summaryrefslogtreecommitdiff
path: root/src/conf_mode/interface-openvpn.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-08-19 22:49:11 +0200
committerChristian Poessinger <christian@poessinger.com>2019-08-19 23:45:24 +0200
commit5d858f0e6ad05b032c88c88a08c15d0876c44e8b (patch)
treedcc0e06387637222d13a719a48acd50dabdf4aa2 /src/conf_mode/interface-openvpn.py
parentdc8cfa6dfd1d95890b3e14c928e3d2064451a851 (diff)
downloadvyos-1x-5d858f0e6ad05b032c88c88a08c15d0876c44e8b.tar.gz
vyos-1x-5d858f0e6ad05b032c88c88a08c15d0876c44e8b.zip
openvpn: T1548: remove authy 2fa provider
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device.
Diffstat (limited to 'src/conf_mode/interface-openvpn.py')
-rwxr-xr-xsrc/conf_mode/interface-openvpn.py31
1 files changed, 0 insertions, 31 deletions
diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py
index e4bde7bb0..a8313378b 100755
--- a/src/conf_mode/interface-openvpn.py
+++ b/src/conf_mode/interface-openvpn.py
@@ -219,10 +219,6 @@ client-config-dir /opt/vyatta/etc/openvpn/ccd/{{ intf }}
{% for option in options -%}
{{ option }}
{% endfor -%}
-
-{%- if server_2fa_authy_key %}
-plugin /usr/lib/authy/authy-openvpn.so https://api.authy.com/protected/json {{ server_2fa_authy_key }} nopam
-{% endif %}
"""
client_tmpl = """
@@ -269,8 +265,6 @@ default_config_data = {
'remote_address': '',
'remote_host': [],
'remote_port': '',
- 'server_2fa_authy_key': '',
- 'server_2fa_authy': [],
'client': [],
'server_domain': '',
'server_max_conn': '',
@@ -453,31 +447,6 @@ def get_config():
if conf.exists('replace-default-route local'):
openvpn['redirect_gateway'] = 'local def1'
- # Two Factor Authentication providers
- # currently limited to authy
- if conf.exists('2-factor-authentication authy api-key'):
- openvpn['server_2fa_authy_key'] = conf.return_value('2-factor-authentication authy api-key')
-
- # Authy users (must be email address)
- for user in conf.list_nodes('server 2-factor-authentication authy user'):
- # set configuration level
- conf.set_level('interfaces openvpn ' + openvpn['intf'] + ' 2-factor-authentication authy user ' + user)
- data = {
- 'user': user,
- 'country_code': '',
- 'mobile_number': ''
- }
-
- # Country calling codes
- if conf.exists('country-calling-code'):
- data['country_code'] = conf.return_value('country-calling-code')
-
- # Mobile phone number
- if conf.exists('phone-number'):
- data['mobile_number'] = conf.return_value('phone-number')
-
- openvpn['server_2fa_authy'].append(data)
-
# Topology for clients
if conf.exists('server topology'):
openvpn['server_topology'] = conf.return_value('server topology')