/[smecontribs]/rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s-0.2-sme10.patch
ViewVC logotype

Diff of /rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s-0.2-sme10.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.3 by jpp, Tue Mar 30 05:20:13 2021 UTC Revision 1.4 by jpp, Tue Mar 30 05:23:57 2021 UTC
# Line 85  diff -Nur --no-dereference smeserver-ope Line 85  diff -Nur --no-dereference smeserver-ope
85       </entry>       </entry>
86  +  +
87  +    <entry>  +    <entry>
88  +        <base>UNSECURE</base>  +        <base>INSECURE</base>
89  +        <trans>Unsecure parameter</trans>  +        <trans>Insecure parameter</trans>
90  +    </entry>  +    </entry>
91  +    <entry>  +    <entry>
92  +        <base>SUGGESTED</base>  +        <base>SUGGESTED</base>
# Line 476  diff -Nur --no-dereference smeserver-ope Line 476  diff -Nur --no-dereference smeserver-ope
476               $status = $fm->localise('DISABLED');               $status = $fm->localise('DISABLED');
477           }           }
478  +        my $cipher = $config->prop('cipher') || 'BF-CBC';  +        my $cipher = $config->prop('cipher') || 'BF-CBC';
479  +       $cipher = "<span style='color:red'>". $fm->localise('UNSECURE'). " $cipher</span> " unless ($cipher =~ /(128|192|256|512|SEED)/ );  +       $cipher = "<span style='color:red'>". $fm->localise('INSECURE'). " $cipher</span> " unless ($cipher =~ /(128|192|256|512|SEED)/ );
480  +        my $hmac   = $config->prop('HMAC') || 'SHA1';  +        my $hmac   = $config->prop('HMAC') || 'SHA1';
481  +       $hmac= "<span style='color:red'>". $fm->localise('UNSECURE'). " $hmac</span> " unless ($hmac eq "whirlpool" || $hmac =~ /(512|256|384|224)$/);  +       $hmac= "<span style='color:red'>". $fm->localise('INSECURE'). " $hmac</span> " unless ($hmac eq "whirlpool" || $hmac =~ /(512|256|384|224)$/);
482  +        my $authe  = $config->prop('Authentication') || '';  +        my $authe  = $config->prop('Authentication') || '';
483  +       my $linkup = "<span style='color:red'>". $fm->localise('DOWN')."</span>" ;  +       my $linkup = "<span style='color:red'>". $fm->localise('DOWN')."</span>" ;
484  +       use Net::Ping;  +       use Net::Ping;
# Line 583  diff -Nur --no-dereference smeserver-ope Line 583  diff -Nur --no-dereference smeserver-ope
583  +=head2 get_ciphers_options  +=head2 get_ciphers_options
584  +list obtained using  +list obtained using
585  +openvpn --show-ciphers | egrep '^[A-Z]{2}' |  sed 's/ by//; s/ default//; s/block,/block/; s/)// ' | awk {'print "    '\''" $1 "'\'' => '\''" $1 $2 " " $4 " "  $5 " "  $7")'\''," '}  +openvpn --show-ciphers | egrep '^[A-Z]{2}' |  sed 's/ by//; s/ default//; s/block,/block/; s/)// ' | awk {'print "    '\''" $1 "'\'' => '\''" $1 $2 " " $4 " "  $5 " "  $7")'\''," '}
586  +then reduced to remove most of unsecure ciphers  +then reduced to remove most of insecure ciphers
587  +Using a CBC or GCM mode is recommended.  +Using a CBC or GCM mode is recommended.
588  +In static key mode only CBC mode is allowed.  +In static key mode only CBC mode is allowed.
589  +  +

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed