From b3930860facf76d731a678a4387f6cbea054536f Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 20 Nov 2018 16:01:20 +0100 Subject: [PATCH] openvpn: add list element parsing For the parameters tls-cipher and ncp-ciphers more than one option can be used in the OpenVPN configuration, separated by a colon, which should be implemented as a list in order to configure it more clearly. By adding the new OPENVPN_LIST option to the openvpn.options file with the tls-cipher and ncp-cipher parameters, uci can now add this option as a "list" and the init script will generate the appropriate OpenVPN configuration from it. Signed-off-by: Hans Dedecker Signed-off-by: Florian Eckert (backported from 675eb747aa1cb76d4d6e715728592974acac8cc1) --- package/network/services/openvpn/Makefile | 2 +- .../network/services/openvpn/files/openvpn.init | 14 ++++++++++++++ .../network/services/openvpn/files/openvpn.options | 7 +++++-- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index efaccaae29..f48f79c7ab 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn PKG_VERSION:=2.4.6 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ diff --git a/package/network/services/openvpn/files/openvpn.init b/package/network/services/openvpn/files/openvpn.init index 7e6cfd9c35..ebb05640d8 100644 --- a/package/network/services/openvpn/files/openvpn.init +++ b/package/network/services/openvpn/files/openvpn.init @@ -49,6 +49,19 @@ append_params() { done } +append_list() { + local p; local v; local s="$1"; shift + + list_cb_append() { + v="$1:${v}" + } + + for p in $*; do + config_list_foreach "$s" "$p" list_cb_append + done + [ -n "$v" ] && append_param "$s" "$p" && echo " ${v%*:}" >> "/var/etc/openvpn-$s.conf" +} + section_enabled() { config_get_bool enable "$1" 'enable' 0 config_get_bool enabled "$1" 'enabled' 0 @@ -99,6 +112,7 @@ start_instance() { append_bools "$s" $OPENVPN_BOOLS append_params "$s" $OPENVPN_PARAMS + append_list "$s" $OPENVPN_LIST openvpn_add_instance "$s" "/var/etc" "openvpn-$s.conf" } diff --git a/package/network/services/openvpn/files/openvpn.options b/package/network/services/openvpn/files/openvpn.options index c206c458a5..f4b048c48c 100644 --- a/package/network/services/openvpn/files/openvpn.options +++ b/package/network/services/openvpn/files/openvpn.options @@ -69,7 +69,6 @@ mode mssfix mtu_disc mute -ncp_ciphers nice ns_cert_type ping @@ -118,7 +117,6 @@ status_version syslog tcp_queue_limit tls_auth -tls_cipher tls_crypt tls_timeout tls_verify @@ -191,3 +189,8 @@ up_delay up_restart username_as_common_name ' + +OPENVPN_LIST=' +tls_cipher +ncp_ciphers +' -- 2.30.2