if_ovpn: fix AES-128-GCM support
We need to explicitly list AES-128-GCM as an allowed cipher for that
mode to work. While here also add AES-192-GCM. That brings our supported
cipher list in line with other openvpn/dco platforms.
Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
+3
-1
@@ -694,7 +694,9 @@ ovpn_create_kkey_dir(struct ovpn_kkey_dir **kdirp,
|
||||
|
||||
if (strcmp(ciphername, "none") == 0)
|
||||
cipher = OVPN_CIPHER_ALG_NONE;
|
||||
else if (strcmp(ciphername, "AES-256-GCM") == 0)
|
||||
else if (strcmp(ciphername, "AES-256-GCM") == 0 ||
|
||||
strcmp(ciphername, "AES-192-GCM") == 0 ||
|
||||
strcmp(ciphername, "AES-128-GCM") == 0)
|
||||
cipher = OVPN_CIPHER_ALG_AES_GCM;
|
||||
else if (strcmp(ciphername, "CHACHA20-POLY1305") == 0)
|
||||
cipher = OVPN_CIPHER_ALG_CHACHA20_POLY1305;
|
||||
|
||||
Reference in New Issue
Block a user