Menu
▾
▴
[Ipcop-svn] SF.net SVN: ipcop:[4743] ipcop/trunk
|
From: <eob...@us...> - 2010-07-28 17:09:52
|
Revision: 4743
http://ipcop.svn.sourceforge.net/ipcop/?rev=4743&view=rev
Author: eoberlander
Date: 2010-07-28 17:09:45 +0000 (Wed, 28 Jul 2010)
Log Message:
-----------
Fix for SF Bug 3034625. Remove pfsgroup which has been obsoleted from ipsec.conf
Modified Paths:
--------------
ipcop/trunk/html/cgi-bin/ipsec.cgi
ipcop/trunk/src/libs/vpn-functions.pl
Modified: ipcop/trunk/html/cgi-bin/ipsec.cgi
===================================================================
--- ipcop/trunk/html/cgi-bin/ipsec.cgi 2010-07-28 09:15:50 UTC (rev 4742)
+++ ipcop/trunk/html/cgi-bin/ipsec.cgi 2010-07-28 17:09:45 UTC (rev 4743)
@@ -412,7 +412,7 @@
$cgiparams{'IKE_LIFETIME'} = $confighash{$cgiparams{'KEY'}}[16];
$cgiparams{'ESP_ENCRYPTION'}= $confighash{$cgiparams{'KEY'}}[21];
$cgiparams{'ESP_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[22];
- $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23];
+ $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23]; # pfsgroup removed from openswan 2.6.21
$cgiparams{'ESP_KEYLIFE'} = $confighash{$cgiparams{'KEY'}}[17];
$cgiparams{'AGGRMODE'} = $confighash{$cgiparams{'KEY'}}[12];
$cgiparams{'COMPRESSION'} = $confighash{$cgiparams{'KEY'}}[13];
@@ -1365,11 +1365,12 @@
goto ADVANCED_ERROR;
}
}
- if ($cgiparams{'ESP_GROUPTYPE'} ne '' &&
- $cgiparams{'ESP_GROUPTYPE'} !~ /^modp(768|1024|1536|2048|3072|4096)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
+ # pfsgroup removed from openswan 2.6.21
+ # if ($cgiparams{'ESP_GROUPTYPE'} ne '' &&
+ # $cgiparams{'ESP_GROUPTYPE'} !~ /^modp(768|1024|1536|2048|3072|4096)$/) {
+ # $errormessage = $Lang::tr{'invalid input'};
+ # goto ADVANCED_ERROR;
+ # }
if ($cgiparams{'ESP_KEYLIFE'} !~ /^\d+$/) {
$errormessage = $Lang::tr{'invalid input for esp keylife'};
@@ -1581,6 +1582,7 @@
<option value='sha1' $checked{'ESP_INTEGRITY'}{'sha1'}>SHA1</option>
<option value='md5' $checked{'ESP_INTEGRITY'}{'md5'}>MD5</option></select></td>
+<!-- pfsgroup removed from openswan 2.6.21
<td class='base' align='right' valign='top'>$Lang::tr{'esp grouptype'}:</td><td class='base' valign='top'>
<select name='ESP_GROUPTYPE'>
<option value=''>$Lang::tr{'phase1 group'}</option>
@@ -1590,6 +1592,7 @@
<option value='modp1536' $checked{'ESP_GROUPTYPE'}{'modp1536'}>MODP-1536</option>
<option value='modp1024' $checked{'ESP_GROUPTYPE'}{'modp1024'}>MODP-1024</option>
<option value='modp768' $checked{'ESP_GROUPTYPE'}{'modp768'}>MODP-768</option></select></td>
+pfsgroup -->
</tr><tr>
<td class='base' align='right'>$Lang::tr{'esp keylife'}:</td><td class='base'>
<input type='text' name='ESP_KEYLIFE' value='$cgiparams{'ESP_KEYLIFE'}' size='5' /> $Lang::tr{'hours'}</td>
Modified: ipcop/trunk/src/libs/vpn-functions.pl
===================================================================
--- ipcop/trunk/src/libs/vpn-functions.pl 2010-07-28 09:15:50 UTC (rev 4742)
+++ ipcop/trunk/src/libs/vpn-functions.pl 2010-07-28 17:09:45 UTC (rev 4743)
@@ -317,10 +317,12 @@
print CONF "\n";
}
}
- if ($lconfighash{$key}[23]) {
- print CONF "\tpfsgroup=$lconfighash{$key}[23]\n";
- }
+ # pfsgroup obsoleted from openswan 2.6.21
+ # if ($lconfighash{$key}[23]) {
+ # print CONF "\tpfsgroup=$lconfighash{$key}[23]\n";
+ # }
+
# Lifetimes
print CONF "\tikelifetime=$lconfighash{$key}[16]h\n" if ($lconfighash{$key}[16]);
print CONF "\tkeylife=$lconfighash{$key}[17]h\n" if ($lconfighash{$key}[17]);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|