diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-07-22 09:16:30 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-22 09:16:30 +0200 |
| commit | e09dd24cd1d7c1076dca2b30b224e17b9ae28e3a (patch) | |
| tree | f42f7d9f65cdbf0b832373e68fd71e253a69f452 /interface-definitions | |
| parent | 936b36fdf180fce830dbc388ec5e8fc35feb9474 (diff) | |
| parent | a9e9c4acfa90fc15a8a4b6b5ea6e1c2814ce940e (diff) | |
| download | vyos-1x-e09dd24cd1d7c1076dca2b30b224e17b9ae28e3a.tar.gz vyos-1x-e09dd24cd1d7c1076dca2b30b224e17b9ae28e3a.zip | |
Merge pull request #934 from sarthurdev/pki_openvpn
pki: openvpn: T3642: Migrate OpenVPN to PKI and refactor
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/interfaces-openvpn.xml.in | 73 |
1 files changed, 22 insertions, 51 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in index 681290570..7ff08ac86 100644 --- a/interface-definitions/interfaces-openvpn.xml.in +++ b/interface-definitions/interfaces-openvpn.xml.in @@ -637,16 +637,12 @@ </leafNode> </children> </node> - <leafNode name="shared-secret-key-file"> + <leafNode name="shared-secret-key"> <properties> - <help>File containing the secret key shared with remote end of tunnel</help> - <valueHelp> - <format>filename</format> - <description>File in /config/auth directory</description> - </valueHelp> - <constraint> - <validator name="file-exists" argument="--directory /config/auth"/> - </constraint> + <help>Secret key shared with remote end of tunnel</help> + <completionHelp> + <path>pki openvpn shared-secret</path> + </completionHelp> </properties> </leafNode> <node name="tls"> @@ -654,55 +650,30 @@ <help>Transport Layer Security (TLS) options</help> </properties> <children> - <leafNode name="auth-file"> - <properties> - <help>File containing tls static key for tls-auth</help> - <valueHelp> - <format>filename</format> - <description>File in /config/auth directory</description> - </valueHelp> - <constraint> - <validator name="file-exists" argument="--directory /config/auth"/> - </constraint> - </properties> - </leafNode> - #include <include/certificate.xml.i> - #include <include/certificate-ca.xml.i> - <leafNode name="crl-file"> + <leafNode name="auth-key"> <properties> - <help>File containing certificate revocation list (CRL) for this host</help> - <valueHelp> - <format>filename</format> - <description>File in /config/auth directory</description> - </valueHelp> - <constraint> - <validator name="file-exists" argument="--directory /config/auth"/> - </constraint> + <help>TLS shared secret key for tls-auth</help> + <completionHelp> + <path>pki openvpn shared-secret</path> + </completionHelp> </properties> </leafNode> - <leafNode name="dh-file"> + #include <include/pki/certificate.xml.i> + #include <include/pki/ca-certificate.xml.i> + <leafNode name="dh-params"> <properties> - <help>File containing Diffie Hellman parameters (server only)</help> - <valueHelp> - <format>filename</format> - <description>File in /config/auth directory</description> - </valueHelp> - <constraint> - <validator name="file-exists" argument="--directory /config/auth"/> - </constraint> + <help>Diffie Hellman parameters (server only)</help> + <completionHelp> + <path>pki dh</path> + </completionHelp> </properties> </leafNode> - #include <include/certificate-key.xml.i> - <leafNode name="crypt-file"> + <leafNode name="crypt-key"> <properties> - <help>File containing encryption key to authenticate control channel</help> - <valueHelp> - <format>filename</format> - <description>File in /config/auth directory</description> - </valueHelp> - <constraint> - <validator name="file-exists" argument="--directory /config/auth"/> - </constraint> + <help>Static key to use to authenticate control channel</help> + <completionHelp> + <path>pki openvpn shared-secret</path> + </completionHelp> </properties> </leafNode> <leafNode name="tls-version-min"> |