diff options
author | vindenesen <vindenesen@gmail.com> | 2019-10-01 21:49:35 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2019-11-11 16:29:02 +0100 |
commit | d13ed0f466f1e150159067c1b335fdc0317b6c20 (patch) | |
tree | b322805a551e53240cb88a28e987d218f75947fb /interface-definitions/interfaces-openvpn.xml | |
parent | 3782cfacaa9f6582a3d649bbdb38e0553c67b8c4 (diff) | |
download | vyos-1x-d13ed0f466f1e150159067c1b335fdc0317b6c20.tar.gz vyos-1x-d13ed0f466f1e150159067c1b335fdc0317b6c20.zip |
[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it.
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers.
[OpenVPN]: T1704: Added migration scripts for interface 2-to-3
Diffstat (limited to 'interface-definitions/interfaces-openvpn.xml')
-rw-r--r-- | interface-definitions/interfaces-openvpn.xml | 155 |
1 files changed, 106 insertions, 49 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml index 42c953fdc..10f8198f2 100644 --- a/interface-definitions/interfaces-openvpn.xml +++ b/interface-definitions/interfaces-openvpn.xml @@ -102,57 +102,114 @@ <valueless/> </properties> </leafNode> - <leafNode name="encryption"> + <node name="encryption"> <properties> - <help>Data Encryption Algorithm</help> - <completionHelp> - <list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list> - </completionHelp> - <valueHelp> - <format>des</format> - <description>DES algorithm</description> - </valueHelp> - <valueHelp> - <format>3des</format> - <description>DES algorithm with triple encryption</description> - </valueHelp> - <valueHelp> - <format>bf128</format> - <description>Blowfish algorithm with 128-bit key</description> - </valueHelp> - <valueHelp> - <format>bf256</format> - <description>Blowfish algorithm with 256-bit key</description> - </valueHelp> - <valueHelp> - <format>aes128</format> - <description>AES algorithm with 128-bit key CBC</description> - </valueHelp> - <valueHelp> - <format>aes128gcm</format> - <description>AES algorithm with 128-bit key GCM</description> - </valueHelp> - <valueHelp> - <format>aes192</format> - <description>AES algorithm with 192-bit key CBC</description> - </valueHelp> - <valueHelp> - <format>aes192gcm</format> - <description>AES algorithm with 192-bit key GCM</description> - </valueHelp> - <valueHelp> - <format>aes256</format> - <description>AES algorithm with 256-bit key CBC</description> - </valueHelp> - <valueHelp> - <format>aes256gcm</format> - <description>AES algorithm with 256-bit key GCM</description> - </valueHelp> - <constraint> - <regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex> - </constraint> + <help>Data Encryption settings</help> </properties> - </leafNode> + <children> + <leafNode name="cipher"> + <properties> + <help>Standard Data Encryption Algorithm</help> + <completionHelp> + <list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list> + </completionHelp> + <valueHelp> + <format>des</format> + <description>DES algorithm</description> + </valueHelp> + <valueHelp> + <format>3des</format> + <description>DES algorithm with triple encryption</description> + </valueHelp> + <valueHelp> + <format>bf128</format> + <description>Blowfish algorithm with 128-bit key</description> + </valueHelp> + <valueHelp> + <format>bf256</format> + <description>Blowfish algorithm with 256-bit key</description> + </valueHelp> + <valueHelp> + <format>aes128</format> + <description>AES algorithm with 128-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes128gcm</format> + <description>AES algorithm with 128-bit key GCM</description> + </valueHelp> + <valueHelp> + <format>aes192</format> + <description>AES algorithm with 192-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes192gcm</format> + <description>AES algorithm with 192-bit key GCM</description> + </valueHelp> + <valueHelp> + <format>aes256</format> + <description>AES algorithm with 256-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes256gcm</format> + <description>AES algorithm with 256-bit key GCM</description> + </valueHelp> + <constraint> + <regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex> + </constraint> + </properties> + </leafNode> + <leafNode name="ncp-ciphers"> + <properties> + <help>Data Encryption Algorithm list for use in server or client mode</help> + <completionHelp> + <list>des 3des aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list> + </completionHelp> + <valueHelp> + <format>des</format> + <description>DES algorithm</description> + </valueHelp> + <valueHelp> + <format>3des</format> + <description>DES algorithm with triple encryption</description> + </valueHelp> + <valueHelp> + <format>aes128</format> + <description>AES algorithm with 128-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes128gcm</format> + <description>AES algorithm with 128-bit key GCM</description> + </valueHelp> + <valueHelp> + <format>aes192</format> + <description>AES algorithm with 192-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes192gcm</format> + <description>AES algorithm with 192-bit key GCM</description> + </valueHelp> + <valueHelp> + <format>aes256</format> + <description>AES algorithm with 256-bit key CBC</description> + </valueHelp> + <valueHelp> + <format>aes256gcm</format> + <description>AES algorithm with 256-bit key GCM</description> + </valueHelp> + <constraint> + <regex>(des|3des|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex> + </constraint> + <multi/> + </properties> + </leafNode> + <leafNode name="disable-ncp"> + <properties> + <help>Disable support for ncp-ciphers</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> <leafNode name="hash"> <properties> <help>Hashing Algorithm</help> |