Specify the minimum required TLS version</help>
                   <completionHelp>
diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py
index 495ddfdf5..984410eb1 100755
--- a/src/conf_mode/interface-openvpn.py
+++ b/src/conf_mode/interface-openvpn.py
@@ -568,8 +568,8 @@ def get_config():
          openvpn['tls'] = True
 
     # Minimum required TLS version
-    if conf.exists('tls minimum-tls-version'):
-         openvpn['tls_version_min'] = conf.return_value('tls minimum-tls-version')
+    if conf.exists('tls tls-version-min'):
+         openvpn['tls_version_min'] = conf.return_value('tls tls-version-min')
     
     if conf.exists('shared-secret-key-file'):
         openvpn['shared_secret_file'] = conf.return_value('shared-secret-key-file')
-- 
cgit v1.2.3