lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 16:14:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipsec: add brainpool ec groups

Browse Source 
PR: https://forum.opnsense.org/index.php?topic=9308.0
This commit is contained in:
Franco Fichtner 2018-08-02 19:27:55 +02:00
parent 50a49ee6d4
commit 062a016b58
5 changed files with 88 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/etc/inc/plugins.inc.d/ipsec.inc
View File

@ -653,6 +653,15 @@ function ipsec_convert_to_modp($index)
case '24':
$convertion = "modp2048s256";
break;
case '28':
$convertion = "ecp256bp";
break;
case '29':
$convertion = "ecp384bp";
break;
case '30':
$convertion = "ecp512bp";
break;
}
return $convertion;

40
src/www/vpn_ipsec.php
View File

@ -186,25 +186,29 @@ legacy_html_escape_form_data($a_phase2);
$service_hook = 'ipsec';
include("head.inc");
$dhgroups = array(
0 => gettext('off'),
1 => '1 (768 bits)',
2 => '2 (1024 bits)',
5 => '5 (1536 bits)',
14 => '14 (2048 bits)',
15 => '15 (3072 bits)',
16 => '16 (4096 bits)',
17 => '17 (6144 bits)',
18 => '18 (8192 bits)',
19 => '19 (256 bit elliptic curve)',
20 => '20 (384 bit elliptic curve)',
21 => '21 (521 bit elliptic curve)',
22 => '22 (1024(sub 160) bits)',
23 => '23 (2048(sub 224) bits)',
24 => '24 (2048(sub 256) bits)'
);
?>
$dhgroups = array(
0 => gettext('off'),
1 => '1 (768 bits)',
2 => '2 (1024 bits)',
5 => '5 (1536 bits)',
14 => '14 (2048 bits)',
15 => '15 (3072 bits)',
16 => '16 (4096 bits)',
17 => '17 (6144 bits)',
18 => '18 (8192 bits)',
19 => '19 (NIST EC 256 bits)',
20 => '20 (NIST EC 384 bits)',
21 => '21 (NIST EC 521 bits)',
22 => '22 (1024(sub 160) bits)',
23 => '23 (2048(sub 224) bits)',
24 => '24 (2048(sub 256) bits)',
28 => '28 (Brainpool EC 256 bits)',
29 => '29 (Brainpool EC 384 bits)',
30 => '30 (Brainpool EC 512 bits)',
);
?>
<body>
<script>
$( document ).ready(function() {

35
src/www/vpn_ipsec_mobile.php
View File

@ -506,23 +506,26 @@ endfor; ?>
<select name="pfs_group" class="selectpicker" id="pfs_group">
<?php
$p2_dhgroups = array(
0 => gettext('off'),
1 => '1 (768 bit)',
2 => '2 (1024 bit)',
5 => '5 (1536 bit)',
14 => '14 (2048 bit)',
15 => '15 (3072 bit)',
16 => '16 (4096 bit)',
17 => '17 (6144 bit)',
18 => '18 (8192 bit)',
19 => '19 (256 bit elliptic curve)',
20 => '20 (384 bit elliptic curve)',
21 => '21 (521 bit elliptic curve)',
22 => '22 (1024(sub 160) bit)',
23 => '23 (2048(sub 224) bit)',
24 => '24 (2048(sub 256) bit)'
0 => gettext('off'),
1 => '1 (768 bits)',
2 => '2 (1024 bits)',
5 => '5 (1536 bits)',
14 => '14 (2048 bits)',
15 => '15 (3072 bits)',
16 => '16 (4096 bits)',
17 => '17 (6144 bits)',
18 => '18 (8192 bits)',
19 => '19 (NIST EC 256 bits)',
20 => '20 (NIST EC 384 bits)',
21 => '21 (NIST EC 521 bits)',
22 => '22 (1024(sub 160) bits)',
23 => '23 (2048(sub 224) bits)',
24 => '24 (2048(sub 256) bits)',
28 => '28 (Brainpool EC 256 bits)',
29 => '29 (Brainpool EC 384 bits)',
30 => '30 (Brainpool EC 512 bits)',
);
foreach ($p2_dhgroups as $keygroup => $keygroupname) :?>
foreach ($p2_dhgroups as $keygroup => $keygroupname): ?>
<option value="<?=$keygroup;
?>" <?= $pconfig['pfs_group'] == $keygroup ? "selected=\"selected\"" : "" ; ?>>
<?=$keygroupname;?>

