'[Ipcop-svn] SF.net SVN: ipcop:[4743] ipcop/trunk'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipcop-svn
Subject:    [Ipcop-svn] SF.net SVN: ipcop:[4743] ipcop/trunk
From:       eoberlander () users ! sourceforge ! net
Date:       2010-07-28 17:09:45
Message-ID: E1OeA8X-0007OW-Vl () sfp-svn-1 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Revision: 4743
          http://ipcop.svn.sourceforge.net/ipcop/?rev=4743&view=rev
Author:   eoberlander
Date:     2010-07-28 17:09:45 +0000 (Wed, 28 Jul 2010)

Log Message:
-----------
Fix for SF Bug 3034625. Remove pfsgroup which has been obsoleted from ipsec.conf

Modified Paths:
--------------
    ipcop/trunk/html/cgi-bin/ipsec.cgi
    ipcop/trunk/src/libs/vpn-functions.pl

Modified: ipcop/trunk/html/cgi-bin/ipsec.cgi
===================================================================
--- ipcop/trunk/html/cgi-bin/ipsec.cgi	2010-07-28 09:15:50 UTC (rev 4742)
+++ ipcop/trunk/html/cgi-bin/ipsec.cgi	2010-07-28 17:09:45 UTC (rev 4743)
@@ -412,7 +412,7 @@
         $cgiparams{'IKE_LIFETIME'}  = $confighash{$cgiparams{'KEY'}}[16];
         $cgiparams{'ESP_ENCRYPTION'}= $confighash{$cgiparams{'KEY'}}[21];
         $cgiparams{'ESP_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[22];
-        $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23];
+        $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23]; # pfsgroup \
removed from openswan 2.6.21  $cgiparams{'ESP_KEYLIFE'}   = \
$confighash{$cgiparams{'KEY'}}[17];  $cgiparams{'AGGRMODE'}      = \
$confighash{$cgiparams{'KEY'}}[12];  $cgiparams{'COMPRESSION'}   = \
$confighash{$cgiparams{'KEY'}}[13]; @@ -1365,11 +1365,12 @@
         goto ADVANCED_ERROR;
         }
     }
-    if ($cgiparams{'ESP_GROUPTYPE'} ne '' &&
-        $cgiparams{'ESP_GROUPTYPE'} !~  /^modp(768|1024|1536|2048|3072|4096)$/) {
-        $errormessage = $Lang::tr{'invalid input'};
-        goto ADVANCED_ERROR;
-    }
+    # pfsgroup removed from openswan 2.6.21
+    # if ($cgiparams{'ESP_GROUPTYPE'} ne '' &&
+    #     $cgiparams{'ESP_GROUPTYPE'} !~  /^modp(768|1024|1536|2048|3072|4096)$/) {
+    #     $errormessage = $Lang::tr{'invalid input'};
+    #     goto ADVANCED_ERROR;
+    # }
 
     if ($cgiparams{'ESP_KEYLIFE'} !~ /^\d+$/) {
         $errormessage = $Lang::tr{'invalid input for esp keylife'};
@@ -1581,6 +1582,7 @@
         <option value='sha1' $checked{'ESP_INTEGRITY'}{'sha1'}>SHA1</option>
         <option value='md5' \
$checked{'ESP_INTEGRITY'}{'md5'}>MD5</option></select></td>  
+<!-- pfsgroup removed from openswan 2.6.21
         <td class='base' align='right' valign='top'>$Lang::tr{'esp \
grouptype'}:</td><td class='base' valign='top'>  <select name='ESP_GROUPTYPE'>
         <option value=''>$Lang::tr{'phase1 group'}</option>
@@ -1590,6 +1592,7 @@
         <option value='modp1536' \
                $checked{'ESP_GROUPTYPE'}{'modp1536'}>MODP-1536</option>
         <option value='modp1024' \
                $checked{'ESP_GROUPTYPE'}{'modp1024'}>MODP-1024</option>
         <option value='modp768'  \
$checked{'ESP_GROUPTYPE'}{'modp768'}>MODP-768</option></select></td> +pfsgroup -->
     </tr><tr>
         <td class='base' align='right'>$Lang::tr{'esp keylife'}:</td><td \
                class='base'>
         <input type='text' name='ESP_KEYLIFE' value='$cgiparams{'ESP_KEYLIFE'}' \
size='5' /> $Lang::tr{'hours'}</td>

Modified: ipcop/trunk/src/libs/vpn-functions.pl
===================================================================
--- ipcop/trunk/src/libs/vpn-functions.pl	2010-07-28 09:15:50 UTC (rev 4742)
+++ ipcop/trunk/src/libs/vpn-functions.pl	2010-07-28 17:09:45 UTC (rev 4743)
@@ -317,10 +317,12 @@
                 print CONF "\n";
             }
         }
-        if ($lconfighash{$key}[23]) {
-            print CONF "\tpfsgroup=$lconfighash{$key}[23]\n";
-        }
 
+        # pfsgroup obsoleted from openswan 2.6.21
+        # if ($lconfighash{$key}[23]) {
+        #     print CONF "\tpfsgroup=$lconfighash{$key}[23]\n";
+        # }
+
         # Lifetimes
         print CONF "\tikelifetime=$lconfighash{$key}[16]h\n" if \
                ($lconfighash{$key}[16]);
         print CONF "\tkeylife=$lconfighash{$key}[17]h\n" if \
($lconfighash{$key}[17]);


This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.

------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
_______________________________________________
Ipcop-svn mailing list
Ipcop-svn@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-svn


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic