diff options
| author | vindenesen <vindenesen@gmail.com> | 2019-09-26 15:33:27 +0200 |
|---|---|---|
| committer | vindenesen <vindenesen@gmail.com> | 2019-09-30 20:23:36 +0200 |
| commit | 387f9bb2f8f11af872f6f78f4b12d7cd20ea8c58 (patch) | |
| tree | dabc1844a031a3d384857569da9c983d3017006f | |
| parent | 41aa7bc4c804c0eba36ba6ec10b49b303e8c1df4 (diff) | |
| download | vyos-1x-387f9bb2f8f11af872f6f78f4b12d7cd20ea8c58.tar.gz vyos-1x-387f9bb2f8f11af872f6f78f4b12d7cd20ea8c58.zip | |
[OpenVPN]: T1688: Added aes-gcm encryptions
| -rw-r--r-- | interface-definitions/interfaces-openvpn.xml | 22 | ||||
| -rwxr-xr-x | src/conf_mode/interface-openvpn.py | 6 |
2 files changed, 23 insertions, 5 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml index fb2564cbd..365d80558 100644 --- a/interface-definitions/interfaces-openvpn.xml +++ b/interface-definitions/interfaces-openvpn.xml @@ -106,7 +106,7 @@ <properties> <help>Data Encryption Algorithm</help> <completionHelp> - <list>des 3des bf128 bf256 aes128 aes192 aes256</list> + <list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list> </completionHelp> <valueHelp> <format>des</format> @@ -126,18 +126,30 @@ </valueHelp> <valueHelp> <format>aes128</format> - <description>AES algorithm with 128-bit key</description> + <description>AES algorithm with 128-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes128gcm</format> + <description>AES algorithm with 128-bit key GCM</description> </valueHelp> <valueHelp> <format>aes192</format> - <description>AES algorithm with 192-bit key</description> + <description>AES algorithm with 192-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes192gcm</format> + <description>AES algorithm with 192-bit key GCM</description> </valueHelp> <valueHelp> <format>aes256</format> - <description>AES algorithm with 256-bit key</description> + <description>AES algorithm with 256-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes256gcm</format> + <description>AES algorithm with 256-bit key GCM</description> </valueHelp> <constraint> - <regex>(des|3des|bf128|bf256|aes128|aes192|aes256)</regex> + <regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex> </constraint> </properties> </leafNode> diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py index a988e1ab1..d00671a85 100755 --- a/src/conf_mode/interface-openvpn.py +++ b/src/conf_mode/interface-openvpn.py @@ -207,10 +207,16 @@ keysize 128 {%- elif 'bf256' in encryption %} cipher bf-cbc keysize 25 +{%- elif 'aes128gcm' in encryption %} +cipher aes-128-gcm {%- elif 'aes128' in encryption %} cipher aes-128-cbc +{%- elif 'aes192gcm' in encryption %} +cipher aes-192-gcm {%- elif 'aes192' in encryption %} cipher aes-192-cbc +{%- elif 'aes256gcm' in encryption %} +cipher aes-256-gcm {%- elif 'aes256' in encryption %} cipher aes-256-cbc {% endif %} |