lucaspalomodevelop/opnsense-core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/opnsense-core.git synced 2026-03-13 00:07:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

VPN: OpenVPN: Client Export - add "Enable static challenge (OTP)" option, closes https://github.com/opnsense/core/issues/8488

Browse Source
This commit is contained in:
Ad Schellevis 2025-03-31 18:52:26 +02:00
parent f698e25cbb
commit d8adc429f7
5 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms/export_options.xml
View File

@ -57,6 +57,13 @@
<style>export_option</style>
<help>Sets auth-nocache in the exported configuration when password authentication is used. This prevents OpenVPN from caching passwords in memory.</help>
</field>
<field>
<id>openvpn_export.static_challenge</id>
<label>Enable static challenge (OTP)</label>
<type>checkbox</type>
<style>export_option</style>
<help>Ask the user for its one time password token separately (instead of as part the password).</help>
</field>
<field>
<id>openvpn_export.plain_config</id>
<label>Custom config</label>

2
src/opnsense/mvc/app/library/OPNsense/OpenVPN/ArchiveOpenVPN.php
View File

@ -48,7 +48,7 @@ class ArchiveOpenVPN extends PlainOpenVPN
*/
public function supportedOptions()
{
return array("plain_config", "p12_password", "random_local_port", "auth_nocache", "cryptoapi");
return ["plain_config", "p12_password", "random_local_port", "auth_nocache", "cryptoapi", "static_challenge"];
}
/**

6
src/opnsense/mvc/app/library/OPNsense/OpenVPN/PlainOpenVPN.php
View File

@ -48,7 +48,7 @@ class PlainOpenVPN extends BaseExporter implements IExportProvider
*/
public function supportedOptions()
{
return array("plain_config", "random_local_port", "auth_nocache", "cryptoapi");
return ["plain_config", "random_local_port", "auth_nocache", "cryptoapi", "static_challenge"];
}
/**
@ -143,6 +143,10 @@ class PlainOpenVPN extends BaseExporter implements IExportProvider
}
}
if (!empty($this->config['static_challenge'])) {
$conf[] = sprintf('static-challenge "%s" 1', addslashes(gettext('Enter OTP token:')));
}
if (!empty($this->config['compression'])) {
switch ($this->config['compression']) {
case 'no':

2
src/opnsense/mvc/app/library/OPNsense/OpenVPN/ViscosityVisz.php
View File

@ -48,7 +48,7 @@ class ViscosityVisz extends PlainOpenVPN
*/
public function supportedOptions()
{
return array("plain_config", "p12_password", "random_local_port", "auth_nocache", "cryptoapi");
return ["plain_config", "p12_password", "random_local_port", "auth_nocache", "cryptoapi", "static_challenge"];
}
/**

1
src/opnsense/mvc/app/models/OPNsense/OpenVPN/Export.xml
View File

@ -29,6 +29,7 @@
</validate_server_cn>
<cryptoapi type="BooleanField"/>
<auth_nocache type="BooleanField"/>
<static_challenge type="BooleanField"/>
<plain_config type="TextField"/>
</server>
</servers>