OPNSense/core 9a1adab — . plist, src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api ExportController.php
src: style sweep
OPNSense/core 3a6c79d — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api ExportController.php, src/opnsense/mvc/app/library/OPNsense/OpenVPN BaseExporter.php TheGreenBow.php
MVC/Trust - Implement new Trust class usage for the following components:
o OpenVPN Client Export
o Captive portal
o Syslog-NG
OPNSense/core ca6cc70 — src/etc/inc/plugins.inc.d openvpn.inc, src/etc/inc/plugins.inc.d/openvpn auth-user.php
VPN:OpenVPN: Servers - deferred authentication, work in progress for https://github.com/opnsense/core/issues/6293
This initial commit focusses on structuring the event flow around user and client registration, moving events to our new ovpn_event.py handler.
By supporting both deferred and direct authentication in user_pass_verify.php, we should be able to start with a cleanup patch for OpenVPN 2.5.x and work our way up to
a smaller fix for 2.6.x.
In preperation for 2.6, this commit also moves --cipher to --data-ciphers-fallback as suggested by the warning "DEPRECATED OPTION: --cipher set to '' but missing in --data-ciphers". Rename the option in the gui while there and add a note in the help text.
(cherry picked from commit 1e28d5b352e3aeb9a4e94720595e5e82bf83503b)
(cherry picked from commit e7007a42a2153dbee03dc12c384e09e092a61c34)
(cherry picked from commit 675c1b8fda9aaa5adda608ab7d7973aaccb58a0b)
(cherry picked from commit 02a05a4d4cc1e3e7467180bfe0e0f945fc1ac221)
(cherry picked from commit f8a9e5b990add401b482b7c1642482a4ab02bef2)
(cherry picked from commit 89da198d62e00e2319d657211cb1b8c0309ddae1)
(cherry picked from commit 53fefd47a31afe4ecaea8bc24b65d967cfbcb527)
(cherry picked from commit 08fb2ea495c3c54eb39d50550639a4cbec41e8e1)
(cherry picked from commit a9ecea3dcd4aa7abfc964d9c3ebb957a9a086762)
OPNSense/core d989226 — src/etc/inc/plugins.inc.d openvpn.inc, src/opnsense/scripts/auth list_group_members.php
Merge branch 'master' into unbound_blocklists
Merge branch 'master' into unbound_wildcards
OPNSense/core e7007a4 — src/opnsense/mvc/app/library/OPNsense/OpenVPN ArchiveOpenVPN.php ViscosityVisz.php
VPN/OpenVPN/Client Export - fix openssl_pkcs12_export(): Passing null to parameter #4 ($passphrase) of type string is deprecated
OPNSense/core 3e6aa39 — src/etc/inc/plugins.inc.d openvpn.inc, src/opnsense/mvc/app/library/OPNsense/OpenVPN PlainOpenVPN.php TheGreenBow.php
openvpn: tls-crypt support
Squashed commit of the following:
commit 83171f8b1791aae87fc4dacedb6cc921101d8399
Author: Ad Schellevis <ad at opnsense.org>
Date: Fri Aug 13 21:44:49 2021 +0200
whitespace
commit 11990f462eaed9bc9cf2051a377d508a916a3945
Author: Ad Schellevis <ad at opnsense.org>
Date: Fri Aug 13 21:40:24 2021 +0200
OpenVPN - cleanups for https://github.com/opnsense/core/pull/4592
simplify flush tls keys.
commit 74db015f0c9963b53b1d3ea8923e1d89899d04a3
[32 lines not shown]OPNSense/core 58186f8 — src/etc/inc/plugins.inc.d openvpn.inc, src/opnsense/mvc/app/library/OPNsense/OpenVPN PlainOpenVPN.php TheGreenBow.php
Squashed commit of the following:
commit 83171f8b1791aae87fc4dacedb6cc921101d8399
Author: Ad Schellevis <ad at opnsense.org>
Date: Fri Aug 13 21:44:49 2021 +0200
whitespace
commit 11990f462eaed9bc9cf2051a377d508a916a3945
Author: Ad Schellevis <ad at opnsense.org>
Date: Fri Aug 13 21:40:24 2021 +0200
OpenVPN - cleanups for https://github.com/opnsense/core/pull/4592
simplify flush tls keys.
commit 74db015f0c9963b53b1d3ea8923e1d89899d04a3
Author: Ad Schellevis <ad at opnsense.org>
Date: Fri Aug 13 21:39:28 2021 +0200
[28 lines not shown]OPNSense/core 4e494c5 — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api ExportController.php, src/opnsense/mvc/app/library/OPNsense/OpenVPN TheGreenBow.php ArchiveOpenVPN.php
OpenVPN export: offer the ability to export a user without a certificate and increase consistency between export types.
