update.sh: Add and change new directives for OpenVPN 2.6.x .

This process may should be continued with some of the following updates to make sure the directives are
included even the update with this changes has over jumped ?! otherwise, the "Advanced server options" page
needs to be saved via WUI to bring OpenVPN to life.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>

diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh
index 2c95c4102876bc2e2133ce4a4487cc75540d783e..24766148198bc96ab31cfc4845cfc4501a81fdac 100644 (file)
--- a/config/rootfiles/core/185/update.sh
+++ b/config/rootfiles/core/185/update.sh
@@ -35,6 +35,17 @@ done
 /etc/init.d/ntp stop
 /etc/init.d/squid stop
 
+# OpenVPN add and change new 2.6.x directives for NCP.
+if pgrep openvpn > /dev/null; then
+       /usr/local/bin/openvpnctrl -k > /dev/null
+       sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf
+       sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf
+       /usr/local/bin/openvpnctrl -s > /dev/null
+else
+       sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf
+       sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf
+fi
+
 # Extract files
 extract_files