Projet

Général

Profil

« Précédent | Suivant » 

Révision c650b2f7

Ajouté par Ermal il y a plus de 9 ans

Allow HASH algorithms to be empty for phase2 in case the encryption one is AES-GCM

Voir les différences:

usr/local/www/vpn_ipsec_phase2.php
127 127 
		$input_errors[] = gettext("A valid ikeid must be specified.");
128 128 

  		




  129
  129
  
    
	/* input validation */


  		




  130
  
  
    
	$reqdfields = explode(" ", "localid_type halgos uniqid");


  		




  131
  
  
    
	$reqdfieldsn = array(gettext("Local network type"),gettext("P2 Hash Algorithms"), gettext("Unique Identifier"));


  		




  
  130
  
    
	$reqdfields = explode(" ", "localid_type uniqid");


  		




  
  131
  
    
	$reqdfieldsn = array(gettext("Local network type"), gettext("Unique Identifier"));


  		




  132
  132
  
    
	if (!isset($pconfig['mobile'])){


  		




  133
  133
  
    
		$reqdfields[] = "remoteid_type";


  		




  134
  134
  
    
		$reqdfieldsn[] = gettext("Remote network type");


  		




  ......




  254
  254
  
    

  		




  255
  255
  
    
		if (!count($ealgos)) {


  		




  256
  256
  
    
			$input_errors[] = gettext("At least one encryption algorithm must be selected.");


  		




  
  257
  
    
		} else {


  		




  
  258
  
    
			if (empty($pconfig['halgo'])) {


  		




  
  259
  
    
				foreach ($ealgos as $ealgo) {


  		




  
  260
  
    
					if (!strpos($ealgo['name'], "gcm")) {


  		




  
  261
  
    
						$input_errors[] = gettext("At least one hashing algorithm needs to be selected.");


  		




  
  262
  
    
						break;


  		




  
  263
  
    
					}


  		




  
  264
  
    
				}


  		




  
  265
  
    
			}


  		




  257
  266
  
    
		}


  		




  
  267
  
    
		


  		




  258
  268
  
    
	}


  		




  259
  269
  
    
	if (($_POST['lifetime'] && !is_numeric($_POST['lifetime']))) {


  		




  260
  270
  
    
		$input_errors[] = gettext("The P2 lifetime must be an integer.");


  		




  ......




  277
  287
  
    

  		




  278
  288
  
    
		$ph2ent['protocol'] = $pconfig['proto'];


  		




  279
  289
  
    
		$ph2ent['encryption-algorithm-option'] = $ealgos;


  		




  280
  
  
    
		$ph2ent['hash-algorithm-option'] = $pconfig['halgos'];


  		




  
  290
  
    
		if (!empty($pconfig['halgos']))


  		




  
  291
  
    
			$ph2ent['hash-algorithm-option'] = $pconfig['halgos'];


  		




  
  292
  
    
		else


  		




  
  293
  
    
			unset($ph2ent['hash-algorithm-option']);


  		




  281
  294
  
    
		$ph2ent['pfsgroup'] = $pconfig['pfsgroup'];


  		




  282
  295
  
    
		$ph2ent['lifetime'] = $pconfig['lifetime'];


  		




  283
  296
  
    
		$ph2ent['pinghost'] = $pconfig['pinghost'];


  		












Formats disponibles :  Unified diff