OPNSense/core 2ba6da4 — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api ExportController.php, src/opnsense/mvc/app/library/OPNsense/OpenVPN TheGreenBow.php ArchiveOpenVPN.php
OpenVPN export: offer the ability to export a user without a certificate and increase consistency between export types.
OPNSense/core 649f5e3 — src/etc/inc/plugins.inc.d openvpn.inc, src/opnsense/mvc/app/library/OPNsense/OpenVPN PlainOpenVPN.php TheGreenBow.php
OpenVPN: Enhance configuration - TLS-Crypt
Ensure backwards compatibility
OPNSense/core 25a1c6e — src/etc/inc/plugins.inc.d openvpn.inc, src/opnsense/mvc/app/library/OPNsense/OpenVPN PlainOpenVPN.php TheGreenBow.php
OpenVPN: Enhance configuration - TLS-Crypt
Make available both --tls-auth and --tls-crypt configuration options
OPNSense/core 4302777 — src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api SystemhealthController.php, src/opnsense/mvc/app/controllers/OPNsense/IDS/Api SettingsController.php
mvc: PSR12 style updates
OPNSense/core dc3ef63 — src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api SystemhealthController.php, src/opnsense/mvc/app/controllers/OPNsense/IDS/Api SettingsController.php
mvc: PSR12 for better or worse ;)
OPNSense/core 5dc345b — src/opnsense/mvc/app/controllers/OPNsense/Syslog/Api ServiceController.php, src/opnsense/mvc/app/library/OPNsense/Auth/Services Squid.php
src: style and whitespace sweep
OPNSense/core 23d996c — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms export_options.xml, src/opnsense/mvc/app/library/OPNsense/OpenVPN ArchiveOpenVPN.php ViscosityVisz.php
OpenVPN export, support cryptoapicert to load certificates from the windows certificate system store, for https://github.com/opnsense/core/issues/3500
(cherry picked from commit 8bb3f1f38c420141d84733a23c3595ec4d0da3bc)
(cherry picked from commit 7a143c85576af840a74386c4b79d723aedb7b00a)
OPNSense/core 8bb3f1f — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms export_options.xml, src/opnsense/mvc/app/library/OPNsense/OpenVPN ArchiveOpenVPN.php ViscosityVisz.php
OpenVPN export, support cryptoapicert to load certificates from the windows certificate system store, for https://github.com/opnsense/core/issues/3500
OPNSense/core 74c7750 — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms export_options.xml, src/opnsense/mvc/app/library/OPNsense/OpenVPN PlainOpenVPN.php ViscosityVisz.php
OpenVPN export, add auth-nocache option, closes https://github.com/opnsense/core/issues/3193
(cherry picked from commit cc2b41bf153c8f3a1fa5687834dfdb713078096b)
OPNSense/core cc2b41b — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms export_options.xml, src/opnsense/mvc/app/library/OPNsense/OpenVPN PlainOpenVPN.php ArchiveOpenVPN.php
OpenVPN export, add auth-nocache option, closes https://github.com/opnsense/core/issues/3193
OPNSense/core 2c61e06 — src/etc/inc IPv6.inc filter.lib.inc, src/etc/inc/plugins.inc.d/openvpn wizard.inc
Small fixes (#3096)
OPNSense/core 7fa9207 — src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/Api ExportController.php, src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms export_options.xml
OpenVPN export (https://github.com/opnsense/core/issues/2787)
- change server cn validation to server subject
- move "use random port" to custom option
- tgb format issue with SHA1
OpenVPN export, add Viscosity format for https://github.com/opnsense/core/issues/2787
The old visc format will be removed, as visz is supported on all platforms