35
src/www/vpn_ipsec_phase1.php
View File

@ -932,23 +932,26 @@ endforeach; ?>
<select name="dhgroup">
<?php
$p1_dhgroups = array(
0 => gettext('off'),
1 => '1 (768 bit)',
2 => '2 (1024 bit)',
5 => '5 (1536 bit)',
14 => '14 (2048 bit)',
15 => '15 (3072 bit)',
16 => '16 (4096 bit)',
17 => '17 (6144 bit)',
18 => '18 (8192 bit)',
19 => '19 (256 bit elliptic curve)',
20 => '20 (384 bit elliptic curve)',
21 => '21 (521 bit elliptic curve)',
22 => '22 (1024(sub 160) bit)',
23 => '23 (2048(sub 224) bit)',
24 => '24 (2048(sub 256) bit)'
0 => gettext('off'),
1 => '1 (768 bits)',
2 => '2 (1024 bits)',
5 => '5 (1536 bits)',
14 => '14 (2048 bits)',
15 => '15 (3072 bits)',
16 => '16 (4096 bits)',
17 => '17 (6144 bits)',
18 => '18 (8192 bits)',
19 => '19 (NIST EC 256 bits)',
20 => '20 (NIST EC 384 bits)',
21 => '21 (NIST EC 521 bits)',
22 => '22 (1024(sub 160) bits)',
23 => '23 (2048(sub 224) bits)',
24 => '24 (2048(sub 256) bits)',
28 => '28 (Brainpool EC 256 bits)',
29 => '29 (Brainpool EC 384 bits)',
30 => '30 (Brainpool EC 512 bits)',
);
foreach ($p1_dhgroups as $keygroup => $keygroupname) :
foreach ($p1_dhgroups as $keygroup => $keygroupname):
?>
<option value="<?=$keygroup;?>" <?= $keygroup == $pconfig['dhgroup'] ? "selected=\"selected\"" : "";?>>
<?=$keygroupname;?>

36
src/www/vpn_ipsec_phase2.php
View File

@ -674,24 +674,26 @@ endif; ?>
<select name="pfsgroup">
<?php
$p2_dhgroups = array(
0 => gettext('off'),
1 => '1 (768 bit)',
2 => '2 (1024 bit)',
5 => '5 (1536 bit)',
14 => '14 (2048 bit)',
15 => '15 (3072 bit)',
16 => '16 (4096 bit)',
17 => '17 (6144 bit)',
18 => '18 (8192 bit)',
19 => '19 (256 bit elliptic curve)',
20 => '20 (384 bit elliptic curve)',
21 => '21 (521 bit elliptic curve)',
22 => '22 (1024(sub 160) bit)',
23 => '23 (2048(sub 224) bit)',
24 => '24 (2048(sub 256) bit)'
0 => gettext('off'),
1 => '1 (768 bits)',
2 => '2 (1024 bits)',
5 => '5 (1536 bits)',
14 => '14 (2048 bits)',
15 => '15 (3072 bits)',
16 => '16 (4096 bits)',
17 => '17 (6144 bits)',
18 => '18 (8192 bits)',
19 => '19 (NIST EC 256 bits)',
20 => '20 (NIST EC 384 bits)',
21 => '21 (NIST EC 521 bits)',
22 => '22 (1024(sub 160) bits)',
23 => '23 (2048(sub 224) bits)',
24 => '24 (2048(sub 256) bits)',
28 => '28 (Brainpool EC 256 bits)',
29 => '29 (Brainpool EC 384 bits)',
30 => '30 (Brainpool EC 512 bits)',
);
foreach ($p2_dhgroups as $keygroup => $keygroupname) :?>
foreach ($p2_dhgroups as $keygroup => $keygroupname): ?>
<option value="<?=$keygroup;?>" <?= $keygroup == $pconfig['pfsgroup'] ? "selected=\"selected\"" : "";?>>
<?=$keygroupname;?>
</option>