aboutsummaryrefslogtreecommitdiffstats
path: root/config/openvpn-client-export/openvpn-client-export.inc
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #339 from PiBa-NL/openvpn-client-export-certchecksJim P2012-11-241-13/+22
|\ | | | | openvpn-client-export, better error reporting on unsupported OpenVPN configurations
| * removed purpose checking because: "Certs created before 2.0.1 can have the ↵PiBa-NL2012-11-241-6/+0
| | | | | | | | "wrong" purpose but we should not invalidate them."
| * openvpn-client-export, better checking/error reporting on ↵PiBa-NL2012-11-241-13/+28
| | | | | | | | unsupported/illogical OpenVPN configurations
* | openvpn-client-export, use certificate common-name in the exported files ↵PiBa-NL2012-11-241-6/+5
| | | | | | | | filenames.
* | openvpn-client-export, use certificate common-name in the exported files ↵PiBa-NL2012-11-211-5/+7
|/ | | | filenames.
* openvpn-client-export, added option to include OpenVPNManager in windows ↵PiBa-NL2012-11-051-18/+51
| | | | setup, this solves the issues with Windows7/Vista client machines where elevated permissions are required by running OpenVPN as a service.
* Write client install exe to temp dirPhil Davis2012-10-031-4/+4
| | | The code did not work on nanobsd, due to $workdir templates being on a read-only mount point. The appropriate $client_install_exe needs to be written straight to $tempdir rather than first done in $workdir templates. And also we don't want to be writing to $workdir templates every time we make a client install package for someone.
* Add export option for OpenVPN 2.3 beta client as well as the existing one.jim-p2012-10-021-2/+15
|
* Make quoting the server CN optional since it seems to break more clients ↵jim-p2012-09-181-7/+16
| | | | than it fixes; Add a third Yealink variant.
* Enclose this in quotes, since it may contain spaces. Otherwise, openvpn will ↵jim-p2012-08-091-1/+1
| | | | choke on it.
* Fix inline client exportjim-p2012-08-091-0/+2
|
* Update config/openvpn-client-export/openvpn-client-export.incdhatz2012-08-091-1/+1
|
* Teach the OpenVPN Client Export package how to make config archives for ↵jim-p2012-08-031-0/+73
| | | | Yealink T28, Yealink T38g, and SNOM SIP handsets.
* Add inline config format that the openvpn client for android likes (ca, ↵jim-p2012-07-011-40/+65
| | | | cert, key, tls-auth inside single config file) to the export package.
* Generalize this variable namejim-p2012-06-301-4/+4
|
* Move this common code into a function.jim-p2012-06-301-86/+25
|
* client export code cleanup. Remove a bunch of redundant/duplicate code.jim-p2012-06-301-1/+1
|
* Fix braces around variable - Fixes #2429jim-p2012-05-141-1/+1
|
* The client export was missing a newline after the ns-cert-type which would ↵Leroux Cifer2012-05-021-1/+1
| | | | thus mess up comp-lzo and such afterwards.
* Fix syntax errorjim-p2012-04-041-2/+2
|
* Handle a blank hostname a bit more gracefully when exporting OpenVPN.jim-p2012-04-041-3/+5
|
* Add contributed patch to optionally encrypt the key for Viscosity bundles. ↵jim-p2011-11-291-2/+13
| | | | Fixes #2032
* If we can determine that the server cert has nsCertType=server, then add ↵jim-p2011-11-221-0/+9
| | | | ns-cert-type server to the client config.
* Fix up various export scenarios that were not functioning properly.jim-p2011-11-171-5/+18
|
* Correct path to binaryScott Ullrich2011-11-021-1/+4
|
* Correct path to binaryScott Ullrich2011-11-021-2/+2
|
* Include zip packageScott Ullrich2011-11-021-2/+10
|
* Edited config/openvpn-client-export/openvpn-client-export.inc via GitHubNamezero2011-09-191-1/+1
|
* Edited config/openvpn-client-export/openvpn-client-export.inc via GitHubNamezero2011-09-191-1/+1
|
* Changes for advanced optionsNamezero2011-09-191-5/+10
|
* When exporting a windows installer, use DOS newlines in the config file, so ↵jim-p2011-07-291-25/+27
| | | | the end user can more easily edit the config (e.g. in notepad).
* Force the connecting openvpn client to verify that the server's cn matches ↵jim-p2011-07-061-0/+5
| | | | what is expected, to prevent MITM attacks. Fixes #1587
* If the openvpn instance is "any", export the config to point to the wan by ↵jim-p2011-05-111-1/+1
| | | | default (otherwise it was empty, an invalid config)
* Account for the server's dev type when exporting, and default to tun if it's ↵jim-p2011-05-061-1/+2
| | | | not set. http://forum.pfsense.org/index.php/topic,36467.0.html
* Bump version to 0.9 for ipv6 supportSeth2011-04-281-0/+6
|
* Allow exporting OpenVPN with SSL/TLS+User Auth+External source (LDAP, ↵jim-p2011-04-261-3/+15
| | | | Radius), by listing certificates from the same CA as the OpenVPN server.
* Use is_numeric here instead of just testing the variable (it will fail if ↵jim-p2011-03-171-1/+1
| | | | the usrid is 0, when that should be valid)
* Escape values so special characters don't fail (and also helps prevent shell ↵jim-p2011-03-141-5/+9
| | | | command injection)
* Finish up shared key client export (for non-pfsense clients)jim-p2011-03-011-0/+12
|
* Initial work toward exporting shared key clients.jim-p2011-03-011-0/+93
|
* Whitespace fixesjim-p2011-02-251-50/+50
|
* Remove this call from openvpn deinstallation.jim-p2011-01-181-2/+0
|
* Don't use references in OpenVPN client export. It doesn't need to modify ↵jim-p2011-01-181-12/+12
| | | | anything, and there probably won't be enough data for it to make a measurable speed difference.
* Check for missing template files and reinstall them if needed.jim-p2011-01-131-2/+9
|
* Download this .tgz to /usr/local/pkg and leave it, or else the package ↵jim-p2010-10-051-2/+1
| | | | system thinks that it is always missing dependencies.
* Update OpenVPN client export package to work with the new user cert setup ↵jim-p2010-09-041-0/+9
| | | | (and retain compatibility with the old setup too)
* Ensure that we do not get two CA lines in the Viscosity configjim-p2010-07-011-0/+8
|
* Disable remote-cert-tls for now in exported configs, it requires that the ↵jim-p2010-07-011-1/+2
| | | | server certificate be built in a different way than we currently support.
* Add this in all cases, not just TLS. Fixes #706jim-p2010-06-291-1/+3
|
* Add "remote-cert-tls server" config option into the exported configuration. ↵Seth2010-06-291-1/+3
| | | | Ticket #706