From a5e24cadf5e5b2ddc085ff55a42e8a77698b6211 Mon Sep 17 00:00:00 2001
From: Fabian Franz <fabian.franz@students.fh-hagenberg.at>
Date: Mon, 29 Aug 2016 17:17:02 +0200
Subject: [PATCH] Camellia can only be used with IKEv2

---
 src/www/vpn_ipsec_phase1.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/www/vpn_ipsec_phase1.php b/src/www/vpn_ipsec_phase1.php
index b81eb5c92..dc58432ac 100644
--- a/src/www/vpn_ipsec_phase1.php
+++ b/src/www/vpn_ipsec_phase1.php
@@ -200,6 +200,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             $reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
             break;
     }
+    
     if (empty($pconfig['mobile'])) {
         $reqdfields[] = "remote-gateway";
         $reqdfieldsn[] = gettext("Remote gateway");
@@ -331,6 +332,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
     if (!empty($pconfig['ealgo_keylen'])) {
         $pconfig['encryption-algorithm']['keylen'] = $pconfig['ealgo_keylen'];
     }
+    
+    if (!empty($pconfig['iketype']) && !empty($pconfig['encryption-algorithm']['name']) && $pconfig['iketype'] != 'ikev2' && $pconfig['encryption-algorithm']['name'] == 'camellia') {
+        $input_errors[] = sprintf(gettext("%s can only be used with IKEv2 type VPNs."), 'Camellia');
+    }
 
     if (count($input_errors) == 0) {
         $copy_fields = "ikeid,iketype,interface,mode,protocol,myid_type,myid_data