From d50415329accb01b0a7b421af48492cc20811b91 Mon Sep 17 00:00:00 2001
From: Erik Kapfer <erik.kapfer@ipfire.org>
Date: Thu, 21 Mar 2024 13:11:59 +0100
Subject: [PATCH] update.sh: Add and change new directives for OpenVPN 2.6.x .

This process may should be continued with some of the following updates to make sure the directives are
included even the update with this changes has over jumped ?! otherwise, the "Advanced server options" page
needs to be saved via WUI to bring OpenVPN to life.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
---
 config/rootfiles/core/185/update.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh
index 2c95c41028..2476614819 100644
--- a/config/rootfiles/core/185/update.sh
+++ b/config/rootfiles/core/185/update.sh
@@ -35,6 +35,17 @@ done
 /etc/init.d/ntp stop
 /etc/init.d/squid stop
 
+# OpenVPN add and change new 2.6.x directives for NCP.
+if pgrep openvpn > /dev/null; then
+	/usr/local/bin/openvpnctrl -k > /dev/null
+	sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf
+	sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf
+	/usr/local/bin/openvpnctrl -s > /dev/null
+else
+	sed -i 's/^ncp-disable/data-ciphers ChaCha20-Poly1305:AES-256-GCM/' /var/ipfire/ovpn/server.conf
+	sed -i 's/^cipher/data-ciphers-fallback/' /var/ipfire/ovpn/server.conf
+fi
+
 # Extract files
 extract_files
 
-- 
2.47.2