lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 16:14:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

rework https://github.com/opnsense/core/pull/1160

Browse Source
This commit is contained in:
Ad Schellevis 2016-08-29 20:04:20 +02:00
parent 1372e8a23c
commit 8eae446e8b
2 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/etc/inc/ipsec.inc
View File

@ -37,12 +37,12 @@ $ipsec_loglevels = array("dmn" => "Daemon", "mgr" => "SA Manager", "ike" => "IKE
);
$p1_ealgos = array(
'aes' => array( 'name' => 'AES', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ) ),
'camellia' => array( 'name' => 'Camellia', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ) ),
'blowfish' => array( 'name' => 'Blowfish', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ) ),
'3des' => array( 'name' => '3DES' ),
'cast128' => array( 'name' => 'CAST128' ),
'des' => array( 'name' => 'DES' )
'aes' => array( 'name' => 'AES', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ), 'iketype' => null ),
'camellia' => array( 'name' => 'Camellia', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ), 'iketype' => 'ikev2' ),
'blowfish' => array( 'name' => 'Blowfish', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ), 'iketype' => null ),
'3des' => array( 'name' => '3DES', 'iketype' => null ),
'cast128' => array( 'name' => 'CAST128', 'iketype' => null ),
'des' => array( 'name' => 'DES', 'iketype' => null )
);
$p1_authentication_methods = array(

11
src/www/vpn_ipsec_phase1.php
View File

@ -200,7 +200,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
break;
}
if (empty($pconfig['mobile'])) {
$reqdfields[] = "remote-gateway";
$reqdfieldsn[] = gettext("Remote gateway");
@ -332,9 +332,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (!empty($pconfig['ealgo_keylen'])) {
$pconfig['encryption-algorithm']['keylen'] = $pconfig['ealgo_keylen'];
}
if (!empty($pconfig['iketype']) && !empty($pconfig['encryption-algorithm']['name']) && $pconfig['iketype'] != 'ikev2' && $pconfig['encryption-algorithm']['name'] == 'camellia') {
$input_errors[] = sprintf(gettext("%s can only be used with IKEv2 type VPNs."), 'Camellia');
foreach ($p1_ealgos as $algo => $algodata) {
if (!empty($pconfig['iketype']) && !empty($pconfig['encryption-algorithm']['name']) && !empty($algodata['iketype'])
&& $pconfig['iketype'] != $algodata['iketype'] && $pconfig['encryption-algorithm']['name'] == $algo) {
$input_errors[] = sprintf(gettext("%s can only be used with IKEv2 type VPNs."), $algodata['name']);
}
}
if (count($input_errors) == 0) {