summaryrefslogtreecommitdiff
path: root/provider_base/services
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-03-20 13:10:44 -0700
committerelijah <elijah@riseup.net>2014-03-20 13:10:44 -0700
commit222fd1568d7af9ea953a4d6179578da5994ea1fd (patch)
tree6ce6959235be6eccbd30b8ec1ea4bdcb76c33fa3 /provider_base/services
parenta8c9d80317240d86cb7de652c23efbd7bc81bde2 (diff)
allow ability to customize openvpn security stuff: tls-cipher, auth, and cipher config options.
Diffstat (limited to 'provider_base/services')
-rw-r--r--provider_base/services/openvpn.json7
1 files changed, 6 insertions, 1 deletions
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index 5a87335b..e5b97ed9 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -18,6 +18,11 @@
"allow_unlimited": "= provider.service.allow_unlimited_bandwidth",
"limited_prefix": "= provider.ca.client_certificates.limited_prefix",
"unlimited_prefix": "= provider.ca.client_certificates.unlimited_prefix",
- "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil"
+ "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil",
+ "configuration": {
+ "tls-cipher": "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
+ "auth": "SHA1",
+ "cipher": "AES-128-CBC"
+ }
}
}