summaryrefslogtreecommitdiff
path: root/src/conf_mode/interfaces-openvpn.py
AgeCommit message (Collapse)Author
2020-03-28ifconfig: T2057: explicity name state functionsThomas Mangin
The Interface get_state/set_state were not clear about if they edited the admin or operational state. functions are now using admin_state and oper_state for clarity.
2020-03-25openvpn: T2148: fix setting "server client" without "ip"Jernej Jakob
2020-03-25Merge pull request #265 from thomas-mangin/2057-dhcp-vlanChristian Poessinger
ifconfig: T2057: break down DHCP, add register, STP and VLAN as adapters
2020-03-24openvpn: T2146: remove user/pass auth file when not neededJernej Jakob
2020-03-24openvpn: T2146: delete old client configsJernej Jakob
Previously old client configs for clients that were deleted from the server stayed in the ccd directory, causing them to still be used. As we can't know which clients were deleted, this deletes all the client configs as they are recreated shortly later.
2020-03-24ifconfig: T2057: add VTunIf classThomas Mangin
2020-03-23ifconfig: T2154: fixing failure to start-stop-daemonThomas Mangin
2020-03-20Merge pull request #248 from jjakob/openvpn-dh-noneChristian Poessinger
T2139: openvpn: allow unset dh-file when using EC keys
2020-03-20T2139: openvpn: allow unset dh-file when using EC keysJernej Jakob
2020-03-19T2140: openvpn: fix checkCertHeader function return valueJernej Jakob
This function returned True even if no match in the certificate file was found, causing all checks using it to erroneously pass.
2020-03-03interfaces: T1579: fix c/p error when evaluating ↵Christian Poessinger
os.environ['VYOS_TAGNODE_VALUE'] This has been only a theoretical problem but then the error condition was triggered - only an error has been printed instead of raising an Exception.
2020-02-27openvpn: T2075: add support for OpenVPN tls-crypt file optionChristian Poessinger
Encrypt and authenticate all control channel packets with the key from keyfile. Encrypting (and authenticating) control channel packets: * provides more privacy by hiding the certificate used for the TLS connection * makes it harder to identify OpenVPN traffic as such * provides "poor-man's" post-quantum security, against attackers who will never know the pre-shared key (i.e. no forward secrecy)
2020-02-23openvpn: T2065: move daemon parameter to start-stop-daemon command-lineChristian Poessinger
2020-01-23openvpn: T1975: ta devices need to be explicitly brought upChristian Poessinger
2019-11-11[OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems ↵vindenesen
to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
2019-11-11[OpenVPN]: T1704: Moved ncp-ciphers out of encryption block in config templatevindenesen
2019-11-11[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it.vindenesen
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3
2019-10-13openvpn: T1548: clean out import statementsChristian Poessinger
2019-10-13Sync XML interface description source file pattern and conf script nameChristian Poessinger
renamed: interface-bonding.py -> interfaces-bonding.py renamed: interface-bridge.py -> interfaces-bridge.py renamed: interface-dummy.py -> interfaces-dummy.py renamed: interface-ethernet.py -> interfaces-ethernet.py renamed: interface-loopback.py -> interfaces-loopback.py renamed: interface-openvpn.py -> interfaces-openvpn.py renamed: interface-vxlan.py -> interfaces-vxlan.py renamed: interface-wireguard.py -> interfaces-wireguard.py