diff options
-rw-r--r-- | config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch | 18 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
3 files changed, 17 insertions, 5 deletions
diff --git a/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch b/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch index d23d9290..35925ea8 100644 --- a/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch +++ b/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch @@ -48,6 +48,18 @@ index 777b395..701a032 100644 + } break; } + +@@ -452,7 +452,9 @@ function openvpn_reconfigure($mode, $settings) { + case 'server_user': + $conf .= "client-cert-not-required\n"; + case 'server_tls_user': +- $conf .= "username-as-common-name\n"; ++ /* username-as-common-name is not compatible with server-bridge */ ++ if (stristr($conf, "server-bridge") === false) ++ $conf .= "username-as-common-name\n"; + if (!empty($settings['authmode'])) { + $authcfgs = explode(",", $settings['authmode']); + $sed = "\$authmodes=array("; @@ -1021,4 +1039,4 @@ function openvpn_refresh_crls() { } @@ -96,9 +108,9 @@ index 0ef67a7..bd9f527 100644 + if (($pconfig['serverbridge_dhcp_start'] && !$pconfig['serverbridge_dhcp_end']) + || (!$pconfig['serverbridge_dhcp_start'] && $pconfig['serverbridge_dhcp_end'])) + $input_errors[] = gettext("Server Bridge DHCP Start and End must both be empty, or defined."); -+ if (($pconfig['serverbridge_dhcp_start'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_start']))) ++ if (($pconfig['serverbridge_dhcp_start'] && !is_ipaddr($pconfig['serverbridge_dhcp_start']))) + $input_errors[] = gettext("Server Bridge DHCP Start must be an IPv4 address."); -+ if (($pconfig['serverbridge_dhcp_end'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_end']))) ++ if (($pconfig['serverbridge_dhcp_end'] && !is_ipaddr($pconfig['serverbridge_dhcp_end']))) + $input_errors[] = gettext("Server Bridge DHCP End must be an IPv4 address."); + if (ip2ulong($pconfig['serverbridge_dhcp_start']) > ip2ulong($pconfig['serverbridge_dhcp_end'])) + $input_errors[] = gettext("The Server Bridge DHCP range is invalid (start higher than end)."); @@ -198,7 +210,7 @@ index 0ef67a7..bd9f527 100644 </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Tunnel Network"); ?></td> -+ <td width="22%" valign="top" class="vncellreq" id="ipv4_tunnel_network"><?=gettext("IPv4 Tunnel Network"); ?></td> ++ <td width="22%" valign="top" class="vncellreq" id="ipv4_tunnel_network"><?=gettext("Tunnel Network"); ?></td> <td width="78%" class="vtable"> <input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>"> <br> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 2ab0be3f..31e5eb57 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -1268,7 +1268,7 @@ <descr>Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled.</descr> <category>System</category> <config_file>http://www.pfsense.com/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml</config_file> - <version>0.1</version> + <version>0.3</version> <status>BETA</status> <required_version>2.0</required_version> <maximum_version>2.1</maximum_version> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 25aa1849..f16d7993 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1201,7 +1201,7 @@ <descr>Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled.</descr> <category>System</category> <config_file>http://www.pfsense.com/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml</config_file> - <version>0.1</version> + <version>0.3</version> <status>BETA</status> <required_version>2.0</required_version> <maximum_version>2.1</maximum_version> |