ipsec: remove hashing algorithm from null cipher

2026-03-19 19:15:22 +00:00 · 2024-12-16 17:13:06 +01:00 · 2024-12-16 17:13:06 +01:00 · 0819a01942
commit 0819a01942
parent dd595b9a78
1 changed files with 2 additions and 2 deletions
--- a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php
+++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php
@ -114,7 +114,7 @@ class IPsecProposalField extends BaseListField
                'aes256-sha512-ecp521' => null,
            ],
            /* AEAD algorithms */
-            gettext('Commonly used AES with Galois/Counter Mode') => [
+            gettext('Commonly used combined-mode (AEAD) ciphers') => [
                ...$this->AeadAlgorithms()
            ],
            gettext('Commonly used, but insecure cipher suites') => [
@ -124,7 +124,7 @@ class IPsecProposalField extends BaseListField
                'aes256-sha1-ecp521' => 'aes256-sha1-ecp521 [DH21, NIST EC]',
                'aes256-sha512-modp1024' => 'aes256-sha512-modp1024 [DH2]',
                'aes256-sha256' => 'aes256-sha256',
-                'null-sha256-x25519' => gettext('null-sha256-x25519 (testing only, no encryption!)')
+                'null' => gettext('null (testing only, no encryption and no integrity checking!)')
            ]
        ];
    }