summaryrefslogtreecommitdiffhomepage
path: root/applications
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2018-11-27 15:28:05 +0100
committerGitHub <noreply@github.com>2018-11-27 15:28:05 +0100
commit5c9d13f63414e0e0b2891fbf7929b809182e754f (patch)
tree01aaf0ef25db8fa531430a55e797ad205f4e03d3 /applications
parent2509b5984d026f285e5768fec5933ef72f37fbd8 (diff)
parent34482625ec0d319bc91234d1288155328bd26648 (diff)
Merge pull request #2336 from TDT-AG/pr/20181127-luci-app-openvpn
luci-app-openvpn: Add missing config options
Diffstat (limited to 'applications')
-rw-r--r--applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua66
1 files changed, 65 insertions, 1 deletions
diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
index 2124c3d28..25d1481f8 100644
--- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
+++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
@@ -158,6 +158,10 @@ local knownParams = {
"script_security",
{ 0, 1, 2, 3 },
translate("Policy level over usage of external programs and scripts") },
+ { ListValue,
+ "compress",
+ { "lzo", "lz4" },
+ translate("Enable a compression algorithm") },
} },
{ "Networking", {
@@ -234,6 +238,10 @@ local knownParams = {
"route_nopull",
0,
translate("Don't pull routes automatically") },
+ { Flag,
+ "allow_recursive_routing",
+ 0,
+ translate("Don't drop incoming tun packets with same destination as host") },
{ ListValue,
"mtu_disc",
{ "yes", "maybe", "no" },
@@ -538,6 +546,10 @@ local knownParams = {
{ "", "local", "def1", "local def1" },
translate("Automatically redirect default route"),
{ client="1" } },
+ { Value,
+ "verify_client_cert",
+ { "none", "optional", "require" },
+ translate("Specify whether the client is required to supply a valid certificate") },
} },
{ "Cryptography", {
@@ -553,7 +565,51 @@ local knownParams = {
-- parse
{ Value,
"cipher",
- "BF-CBC",
+ {
+ "AES-128-CBC",
+ "AES-128-CFB",
+ "AES-128-CFB1",
+ "AES-128-CFB8",
+ "AES-128-GCM",
+ "AES-128-OFB",
+ "AES-192-CBC",
+ "AES-192-CFB",
+ "AES-192-CFB1",
+ "AES-192-CFB8",
+ "AES-192-GCM",
+ "AES-192-OFB",
+ "AES-256-CBC",
+ "AES-256-CFB",
+ "AES-256-CFB1",
+ "AES-256-CFB8",
+ "AES-256-GCM",
+ "AES-256-OFB",
+ "BF-CBC",
+ "BF-CFB",
+ "BF-OFB",
+ "CAST5-CBC",
+ "CAST5-CFB",
+ "CAST5-OFB",
+ "DES-CBC",
+ "DES-CFB",
+ "DES-CFB1",
+ "DES-CFB8",
+ "DES-EDE-CBC",
+ "DES-EDE-CFB",
+ "DES-EDE-OFB",
+ "DES-EDE3-CBC",
+ "DES-EDE3-CFB",
+ "DES-EDE3-CFB1",
+ "DES-EDE3-CFB8",
+ "DES-EDE3-OFB",
+ "DES-OFB",
+ "DESX-CBC",
+ "RC2-40-CBC",
+ "RC2-64-CBC",
+ "RC2-CBC",
+ "RC2-CFB",
+ "RC2-OFB"
+ },
translate("Encryption cipher for packets") },
-- parse
{ Value,
@@ -691,6 +747,14 @@ local knownParams = {
"key_direction",
{ 0, 1 },
translate("The key direction for 'tls-auth' and 'secret' options") },
+ { Flag,
+ "ncp_disable",
+ 0,
+ translate("This completely disables cipher negotiation") },
+ { Value,
+ "ncp_ciphers",
+ "AES-256-GCM:AES-128-GCM",
+ translate("Restrict the allowed ciphers to be negotiated") },
} }
}