From b4baf60c03a1bece8798c62cc4cd20b938264ae5 Mon Sep 17 00:00:00 2001
From: Daniil Baturin <daniil@baturin.org>
Date: Sun, 3 Aug 2014 12:42:27 +0200
Subject: Bug #237: improve ciphers option help and value validation.

---
 templates/service/ssh/ciphers/node.def | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

(limited to 'templates')

diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def
index 0ab5fb8f..7eab846e 100644
--- a/templates/service/ssh/ciphers/node.def
+++ b/templates/service/ssh/ciphers/node.def
@@ -1,5 +1,24 @@
 type: txt
-help: Specifies the ciphers allowed for protocol version 2.  Multiple ciphers must be comma-separated. See 'man sshd_config' for supported ciphers.
+help: Allowed ciphers
+val_help: txt; Cipher string
+val_help: 3des-cbc; 3DES CBC
+val_help: aes128-cbc; AES 128 CBC
+val_help: aes192-cbc; AES 192 CBC
+val_help: aes256-cbc; AES 256 CBC
+val_help: aes128-ctr; AES 128 CTR
+val_help: aes192-ctr; AES 192 CTR
+val_help: aes256-ctr; AES 256 CTR
+val_help: arcfour128; AC4 128
+val_help: arcfour256; AC4 256
+val_help: arcfour; AC4
+val_help: blowfish-cbc; Blowfish CBC
+val_help: cast128-cbc; CAST 128 CBC
+comp_help: Multiple ciphers can be specified as a comma-separated list.
+
+syntax:expression: pattern $VAR(@) "^((3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\
+aes256-ctr|arcfour128|arcfour256|arcfour|\
+blowfish-cbc|cast128-cbc)(,|$))+$"; \
+"$VAR(@) is not a valid cipher list"
 
 create: sudo sed -i -e '$ a \
 Ciphers $VAR(@)' /etc/ssh/sshd_config
@@ -7,4 +26,4 @@ Ciphers $VAR(@)' /etc/ssh/sshd_config
 delete: sudo sed -i -e '/^Ciphers $VAR(@)$/d' /etc/ssh/sshd_config
 
 update: sudo sed -i -e '/^Ciphers/c \
-Ciphers $VAR(@)' /etc/ssh/sshd_config
\ No newline at end of file
+Ciphers $VAR(@)' /etc/ssh/sshd_config
-- 
cgit v1.2.3