From ee7944fe32e49c73abcaeb2509c1f1630b645b32 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Sat, 17 Dec 2022 14:44:49 +0000 Subject: [PATCH] Core Updatr 172: Properly replace DH parameter in /var/ipfire/ovpn/n2nconf/*/*.conf MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit https://lists.ipfire.org/pipermail/development/2022-December/015001.html Reported-by: Michael Tremer Signed-off-by: Peter Müller --- config/rootfiles/core/172/update.sh | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/config/rootfiles/core/172/update.sh b/config/rootfiles/core/172/update.sh index 585943950c..dffe090d80 100644 --- a/config/rootfiles/core/172/update.sh +++ b/config/rootfiles/core/172/update.sh @@ -155,13 +155,7 @@ done chown -Rv root:root /var/ipfire/connscheduler/lib.pl /var/ipfire/updatexlrator/updxlrator-lib.pl /var/ipfire/menu.d/* # Replace existing OpenVPN Diffie-Hellman parameter by ffdhe4096, as specified in RFC 7919 -if [ -f /var/ipfire/ovpn/server.conf ]; then - sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/server.conf -fi - -if [ -f "/var/ipfire/ovpn/n2nconf/*/*.conf" ]; then - sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/n2nconf/*/*.conf -fi +sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/server.conf /var/ipfire/ovpn/n2nconf/*/*.conf # Start services if grep -q "ENABLE_IDS=on" /var/ipfire/suricata/settings; then -- 2.39.2