diff options
author | vindenesen <vindenesen@gmail.com> | 2019-10-21 11:58:40 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2019-11-11 16:29:02 +0100 |
commit | b8ea719ba035e52879b65157d01b60f67ca73868 (patch) | |
tree | eb9066773dcd44c637a838a763be58eb6a6ea569 /src/conf_mode | |
parent | c77b9a6bdfab2658442ebcff660db2f031b772ea (diff) | |
download | vyos-1x-b8ea719ba035e52879b65157d01b60f67ca73868.tar.gz vyos-1x-b8ea719ba035e52879b65157d01b60f67ca73868.zip |
[OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 321cef57c..50d367f2f 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -433,20 +433,28 @@ def get_config(): for enc in conf.return_values('encryption ncp-ciphers'): if enc == 'des': _ncp_ciphers.append('des-cbc') + _ncp_ciphers.append('DES-CBC') elif enc == '3des': _ncp_ciphers.append('des-ede3-cbc') + _ncp_ciphers.append('DES-EDE3-CBC') elif enc == 'aes128': _ncp_ciphers.append('aes-128-cbc') + _ncp_ciphers.append('AES-128-CBC') elif enc == 'aes128gcm': _ncp_ciphers.append('aes-128-gcm') + _ncp_ciphers.append('AES-128-GCM') elif enc == 'aes192': _ncp_ciphers.append('aes-192-cbc') + _ncp_ciphers.append('AES-192-CBC') elif enc == 'aes192gcm': _ncp_ciphers.append('aes-192-gcm') + _ncp_ciphers.append('AES-192-GCM') elif enc == 'aes256': _ncp_ciphers.append('aes-256-cbc') + _ncp_ciphers.append('AES-256-CBC') elif enc == 'aes256gcm': _ncp_ciphers.append('aes-256-gcm') + _ncp_ciphers.append('AES-256-GCM') openvpn['ncp_ciphers'] = ':'.join(_ncp_ciphers) # hash algorithm |