From bcc46ffe0b5ea31cb6871d4b35d4af701d4bc838 Mon Sep 17 00:00:00 2001 From: jim-p Date: Fri, 11 Nov 2011 15:14:24 -0500 Subject: pull in username-as-common-name fix --- config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch | 12 ++++++++++++ pkg_config.8.xml | 2 +- pkg_config.8.xml.amd64 | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch b/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch index b611f6f5..35925ea8 100644 --- a/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch +++ b/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch @@ -48,6 +48,18 @@ index 777b395..701a032 100644 + } break; } + +@@ -452,7 +452,9 @@ function openvpn_reconfigure($mode, $settings) { + case 'server_user': + $conf .= "client-cert-not-required\n"; + case 'server_tls_user': +- $conf .= "username-as-common-name\n"; ++ /* username-as-common-name is not compatible with server-bridge */ ++ if (stristr($conf, "server-bridge") === false) ++ $conf .= "username-as-common-name\n"; + if (!empty($settings['authmode'])) { + $authcfgs = explode(",", $settings['authmode']); + $sed = "\$authmodes=array("; @@ -1021,4 +1039,4 @@ function openvpn_refresh_crls() { } diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 15bfc581..31e5eb57 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -1268,7 +1268,7 @@ Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled. System http://www.pfsense.com/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml - 0.2 + 0.3 BETA 2.0 2.1 diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index abaefafa..f16d7993 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1201,7 +1201,7 @@ Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled. System http://www.pfsense.com/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml - 0.2 + 0.3 BETA 2.0 2.1 -- cgit v1.2.3