summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2023-08-09 19:59:15 +0100
committerDaniil Baturin <daniil@baturin.org>2023-08-09 20:21:44 +0100
commitfa2518576638532aa3b23d4d72d77abc0c3f21d3 (patch)
treedefae52bce201a6245b879c34139f99dab63778c /interface-definitions
parentdaf8f26f0d7cd67ad015e280ce297bc794800a7f (diff)
downloadvyos-1x-fa2518576638532aa3b23d4d72d77abc0c3f21d3.tar.gz
vyos-1x-fa2518576638532aa3b23d4d72d77abc0c3f21d3.zip
openvpn: T5271: add peer certificate fingerprint option
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/interfaces-openvpn.xml.in10
1 files changed, 10 insertions, 0 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in
index 127a8179b..831659250 100644
--- a/interface-definitions/interfaces-openvpn.xml.in
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -752,6 +752,16 @@
</completionHelp>
</properties>
</leafNode>
+ <leafNode name="peer-fingerprint">
+ <properties>
+ <multi/>
+ <help>Peer certificate SHA256 fingerprint</help>
+ <constraint>
+ <regex>[0-9a-fA-F]{2}:([0-9a-fA-F]{2}:){30}[0-9a-fA-F]{2}</regex>
+ </constraint>
+ <constraintErrorMessage>Peer certificate fingerprint must be a colon-separated SHA256 hex digest</constraintErrorMessage>
+ </properties>
+ </leafNode>
<leafNode name="tls-version-min">
<properties>
<help>Specify the minimum required TLS version</help>