Page Menu
Home
VyOS Platform
Search
Configure Global Search
Log In
Files
F16435
vpn-config.pl.patch
All Users
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
ethomas
Aug 2 2017, 9:02 PM
2017-08-02 21:02:04 (UTC+0)
Size
2 KB
Referenced Files
None
Subscribers
None
vpn-config.pl.patch
View Options
--- /opt/vyatta/sbin/vpn-config.pl 2017-08-02 20:54:46.850570179 +0000
+++ /root/vpn-config.pl 2017-08-02 20:54:17.330991323 +0000
@@ -911,6 +911,40 @@
#
if (defined($encryption) && defined($hash)) {
$genout .= "$encryption-$hash";
+ my $pfs = $vcVPN->returnValue("ipsec esp-group $esp_group pfs");
+ if (defined($pfs)) {
+ if ($pfs eq 'dh-group2') {
+ $genout .= "\-modp1024";
+ } elsif ($pfs eq 'dh-group5') {
+ $genout .= "\-modp1536";
+ } elsif ($pfs eq 'dh-group14') {
+ $genout .= "\-modp2048";
+ } elsif ($pfs eq 'dh-group15') {
+ $genout .= "\-modp3072";
+ } elsif ($pfs eq 'dh-group16') {
+ $genout .= "\-modp4096";
+ } elsif ($pfs eq 'dh-group17') {
+ $genout .= "\-modp6144";
+ } elsif ($pfs eq 'dh-group18') {
+ $genout .= "\-modp8192";
+ } elsif ($pfs eq 'dh-group19') {
+ $genout .= "\-ecp256";
+ } elsif ($pfs eq 'dh-group20') {
+ $genout .= "\-ecp384";
+ } elsif ($pfs eq 'dh-group21') {
+ $genout .= "\-ecp521";
+ } elsif ($pfs eq 'dh-group22') {
+ $genout .= "\-modp1024s160";
+ } elsif ($pfs eq 'dh-group23') {
+ $genout .= "\-modp2048s224";
+ } elsif ($pfs eq 'dh-group24') {
+ $genout .= "\-modp2048s256";
+ } elsif ($pfs eq 'dh-group25') {
+ $genout .= "\-ecp192";
+ } elsif ($pfs eq 'dh-group26') {
+ $genout .= "\-ecp224";
+ }
+ }
}
}
$genout .= "!\n";
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
amazon-s3
Storage Format
Raw Data
Storage Handle
phabricator/nb/6e/taa4nnv5xkopxm2j
Default Alt Text
vpn-config.pl.patch (2 KB)
Attached To
Mode
T334: Not setting ESP DH Group properly on "esp=" line in ipsec.conf
Attached
Detach File
Event Timeline
Log In to Comment