From 3226fa1d44d637e1e710bbd3532dcd27e61d2a91 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 8 Dec 2020 20:37:01 +0100 Subject: openvpn: T3117: fix generated ncp-ciphers in server config --- data/templates/openvpn/server.conf.tmpl | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'data/templates/openvpn') diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index a1daaa078..9fc281afc 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -227,7 +227,29 @@ cipher aes-256-cbc {% endif %} {% endif %} {% if encryption.ncp_ciphers is defined and encryption.ncp_ciphers is not none %} -ncp-ciphers {{ encryption.ncp_ciphers | join(':') }} +{% set cipher_list = [] %} +{% for cipher in encryption.ncp_ciphers %} +{% if cipher == 'none' %} +{% set cipher_list = cipher_list.append('none') %} +{% elif cipher == 'des' %} +{% set cipher_list = cipher_list.append('des-cbc') %} +{% elif cipher == '3des' %} +{% set cipher_list = cipher_list.append('des-ede3-cbc') %} +{% elif cipher == 'aes128' %} +{% set cipher_list = cipher_list.append('aes-128-cbc') %} +{% elif cipher == 'aes128gcm' %} +{% set cipher_list = cipher_list.append('aes-128-gcm') %} +{% elif cipher == 'aes192' %} +{% set cipher_list = cipher_list.append('aes-192-cbc') %} +{% elif cipher == 'aes192gcm' %} +{% set cipher_list = cipher_list.append('aes-192-gcm') %} +{% elif cipher == 'aes256' %} +{% set cipher_list = cipher_list.append('aes-256-cbc') %} +{% elif cipher == 'aes256gcm' %} +{% set cipher_list = cipher_list.append('aes-256-gcm') %} +{% endif %} +{% endfor %} +ncp-ciphers {{ cipher_list | join(':') }}:{{ cipher_list | join(':') | upper }} {% elif encryption.disable_ncp is defined %} ncp-disable {% endif %} -- cgit v1.2.3