summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorvindenesen <vindenesen@gmail.com>2019-10-21 11:58:40 +0200
committerChristian Poessinger <christian@poessinger.com>2019-11-11 16:29:02 +0100
commitb8ea719ba035e52879b65157d01b60f67ca73868 (patch)
treeeb9066773dcd44c637a838a763be58eb6a6ea569 /src/conf_mode
parentc77b9a6bdfab2658442ebcff660db2f031b772ea (diff)
downloadvyos-1x-b8ea719ba035e52879b65157d01b60f67ca73868.tar.gz
vyos-1x-b8ea719ba035e52879b65157d01b60f67ca73868.zip
[OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 321cef57c..50d367f2f 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -433,20 +433,28 @@ def get_config():
for enc in conf.return_values('encryption ncp-ciphers'):
if enc == 'des':
_ncp_ciphers.append('des-cbc')
+ _ncp_ciphers.append('DES-CBC')
elif enc == '3des':
_ncp_ciphers.append('des-ede3-cbc')
+ _ncp_ciphers.append('DES-EDE3-CBC')
elif enc == 'aes128':
_ncp_ciphers.append('aes-128-cbc')
+ _ncp_ciphers.append('AES-128-CBC')
elif enc == 'aes128gcm':
_ncp_ciphers.append('aes-128-gcm')
+ _ncp_ciphers.append('AES-128-GCM')
elif enc == 'aes192':
_ncp_ciphers.append('aes-192-cbc')
+ _ncp_ciphers.append('AES-192-CBC')
elif enc == 'aes192gcm':
_ncp_ciphers.append('aes-192-gcm')
+ _ncp_ciphers.append('AES-192-GCM')
elif enc == 'aes256':
_ncp_ciphers.append('aes-256-cbc')
+ _ncp_ciphers.append('AES-256-CBC')
elif enc == 'aes256gcm':
_ncp_ciphers.append('aes-256-gcm')
+ _ncp_ciphers.append('AES-256-GCM')
openvpn['ncp_ciphers'] = ':'.join(_ncp_ciphers)
# hash algorithm