From: <eob...@us...> - 2010-07-28 17:09:52
|
Revision: 4743 http://ipcop.svn.sourceforge.net/ipcop/?rev=4743&view=rev Author: eoberlander Date: 2010-07-28 17:09:45 +0000 (Wed, 28 Jul 2010) Log Message: ----------- Fix for SF Bug 3034625. Remove pfsgroup which has been obsoleted from ipsec.conf Modified Paths: -------------- ipcop/trunk/html/cgi-bin/ipsec.cgi ipcop/trunk/src/libs/vpn-functions.pl Modified: ipcop/trunk/html/cgi-bin/ipsec.cgi =================================================================== --- ipcop/trunk/html/cgi-bin/ipsec.cgi 2010-07-28 09:15:50 UTC (rev 4742) +++ ipcop/trunk/html/cgi-bin/ipsec.cgi 2010-07-28 17:09:45 UTC (rev 4743) @@ -412,7 +412,7 @@ $cgiparams{'IKE_LIFETIME'} = $confighash{$cgiparams{'KEY'}}[16]; $cgiparams{'ESP_ENCRYPTION'}= $confighash{$cgiparams{'KEY'}}[21]; $cgiparams{'ESP_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[22]; - $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23]; + $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23]; # pfsgroup removed from openswan 2.6.21 $cgiparams{'ESP_KEYLIFE'} = $confighash{$cgiparams{'KEY'}}[17]; $cgiparams{'AGGRMODE'} = $confighash{$cgiparams{'KEY'}}[12]; $cgiparams{'COMPRESSION'} = $confighash{$cgiparams{'KEY'}}[13]; @@ -1365,11 +1365,12 @@ goto ADVANCED_ERROR; } } - if ($cgiparams{'ESP_GROUPTYPE'} ne '' && - $cgiparams{'ESP_GROUPTYPE'} !~ /^modp(768|1024|1536|2048|3072|4096)$/) { - $errormessage = $Lang::tr{'invalid input'}; - goto ADVANCED_ERROR; - } + # pfsgroup removed from openswan 2.6.21 + # if ($cgiparams{'ESP_GROUPTYPE'} ne '' && + # $cgiparams{'ESP_GROUPTYPE'} !~ /^modp(768|1024|1536|2048|3072|4096)$/) { + # $errormessage = $Lang::tr{'invalid input'}; + # goto ADVANCED_ERROR; + # } if ($cgiparams{'ESP_KEYLIFE'} !~ /^\d+$/) { $errormessage = $Lang::tr{'invalid input for esp keylife'}; @@ -1581,6 +1582,7 @@ <option value='sha1' $checked{'ESP_INTEGRITY'}{'sha1'}>SHA1</option> <option value='md5' $checked{'ESP_INTEGRITY'}{'md5'}>MD5</option></select></td> +<!-- pfsgroup removed from openswan 2.6.21 <td class='base' align='right' valign='top'>$Lang::tr{'esp grouptype'}:</td><td class='base' valign='top'> <select name='ESP_GROUPTYPE'> <option value=''>$Lang::tr{'phase1 group'}</option> @@ -1590,6 +1592,7 @@ <option value='modp1536' $checked{'ESP_GROUPTYPE'}{'modp1536'}>MODP-1536</option> <option value='modp1024' $checked{'ESP_GROUPTYPE'}{'modp1024'}>MODP-1024</option> <option value='modp768' $checked{'ESP_GROUPTYPE'}{'modp768'}>MODP-768</option></select></td> +pfsgroup --> </tr><tr> <td class='base' align='right'>$Lang::tr{'esp keylife'}:</td><td class='base'> <input type='text' name='ESP_KEYLIFE' value='$cgiparams{'ESP_KEYLIFE'}' size='5' /> $Lang::tr{'hours'}</td> Modified: ipcop/trunk/src/libs/vpn-functions.pl =================================================================== --- ipcop/trunk/src/libs/vpn-functions.pl 2010-07-28 09:15:50 UTC (rev 4742) +++ ipcop/trunk/src/libs/vpn-functions.pl 2010-07-28 17:09:45 UTC (rev 4743) @@ -317,10 +317,12 @@ print CONF "\n"; } } - if ($lconfighash{$key}[23]) { - print CONF "\tpfsgroup=$lconfighash{$key}[23]\n"; - } + # pfsgroup obsoleted from openswan 2.6.21 + # if ($lconfighash{$key}[23]) { + # print CONF "\tpfsgroup=$lconfighash{$key}[23]\n"; + # } + # Lifetimes print CONF "\tikelifetime=$lconfighash{$key}[16]h\n" if ($lconfighash{$key}[16]); print CONF "\tkeylife=$lconfighash{$key}[17]h\n" if ($lconfighash{$key}[17]); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |