From bcc46ffe0b5ea31cb6871d4b35d4af701d4bc838 Mon Sep 17 00:00:00 2001 From: jim-p Date: Fri, 11 Nov 2011 15:14:24 -0500 Subject: pull in username-as-common-name fix --- config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'config/openvpn_tapfix_20x') diff --git a/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch b/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch index b611f6f5..35925ea8 100644 --- a/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch +++ b/config/openvpn_tapfix_20x/openvpn_tapfix_20x.patch @@ -48,6 +48,18 @@ index 777b395..701a032 100644 + } break; } + +@@ -452,7 +452,9 @@ function openvpn_reconfigure($mode, $settings) { + case 'server_user': + $conf .= "client-cert-not-required\n"; + case 'server_tls_user': +- $conf .= "username-as-common-name\n"; ++ /* username-as-common-name is not compatible with server-bridge */ ++ if (stristr($conf, "server-bridge") === false) ++ $conf .= "username-as-common-name\n"; + if (!empty($settings['authmode'])) { + $authcfgs = explode(",", $settings['authmode']); + $sed = "\$authmodes=array("; @@ -1021,4 +1039,4 @@ function openvpn_refresh_crls() { } -- cgit v1.2.3