675eb747aa
For the parameters tls-cipher and ncp-ciphers more than one option can be used in the OpenVPN configuration, separated by a colon, which should be implemented as a list in order to configure it more clearly. By adding the new OPENVPN_LIST option to the openvpn.options file with the tls-cipher and ncp-cipher parameters, uci can now add this option as a "list" and the init script will generate the appropriate OpenVPN configuration from it. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Florian Eckert <fe@dev.tdt.de>
195 lines
2.1 KiB
Text
195 lines
2.1 KiB
Text
OPENVPN_PARAMS='
|
|
askpass
|
|
auth
|
|
auth_retry
|
|
auth_user_pass
|
|
auth_user_pass_verify
|
|
bcast_buffers
|
|
ca
|
|
capath
|
|
cd
|
|
cert
|
|
chroot
|
|
cipher
|
|
client_config_dir
|
|
client_connect
|
|
client_disconnect
|
|
compress
|
|
connect_freq
|
|
connect_retry
|
|
connect_retry_max
|
|
connect_timeout
|
|
crl_verify
|
|
dev
|
|
dev_node
|
|
dev_type
|
|
dh
|
|
down
|
|
ecdh_curve
|
|
echo
|
|
engine
|
|
explicit_exit_notify
|
|
extra_certs
|
|
fragment
|
|
group
|
|
hand_window
|
|
hash_size
|
|
http_proxy
|
|
http_proxy_option
|
|
http_proxy_timeout
|
|
ifconfig
|
|
ifconfig_ipv6
|
|
ifconfig_ipv6_pool
|
|
ifconfig_ipv6_push
|
|
ifconfig_pool
|
|
ifconfig_pool_persist
|
|
ifconfig_push
|
|
inactive
|
|
ipchange
|
|
iroute
|
|
iroute_ipv6
|
|
keepalive
|
|
key
|
|
key_direction
|
|
key_method
|
|
keysize
|
|
learn_address
|
|
link_mtu
|
|
lladdr
|
|
local
|
|
log
|
|
log_append
|
|
lport
|
|
management
|
|
management_log_cache
|
|
max_clients
|
|
max_routes_per_client
|
|
mode
|
|
mssfix
|
|
mtu_disc
|
|
mute
|
|
nice
|
|
ns_cert_type
|
|
ping
|
|
ping_exit
|
|
ping_restart
|
|
pkcs12
|
|
plugin
|
|
port
|
|
port_share
|
|
prng
|
|
proto
|
|
pull_filter
|
|
push
|
|
rcvbuf
|
|
redirect_gateway
|
|
remap_usr1
|
|
remote
|
|
remote_cert_eku
|
|
remote_cert_ku
|
|
remote_cert_tls
|
|
reneg_bytes
|
|
reneg_pkts
|
|
reneg_sec
|
|
replay_persist
|
|
replay_window
|
|
resolv_retry
|
|
route
|
|
route_delay
|
|
route_gateway
|
|
route_ipv6
|
|
route_metric
|
|
route_pre_down
|
|
route_up
|
|
rport
|
|
script_security
|
|
secret
|
|
server
|
|
server_bridge
|
|
server_ipv6
|
|
setenv
|
|
shaper
|
|
sndbuf
|
|
socks_proxy
|
|
status
|
|
status_version
|
|
syslog
|
|
tcp_queue_limit
|
|
tls_auth
|
|
tls_crypt
|
|
tls_timeout
|
|
tls_verify
|
|
tls_version_min
|
|
tmp_dir
|
|
topology
|
|
tran_window
|
|
tun_mtu
|
|
tun_mtu_extra
|
|
txqueuelen
|
|
up
|
|
user
|
|
verb
|
|
verify_client_cert
|
|
verify_x509_name
|
|
x509_username_field
|
|
'
|
|
|
|
OPENVPN_BOOLS='
|
|
allow_recursive_routing
|
|
auth_nocache
|
|
auth_user_pass_optional
|
|
bind
|
|
ccd_exclusive
|
|
client
|
|
client_to_client
|
|
comp_noadapt
|
|
disable
|
|
disable_occ
|
|
down_pre
|
|
duplicate_cn
|
|
fast_io
|
|
float
|
|
http_proxy_retry
|
|
ifconfig_noexec
|
|
ifconfig_nowarn
|
|
management_forget_disconnect
|
|
management_hold
|
|
management_query_passwords
|
|
management_signal
|
|
mktun
|
|
mlock
|
|
mtu_test
|
|
multihome
|
|
mute_replay_warnings
|
|
ncp_disable
|
|
nobind
|
|
opt_verify
|
|
passtos
|
|
persist_key
|
|
persist_local_ip
|
|
persist_remote_ip
|
|
persist_tun
|
|
ping_timer_rem
|
|
pull
|
|
push_reset
|
|
remote_random
|
|
rmtun
|
|
route_noexec
|
|
route_nopull
|
|
single_session
|
|
socks_proxy_retry
|
|
suppress_timestamps
|
|
tcp_nodelay
|
|
test_crypto
|
|
tls_client
|
|
tls_exit
|
|
tls_server
|
|
up_delay
|
|
up_restart
|
|
username_as_common_name
|
|
'
|
|
|
|
OPENVPN_LIST='
|
|
tls_cipher
|
|
ncp_ciphers
|
|
'
|