From eae4cc53d44c7d0f9fc7ec027303fbe3bac8bcbf Mon Sep 17 00:00:00 2001
From: Paul Rock <paul@drteam.rocks>
Date: Wed, 14 Feb 2018 22:58:42 +0300
Subject: [PATCH] client and server parameters fix

---
 app/ovpn.php              | 1 +
 scripts/install/00_env.sh | 4 ++--
 scripts/server-conf.php   | 4 +++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/ovpn.php b/app/ovpn.php
index e3e23fd..ce424b2 100644
--- a/app/ovpn.php
+++ b/app/ovpn.php
@@ -4,6 +4,7 @@ $_ovpn = new EvilFreelancer\OpenVPN();
 
 $_ovpn
     ->addParam('client')
+    ->addParam('tls-client')
     ->addParam('dev', getenv('VPN_DEV'))
     ->addParam('proto', getenv('VPN_PROTO'))
     ->addParam('remote', getenv('VPN_REMOTE'))
diff --git a/scripts/install/00_env.sh b/scripts/install/00_env.sh
index f580ba4..f42ead5 100644
--- a/scripts/install/00_env.sh
+++ b/scripts/install/00_env.sh
@@ -3,8 +3,8 @@
 printf "\n################## Server informations ##################\n"
 
 [ ! -z "$VPN_LOCAL" ] && echo "VPN_LOCAL=$VPN_LOCAL"
-[ -z "$VPN_LOCAL" ] && read -p "Server local Hostname/IP: " VPN_LOCAL
-[ -z "$VPN_LOCAL" ] && print_error "Server local address is required!"
+[ -z "$VPN_LOCAL" ] && read -p "Server local Hostname/IP (can be empty): " VPN_LOCAL
+[ -z "$VPN_LOCAL" ] && VPN_LOCAL=""
 
 [ ! -z "$VPN_LOCAL_PORT" ] && echo "VPN_LOCAL_PORT=$VPN_LOCAL_PORT"
 [ -z "$VPN_LOCAL_PORT" ] && read -p "OpenVPN local port [1194]: " VPN_LOCAL_PORT
diff --git a/scripts/server-conf.php b/scripts/server-conf.php
index 2512dd7..204d8c7 100644
--- a/scripts/server-conf.php
+++ b/scripts/server-conf.php
@@ -9,6 +9,7 @@ $_ovpn = new EvilFreelancer\OpenVPN();
 // TCP or UDP, port 443, tunneling
 $_ovpn
     ->addParam('mode', 'server')
+    ->addParam('tls-server')
     ->addParam('dev', getenv('VPN_DEV'))
     ->addParam('proto', getenv('VPN_PROTO'))
     ->addParam('port', getenv('VPN_LOCAL_PORT'));
@@ -23,7 +24,8 @@ $_ovpn
     ->addCert('cert', getenv('VPN_CONF') . '/server.crt')
     ->addCert('key', getenv('VPN_CONF') . '/server.key')
     ->addCert('dh', getenv('VPN_CONF') . '/dh.pem')
-    ->addCert('tls-auth', getenv('VPN_CONF') . '/ta.key', false, '0')
+    ->addCert('tls-auth', getenv('VPN_CONF') . '/ta.key')
+    ->addParam('key-direction', 0)
     ->addParam('cipher', 'AES-256-CBC')
     ->addParam('server', trim(getenv('VPN_SERVER'),'"'))
     ->addPush('redirect-gateway def1')