summaryrefslogtreecommitdiff
path: root/interface-definitions/interfaces-openvpn.xml
diff options
context:
space:
mode:
authorvindenesen <vindenesen@gmail.com>2019-10-01 21:49:35 +0200
committerChristian Poessinger <christian@poessinger.com>2019-11-11 16:29:02 +0100
commitd13ed0f466f1e150159067c1b335fdc0317b6c20 (patch)
treeb322805a551e53240cb88a28e987d218f75947fb /interface-definitions/interfaces-openvpn.xml
parent3782cfacaa9f6582a3d649bbdb38e0553c67b8c4 (diff)
downloadvyos-1x-d13ed0f466f1e150159067c1b335fdc0317b6c20.tar.gz
vyos-1x-d13ed0f466f1e150159067c1b335fdc0317b6c20.zip
[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it.
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3
Diffstat (limited to 'interface-definitions/interfaces-openvpn.xml')
-rw-r--r--interface-definitions/interfaces-openvpn.xml155
1 files changed, 106 insertions, 49 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml
index 42c953fdc..10f8198f2 100644
--- a/interface-definitions/interfaces-openvpn.xml
+++ b/interface-definitions/interfaces-openvpn.xml
@@ -102,57 +102,114 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="encryption">
+ <node name="encryption">
<properties>
- <help>Data Encryption Algorithm</help>
- <completionHelp>
- <list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
- </completionHelp>
- <valueHelp>
- <format>des</format>
- <description>DES algorithm</description>
- </valueHelp>
- <valueHelp>
- <format>3des</format>
- <description>DES algorithm with triple encryption</description>
- </valueHelp>
- <valueHelp>
- <format>bf128</format>
- <description>Blowfish algorithm with 128-bit key</description>
- </valueHelp>
- <valueHelp>
- <format>bf256</format>
- <description>Blowfish algorithm with 256-bit key</description>
- </valueHelp>
- <valueHelp>
- <format>aes128</format>
- <description>AES algorithm with 128-bit key CBC</description>
- </valueHelp>
- <valueHelp>
- <format>aes128gcm</format>
- <description>AES algorithm with 128-bit key GCM</description>
- </valueHelp>
- <valueHelp>
- <format>aes192</format>
- <description>AES algorithm with 192-bit key CBC</description>
- </valueHelp>
- <valueHelp>
- <format>aes192gcm</format>
- <description>AES algorithm with 192-bit key GCM</description>
- </valueHelp>
- <valueHelp>
- <format>aes256</format>
- <description>AES algorithm with 256-bit key CBC</description>
- </valueHelp>
- <valueHelp>
- <format>aes256gcm</format>
- <description>AES algorithm with 256-bit key GCM</description>
- </valueHelp>
- <constraint>
- <regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
- </constraint>
+ <help>Data Encryption settings</help>
</properties>
- </leafNode>
+ <children>
+ <leafNode name="cipher">
+ <properties>
+ <help>Standard Data Encryption Algorithm</help>
+ <completionHelp>
+ <list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
+ </completionHelp>
+ <valueHelp>
+ <format>des</format>
+ <description>DES algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>3des</format>
+ <description>DES algorithm with triple encryption</description>
+ </valueHelp>
+ <valueHelp>
+ <format>bf128</format>
+ <description>Blowfish algorithm with 128-bit key</description>
+ </valueHelp>
+ <valueHelp>
+ <format>bf256</format>
+ <description>Blowfish algorithm with 256-bit key</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128</format>
+ <description>AES algorithm with 128-bit key CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gcm</format>
+ <description>AES algorithm with 128-bit key GCM</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192</format>
+ <description>AES algorithm with 192-bit key CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gcm</format>
+ <description>AES algorithm with 192-bit key GCM</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256</format>
+ <description>AES algorithm with 256-bit key CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gcm</format>
+ <description>AES algorithm with 256-bit key GCM</description>
+ </valueHelp>
+ <constraint>
+ <regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="ncp-ciphers">
+ <properties>
+ <help>Data Encryption Algorithm list for use in server or client mode</help>
+ <completionHelp>
+ <list>des 3des aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
+ </completionHelp>
+ <valueHelp>
+ <format>des</format>
+ <description>DES algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>3des</format>
+ <description>DES algorithm with triple encryption</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128</format>
+ <description>AES algorithm with 128-bit key CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gcm</format>
+ <description>AES algorithm with 128-bit key GCM</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192</format>
+ <description>AES algorithm with 192-bit key CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gcm</format>
+ <description>AES algorithm with 192-bit key GCM</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256</format>
+ <description>AES algorithm with 256-bit key CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gcm</format>
+ <description>AES algorithm with 256-bit key GCM</description>
+ </valueHelp>
+ <constraint>
+ <regex>(des|3des|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ <leafNode name="disable-ncp">
+ <properties>
+ <help>Disable support for ncp-ciphers</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<leafNode name="hash">
<properties>
<help>Hashing Algorithm</help>