summaryrefslogtreecommitdiff
path: root/interface-definitions/interfaces-openvpn.xml.in
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-08-10 06:50:23 +0200
committerGitHub <noreply@github.com>2023-08-10 06:50:23 +0200
commit7a43a92057f7b777b472318d4ebb8fa9d02215ab (patch)
treedefae52bce201a6245b879c34139f99dab63778c /interface-definitions/interfaces-openvpn.xml.in
parentdaf8f26f0d7cd67ad015e280ce297bc794800a7f (diff)
parentfa2518576638532aa3b23d4d72d77abc0c3f21d3 (diff)
downloadvyos-1x-7a43a92057f7b777b472318d4ebb8fa9d02215ab.tar.gz
vyos-1x-7a43a92057f7b777b472318d4ebb8fa9d02215ab.zip
Merge pull request #2144 from dmbaturin/T5271-openvpn-peer-fingerprint
openvpn: T5271: add peer certificate fingerprint option
Diffstat (limited to 'interface-definitions/interfaces-openvpn.xml.in')
-rw-r--r--interface-definitions/interfaces-openvpn.xml.in10
1 files changed, 10 insertions, 0 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in
index 127a8179b..831659250 100644
--- a/interface-definitions/interfaces-openvpn.xml.in
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -752,6 +752,16 @@
</completionHelp>
</properties>
</leafNode>
+ <leafNode name="peer-fingerprint">
+ <properties>
+ <multi/>
+ <help>Peer certificate SHA256 fingerprint</help>
+ <constraint>
+ <regex>[0-9a-fA-F]{2}:([0-9a-fA-F]{2}:){30}[0-9a-fA-F]{2}</regex>
+ </constraint>
+ <constraintErrorMessage>Peer certificate fingerprint must be a colon-separated SHA256 hex digest</constraintErrorMessage>
+ </properties>
+ </leafNode>
<leafNode name="tls-version-min">
<properties>
<help>Specify the minimum required TLS version</help>