From: Erik Kapfer <erik.kapfer@ipfire.org>
Date: Thu, 21 Mar 2024 12:11:59 +0000 (+0100)
Subject: update.sh: Add and change new directives for OpenVPN 2.6.x .
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fheads%2Fopenvpn_ncp;p=people%2Fummeegge%2Fipfire-2.x.git

update.sh: Add and change new directives for OpenVPN 2.6.x .

This process may should be continued with some of the following updates to make sure the directives are
included even the update with this changes has over jumped ?! otherwise, the "Advanced server options" page
needs to be saved via WUI to bring OpenVPN to life.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
---

diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh
index 2c95c41028..2476614819 100644
--- a/config/rootfiles/core/185/update.sh
+++ b/config/rootfiles/core/185/update.sh
@@ -35,6 +35,17 @@ done
 /etc/init.d/ntp stop
 /etc/init.d/squid stop
 
+# OpenVPN add and change new 2.6.x directives for NCP.
+if pgrep openvpn > /dev/null; then
+	/usr/local/bin/openvpnctrl -k > /dev/null
+	sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf
+	sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf
+	/usr/local/bin/openvpnctrl -s > /dev/null
+else
+	sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf
+	sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf
+fi
+
 # Extract files
 extract_files