1 files changed, 26 insertions, 21 deletions

diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in
index 3876e31da..831659250 100644
--- a/interface-definitions/interfaces-openvpn.xml.in
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -16,25 +16,8 @@
           </valueHelp>
         </properties>
         <children>
-          <node name="authentication">
-            <properties>
-              <help>Authentication options</help>
-            </properties>
-            <children>
-              <leafNode name="password">
-                <properties>
-                  <help>OpenVPN password used for authentication</help>
-                </properties>
-              </leafNode>
-              <leafNode name="username">
-                <properties>
-                  <help>OpenVPN username used for authentication</help>
-                </properties>
-              </leafNode>
-            </children>
-          </node>
-          #include <include/interface/description.xml.i>
-          #include <include/interface/interface-policy.xml.i>
+          #include <include/interface/authentication.xml.i>
+          #include <include/generic-description.xml.i>
           <leafNode name="device-type">
             <properties>
               <help>OpenVPN interface device-type</help>
@@ -302,6 +285,19 @@
               </constraint>
             </properties>
           </leafNode>
+          <node name="offload">
+            <properties>
+              <help>Configurable offload options</help>
+            </properties>
+            <children>
+              <leafNode name="dco">
+                <properties>
+                  <help>Enable data channel offload on this interface</help>
+                  <valueless/>
+                </properties>
+              </leafNode>
+            </children>
+          </node>
           <leafNode name="openvpn-option">
             <properties>
               <help>Additional OpenVPN options. You must use the syntax of openvpn.conf in this text-field. Using this without proper knowledge may result in a crashed OpenVPN server. Check system log to look for errors.</help>
@@ -350,8 +346,7 @@
                 <description>Remote end IPv6 address</description>
               </valueHelp>
               <constraint>
-                <validator name="ipv4-address"/>
-                <validator name="ipv6-address"/>
+                <validator name="ip-address"/>
               </constraint>
               <multi/>
             </properties>
@@ -757,6 +752,16 @@
                   </completionHelp>
                 </properties>
               </leafNode>
+              <leafNode name="peer-fingerprint">
+                <properties>
+                  <multi/>
+                  <help>Peer certificate SHA256 fingerprint</help>
+                  <constraint>
+                    <regex>[0-9a-fA-F]{2}:([0-9a-fA-F]{2}:){30}[0-9a-fA-F]{2}</regex>
+                  </constraint>
+                  <constraintErrorMessage>Peer certificate fingerprint must be a colon-separated SHA256 hex digest</constraintErrorMessage>
+                </properties>
+              </leafNode>
               <leafNode name="tls-version-min">
                 <properties>
                   <help>Specify the minimum required TLS version</help>