diff options
| -rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 2 | ||||
| -rw-r--r-- | interface-definitions/interfaces-openvpn.xml.in | 2 | ||||
| -rw-r--r-- | op-mode-definitions/openvpn.xml.in | 39 |
3 files changed, 25 insertions, 18 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index 679c25dd8..d97ff7717 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -131,7 +131,7 @@ push "dhcp-option DOMAIN {{ server.domain_name }}" {% if server['2fa']['totp'] is defined and server['2fa']['totp'] is not none %} plugin "/usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-otp.so" "otp_secrets=/config/auth/openvpn/{{ ifname }}-otp-secrets otp_slop= {{- server['2fa']['totp']['slop']|default(180) }} totp_t0= -{{- server['2fa']['totp']['t0']|default(0) }} totp_step= +{{- server['2fa']['totp']['drift']|default(0) }} totp_step= {{- server['2fa']['totp']['step']|default(30) }} totp_digits= {{- server['2fa']['totp']['digits']|default(6)}} password_is_cr= {%-if server['2fa']['totp']['challenge']|default('enable') == 'enable' %}1{% else %}0{% endif %}" diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in index 0395f7d65..62fac9be0 100644 --- a/interface-definitions/interfaces-openvpn.xml.in +++ b/interface-definitions/interfaces-openvpn.xml.in @@ -657,7 +657,7 @@ </constraint> </properties> </leafNode> - <leafNode name="t0"> + <leafNode name="drift"> <properties> <help>time drift in seconds (default: 0)</help> <valueHelp> diff --git a/op-mode-definitions/openvpn.xml.in b/op-mode-definitions/openvpn.xml.in index 6549976c5..068d5d8fb 100644 --- a/op-mode-definitions/openvpn.xml.in +++ b/op-mode-definitions/openvpn.xml.in @@ -63,24 +63,31 @@ </completionHelp> </properties> <children> - <leafNode name="2fa-secret"> + <node name="2fa"> <properties> - <help>Show 2fa authentication secret</help> + <help>Show 2fa information</help> </properties> - <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=secret</command> - </leafNode> - <leafNode name="2fa-uri"> - <properties> - <help>Show 2fa otpauth uri</help> - </properties> - <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=uri</command> - </leafNode> - <leafNode name="2fa-QRcode"> - <properties> - <help>Show 2fa QR code</help> - </properties> - <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=qrcode</command> - </leafNode> + <children> + <leafNode name="secret"> + <properties> + <help>Show 2fa authentication secret</help> + </properties> + <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=secret</command> + </leafNode> + <leafNode name="uri"> + <properties> + <help>Show 2fa otpauth uri</help> + </properties> + <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=uri</command> + </leafNode> + <leafNode name="qrcode"> + <properties> + <help>Show 2fa QR code</help> + </properties> + <command>${vyos_op_scripts_dir}/show_openvpn_2fa.py --user="$6" --intf="$4" --action=qrcode</command> + </leafNode> + </children> + </node> </children> </tagNode> <leafNode name="brief"> |