/[smecontribs]/rpms/smeserver-openvpn-s2s/contribs7/smeserver-openvpn-s2s-0.1-various_conf_optimization.patch
ViewVC logotype

Annotation of /rpms/smeserver-openvpn-s2s/contribs7/smeserver-openvpn-s2s-0.1-various_conf_optimization.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Tue Nov 2 16:43:51 2010 UTC (14 years, 1 month ago) by slords
Branch: MAIN
CVS Tags: smeserver-openvpn-s2s-0_1-15_el4_sme, smeserver-openvpn-s2s-0_1-13_el4_sme, smeserver-openvpn-s2s-0_1-19_el4_sme, smeserver-openvpn-s2s-0_1-14_el4_sme, smeserver-openvpn-s2s-0_1-12_el4_sme, smeserver-openvpn-s2s-0_1-18_el4_sme, smeserver-openvpn-s2s-0_1-16_el4_sme, smeserver-openvpn-s2s-0_1-20_el4_sme, smeserver-openvpn-s2s-0_1-21_el4_sme, smeserver-openvpn-s2s-0_1-11_el4_sme, HEAD
Initial import

1 slords 1.1 diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/10bind mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/10bind
2     --- smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/10bind 2010-10-15 19:37:57.000000000 +0200
3     +++ mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/10bind 2010-10-18 09:05:40.000000000 +0200
4     @@ -1,19 +1,22 @@
5     {
6    
7     +my $remote = $db->get_prop($key,'RemoteHost') || '';
8     my $port = $db->get_prop($key,'Port') || '1195';
9     -
10     my $protocol = $db->get_prop($key,'Protocol') || 'udp';
11     -
12     $protocol = 'tcp-'."$type" if ($protocol eq 'tcp');
13    
14     $OUT .= "port $port\n";
15     $OUT .= "proto $protocol\n";
16     $OUT .= "dev tun".$key."\n";
17    
18     -if ($type eq 'client'){
19     - my $remote = $db->get_prop($key,'RemoteHost') || '# Invalid remote host';
20     +# In server mode, if remote is emtpy, we should add the float directive
21     +if ($type eq 'server'){
22     + $OUT .= ($remote eq '') ? "float\n":"remote $remote\n";
23     +}
24     +else{
25     $OUT .= "nobind\n";
26     $OUT .= "remote $remote\n";
27     }
28    
29     +
30     }
31     diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/30key mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/30key
32     --- smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/30key 2010-10-18 09:06:05.000000000 +0200
33     +++ mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/30key 2010-10-18 08:55:30.000000000 +0200
34     @@ -2,6 +2,8 @@
35     {
36    
37     my $auth = $db->get_prop($key,'Authentication') || 'TLS';
38     +my $checkcrt = $db->get_prop($key,'CheckCertificateUsage') || 'disabled';
39     +my $tlsremote = $db->get_prop($key,'RemoteCommonName') || '';
40    
41     if ($auth eq 'SharedKey'){
42     $OUT .= "secret priv/$key"."_sharedkey.pem\n";
43     @@ -19,6 +21,8 @@
44     $OUT .= "crl-verify pub/$key" . "_cacrl.pem\n"
45     if ( -e "/etc/openvpn/s2s/pub/$key".'_cacrl.pem' ) &&
46     ( ! -z "/etc/openvpn/s2s/pub/$key".'_cacrl.pem' );
47     + $OUT .= "ns-cert-type client\n" if ($checkcrt eq 'enabled');
48     + $OUT .= "tls-remote $tlsremote\n" if ($tlsremote ne '');
49     }
50     else{
51     $OUT .= "tls-client\n";
52     @@ -31,6 +35,8 @@
53     $OUT .= "crl-verify pub/$key" . "_cacrl.pem\n"
54     if ( -e "/etc/openvpn/s2s/pub/$key".'_cacrl.pem' ) &&
55     ( ! -z "/etc/openvpn/s2s/pub/$key".'_cacrl.pem' );
56     + $OUT .= "ns-cert-type server\n" if ($checkcrt eq 'enabled');
57     + $OUT .= "tls-remote $tlsremote\n" if ($tlsremote ne '');
58     }
59     }
60    
61     diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/60options mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/60options
62     --- smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/60options 2010-10-16 17:56:47.000000000 +0200
63     +++ mezzanine_patched_smeserver-openvpn-s2s-0.1/root/etc/e-smith/templates/etc/openvpn/s2s/openvpn-s2s.conf/60options 2010-10-18 08:45:34.000000000 +0200
64     @@ -5,12 +5,12 @@
65     my $comp = $db->get_prop($key,'Compression') || 'enabled';
66    
67    
68     -if ( $comp eq 'enabled'){
69     - $OUT .= "comp-lzo\n";
70     -}
71     +$OUT .= "comp-lzo adaptive\n" if ($comp eq 'enabled');
72     +
73     +$OUT .= "cipher $cipher\n" if ($cipher ne 'auto');
74    
75     -if ($cipher ne 'auto'){
76     - $OUT .= "cipher $cipher\n";
77     +if ($type eq 'server'){
78     + $OUT .= "ping-timer-rem\n";
79     }
80    
81     }
82     @@ -18,7 +18,6 @@
83     ping 10
84     ping-restart 120
85     mtu-test
86     -reneg-sec 3600
87     nice 5
88     -
89     +passtos
90    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed