angristan
9716e868a0
Fix service handling on Ubuntu 16.04
2018-09-27 19:57:01 +02:00
angristan
0648e6a0b7
Fix IPv6 connectivity test
2018-09-27 19:52:52 +02:00
angristan
e4a9851b4f
Remove revoked client from ifconfig-pool-persist
2018-09-24 15:24:31 +02:00
angristan
0f117352c7
Remove hardcoded ciphers from Fedora systemd service
2018-09-24 14:33:08 +02:00
angristan
bbea708175
Do not modify package-provided systemd service
2018-09-24 14:26:41 +02:00
angristan
071baf477f
Update link, DNS name
2018-09-24 11:45:12 +02:00
angristan
73c52daf84
Add Quad9 uncensored
2018-09-24 11:42:29 +02:00
angristan
1dad1579ad
Better code
2018-09-24 11:37:13 +02:00
angristan
8d5d080cc0
Remove plaintext metadata from client certificate
2018-09-24 11:32:43 +02:00
angristan
b0fdb24984
Improve Debian/Ubuntu detection
2018-09-23 22:23:13 +02:00
Jun Hui
c14355a34c
Update easy-rsa to 3.0.5 ( #301 )
2018-09-23 17:09:33 +02:00
angristan
70ebe5620d
secp256r1 -> prime256v1
2018-09-23 17:06:15 +02:00
angristan
8e1cf382c3
Fix unset usage
2018-09-23 16:33:59 +02:00
angristan
5a67d3b3e7
Fix regex
2018-09-23 16:30:48 +02:00
GoliathLabs
ecf5f0d623
Add Arch Linux support ( #303 )
2018-09-23 16:27:36 +02:00
angristan
8de3957afb
Disable and stop OpenVPN upon removal
2018-09-23 14:32:24 +02:00
angristan
7f35106687
Fix condition
2018-09-23 14:30:08 +02:00
angristan
09b29ddc9c
Fix OS condition
2018-09-23 14:26:28 +02:00
angristan
ef30d3c9df
Fix service on Ubuntu 16.04
2018-09-23 14:25:18 +02:00
angristan
e2906fd5e4
Use APT repo for Ubuntu 16.04
...
Ubuntu 16.04 has OpenVPN 2.3.10
2018-09-23 12:47:52 +02:00
angristan
21f15d9aef
Little fixes according to OpenVPN 2.4
...
Yeah, seconds, really :)
2018-09-23 00:47:18 +02:00
angristan
c2a502be92
Add support for tls-crypt
...
Choice between tls-auth/tls-crypt
2018-09-22 22:34:10 +02:00
angristan
f716380080
Fixes
2018-09-22 22:33:25 +02:00
angristan
62c89af954
Support ncp-ciphers
...
Since OpenVPN 2.4, there is negotiable crypto parameters (NCP)
It means you can use a cipher suite like with HTTPS. By default the suite is AES-256-GCM:AES-256-CBC, so that means than since 2.4 is out, everyone using a 2.4 client + server was using AES 256 GCM, regardless of the --cipher option. With this commit, the chosen cipher will be the only cipher in the NCP cipher list, thus fixing this issue.
2018-09-22 18:18:36 +02:00
angristan
a85c13e4ec
Move setup questions to installQuestions ()
2018-09-22 17:59:21 +02:00
angristan
bbdabedbec
Add --auth choice (HMAC digest algorithm)
2018-09-22 17:54:30 +02:00
angristan
e0b4a5aae7
Use read -rp
2018-09-22 16:42:48 +02:00
angristan
3a5e23c5c1
Add ECDH support
2018-09-22 16:41:28 +02:00
angristan
cfa5eed6bd
Re-add possibility to use a hostname as the endpoint
2018-09-22 16:17:51 +02:00
angristan
db6a253676
Improve tests using regex
2018-09-22 15:23:01 +02:00
angristan
4d1baca0c7
Add ECDSA support and make tls-cipher configurable
2018-09-22 15:17:13 +02:00
angristan
06e7597942
Use AES-128-GCM by default
2018-09-22 14:25:30 +02:00
angristan
c1b069b501
Fix 10a1d04
2018-09-22 14:23:58 +02:00
angristan
7449bfc550
Remove trailing tabs
2018-09-22 14:21:20 +02:00
angristan
11e023b6dc
Use 2048 bits RSA key by default
2018-09-22 14:20:57 +02:00
angristan
10a1d04f3b
Add AES GCM support
2018-09-22 14:20:20 +02:00
angristan
36af5ec100
Update DH/RSA defaults
2018-09-22 14:19:51 +02:00
angristan
b898a99485
Add compression support
...
It is disabled by default.
2018-09-22 14:08:42 +02:00
angristan
7ed823cdf2
Remove OpenVPN APT repo during removal
2018-09-22 11:41:31 +02:00
angristan
c96a71c7d6
Fix OpenVPN repo for Debian 8
2018-09-22 11:40:54 +02:00
angristan
80c0b971d6
Improved and safer code
...
Thanks to shellcheck!
2018-09-21 23:48:11 +02:00
angristan
76607e781c
Sorry...
2018-09-21 22:22:09 +02:00
angristan
a0ff4d7cf9
Improve questions for NATed servers
2018-09-21 21:53:39 +02:00
angristan
4144fa9dff
Make encryption customization optional
...
A lot of people don't know much about cryptography.
Since the script already overwrite OpenVPN's default settings, there is no need for most people to modify them.
2018-09-21 17:17:41 +02:00
xiagw
0f67214490
Improve Debian/Ubuntu version checking ( #187 )
2018-09-20 22:00:16 +02:00
angristan
0a5c3c1401
Rewrite README
2018-09-20 17:16:04 +02:00
Stanislas
e920f7fbc2
Refactoring, cleanup and fixes ( #293 )
2018-09-20 00:05:02 +02:00
Stanislas
136a46874e
Rework and cleanup systemd service handling ( #294 )
...
* Don't hardcode server.conf in systemd service
* Rework and cleanup service handling
2018-09-18 14:55:00 +02:00
angristan
d3974220ef
Fix public interface in iptables rules
2018-09-18 12:37:07 +02:00
angristan
974b80dbc1
Remove unused variables
2018-09-17 18:05:51 +02:00