Merge pull request #1735 from sumpfralle/olsr-jsoninfo-parser-handle-empty-result

[oweals/luci.git] / applications / luci-app-openvpn / luasrc / model / cbi / openvpn-advanced.lua

diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
index 9c032d5ab1825fd3e61113b4ed757ada6e1d6efd..1971400b80bf7639a6982df0b8af7de912d24bb5 100644 (file)
--- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
+++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua
@@ -142,9 +142,9 @@ local knownParams = {
                        "client_connect",
                        "/usr/bin/ovpn-clientconnect",
                        translate("Run script cmd on client connection") },
-               { Flag,
+               { Value,
                        "client_disconnect",
-                       0,
+                       "/usr/bin/ovpn-clientdisconnect",
                        translate("Run script cmd on client disconnection") },
                { Value,
                        "learn_address",
@@ -250,6 +250,15 @@ local knownParams = {
                        "mtu_test",
                        0,
                        translate("Empirically measure MTU") },
+               { ListValue,
+                       "comp_lzo",
+                       { "yes", "no", "adaptive" },
+                       translate("Use fast LZO compression") },
+               { Flag,
+                       "comp_noadapt",
+                       0,
+                       translate("Don't use adaptive lzo compression"),
+                       { comp_lzo=1 } },
                { Value,
                        "link_mtu",
                        1500,
@@ -368,7 +377,7 @@ local knownParams = {
                        { client="0" }, { client="" } },
                { DynamicList,
                        "push",
-                       { "redirect-gateway" },
+                       { "redirect-gateway", "comp-lzo" },
                        translate("Push options to peer"),
                        { client="0" }, { client="" } },
                { Flag,
@@ -667,10 +676,38 @@ local knownParams = {
                        "key_method",
                        { 1, 2 },
                        translate("Enable TLS and assume client role") },
-               { Value,
+               { DynamicList,
                        "tls_cipher",
-                       "DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5",
+                       {
+                               "DHE-RSA-AES256-SHA",
+                               "DHE-DSS-AES256-SHA",
+                               "AES256-SHA",
+                               "EDH-RSA-DES-CBC3-SHA",
+                               "EDH-DSS-DES-CBC3-SHA",
+                               "DES-CBC3-SHA",
+                               "DHE-RSA-AES128-SHA",
+                               "DHE-DSS-AES128-SHA",
+                               "AES128-SHA",
+                               "RC4-SHA",
+                               "RC4-MD5",
+                               "EDH-RSA-DES-CBC-SHA",
+                               "EDH-DSS-DES-CBC-SHA",
+                               "DES-CBC-SHA",
+                               "EXP-EDH-RSA-DES-CBC-SHA",
+                               "EXP-EDH-DSS-DES-CBC-SHA",
+                               "EXP-DES-CBC-SHA",
+                               "EXP-RC2-CBC-MD5",
+                               "EXP-RC4-MD5"
+                       },
                        translate("TLS cipher") },
+               { DynamicList,
+                       "tls_ciphersuites",
+                       {
+                               "TLS_AES_256_GCM_SHA384",
+                               "TLS_AES_128_GCM_SHA256",
+                               "TLS_CHACHA20_POLY1305_SHA256"
+                       },
+                       translate("TLS 1.3 or newer cipher") },
                { Value,
                        "tls_timeout",
                        2,
@@ -751,6 +788,10 @@ local knownParams = {
                        "ncp_disable",
                        0,
                        translate("This completely disables cipher negotiation") },
+               { Value,
+                       "ncp_ciphers",
+                       "AES-256-GCM:AES-128-GCM",
+                       translate("Restrict the allowed ciphers to be negotiated") },
        } }
 }
 
@@ -759,7 +800,7 @@ local cts = { }
 local params = { }
 
 local m = Map("openvpn")
-m.redirect = luci.dispatcher.build_url("admin", "services", "openvpn")
+m.redirect = luci.dispatcher.build_url("admin", "vpn", "openvpn")
 m.apply_on_parse = true
 
 local p = m:section( SimpleSection )