openvpn, client specific overrides on --client-connect, it seems that OpenVPN passes the filename for the csc on client-connect in stead of using the default location, should fix https://github.com/opnsense/core/issues/2348

src/etc/inc/plugins.inc.d/openvpn.inc

@@ -1011,9 +1011,10 @@ function openvpn_delete($mode, &$settings)
  * generate config (text) data for a single client specific override
  * @param array $settings csc item
  * @param array $server openvpn server item
+ * @param string $target_filename write to filename, or use configured/generated path when emtpy
  * @return string|boolean filename or false when unable to (missing common name or vpnid)
  */
-function openvpn_csc_conf_write($settings, $server)
+function openvpn_csc_conf_write($settings, $server, $target_filename=null)
 {
     if (empty($settings['common_name']) || empty($server['vpnid'])) {
         return false;
@@ -1075,7 +1076,10 @@ function openvpn_csc_conf_write($settings, $server)
     openvpn_add_custom($settings, $conf);
 
     $vpnid = filter_var($server['vpnid'], FILTER_SANITIZE_NUMBER_INT);
-    $target_filename = "/var/etc/openvpn-csc/".$vpnid."/".$settings['common_name'];
+    if (empty($target_filename)) {
+        $target_filename = "/var/etc/openvpn-csc/".$vpnid."/".$settings['common_name'];
+    }
+
     if (!empty($conf)) {
         file_put_contents($target_filename, $conf);
         chown($target_filename, 'nobody');

src/etc/inc/plugins.inc.d/openvpn/ovpn_setup_cso.php

@@ -44,7 +44,8 @@ if (isset($config['openvpn']['openvpn-server'])) {
             } else {
                 $cso = array("common_name" => $common_name);
             }
-            $cso_filename = openvpn_csc_conf_write($cso, $server);
+            // $argv[2] contains the temporary file used for the profile specified by client-connect
+            $cso_filename = openvpn_csc_conf_write($cso, $server, $argv[2]);
             if (!empty($cso_filename)) {
                 syslog(LOG_NOTICE, "client config created @ {$cso_filename}");
             }