From: IT Superhack <itsuperhack@web.de>
To: development@lists.ipfire.org
Subject: [PATCH] Mark recommended ciphers/algorithms
Date: Mon, 07 Dec 2015 17:35:15 +0100 [thread overview]
Message-ID: <5665B543.1040304@web.de> (raw)
In-Reply-To: <1449053222.31655.59.camel@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 6536 bytes --]
Signed-off-by: Timmothy Wilson <itsuperhack(a)web.de>
---
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 62af54e..15385f1 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1316,7 +1316,7 @@ END
<option value='1024' $selected{'DHLENGHT'}{'1024'}>1024
$Lang::tr{'bit'}</option>
<option value='2048' $selected{'DHLENGHT'}{'2048'}>2048
$Lang::tr{'bit'}</option>
<option value='3072' $selected{'DHLENGHT'}{'3072'}>3072
$Lang::tr{'bit'}</option>
- <option value='4096' $selected{'DHLENGHT'}{'4096'}>4096
$Lang::tr{'bit'}</option>
+ <option value='4096' $selected{'DHLENGHT'}{'4096'}>4096
$Lang::tr{'bit'} ($Lang::tr{'recommended'})</option>
</select>
</td>
</tr>
@@ -4687,7 +4687,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
<option value='CAMELLIA-256-CBC'
$selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256
$Lang::tr{'bit'})</option>
<option value='CAMELLIA-192-CBC'
$selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (192
$Lang::tr{'bit'})</option>
<option value='CAMELLIA-128-CBC'
$selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128
$Lang::tr{'bit'})</option>
- <option value='AES-256-CBC'
$selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'},
$Lang::tr{'default'})</option>
+ <option value='AES-256-CBC'
$selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'},
$Lang::tr{'default'}, $Lang::tr{'recommended'})</option>
<option value='AES-192-CBC'
$selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
<option value='AES-128-CBC'
$selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
<option value='DES-EDE3-CBC'
$selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192
$Lang::tr{'bit'})</option>
@@ -4702,7 +4702,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
<td class='boldbase'>$Lang::tr{'ovpn ha'}:</td>
<td><select name='DAUTH'>
<option value='whirlpool'
$selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
- <option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512
$Lang::tr{'bit'})</option>
+ <option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512
$Lang::tr{'bit'}, $Lang::tr{'recommended'})</option>
<option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384
$Lang::tr{'bit'})</option>
<option value='SHA256' $selected{'DAUTH'}{'SHA256'}>SHA2 (256
$Lang::tr{'bit'})</option>
<option value='SHA1' $selected{'DAUTH'}{'SHA1'}>SHA1 (160
$Lang::tr{'bit'} Default)</option>
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index f1cffb8..9aa50f5 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -2424,7 +2424,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
<td>$Lang::tr{'vpn keyexchange'}:</td>
<td>
<select name='IKE_VERSION'>
- <option value='ikev2' $selected{'IKE_VERSION'}{'ikev2'}>IKEv2</option>
+ <option value='ikev2' $selected{'IKE_VERSION'}{'ikev2'}>IKEv2
($Lang::tr{'recommended'})</option>
<option value='ikev1' $selected{'IKE_VERSION'}{'ikev1'}>IKEv1</option>
</select>
</td>
@@ -2434,7 +2434,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
<td class='boldbase' width="15%">$Lang::tr{'encryption'}</td>
<td class='boldbase'>
<select name='IKE_ENCRYPTION' multiple='multiple' size='6'
style='width: 100%'>
- <option value='aes256gcm128'
$checked{'IKE_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit
ICV</option>
+ <option value='aes256gcm128'
$checked{'IKE_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV
($Lang::tr{'recommended'})</option>
<option value='aes256gcm96'
$checked{'IKE_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit
ICV</option>
<option value='aes256gcm64'
$checked{'IKE_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit
ICV</option>
<option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>256
bit AES-CBC</option>
@@ -2454,7 +2454,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
</td>
<td class='boldbase'>
<select name='ESP_ENCRYPTION' multiple='multiple' size='6'
style='width: 100%'>
- <option value='aes256gcm128'
$checked{'ESP_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit
ICV</option>
+ <option value='aes256gcm128'
$checked{'ESP_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV
($Lang::tr{'recommended'})</option>
<option value='aes256gcm96'
$checked{'ESP_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit
ICV</option>
<option value='aes256gcm64'
$checked{'ESP_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit
ICV</option>
<option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>256
bit AES-CBC</option>
@@ -2478,7 +2478,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
<td class='boldbase' width="15%">$Lang::tr{'integrity'}</td>
<td class='boldbase'>
<select name='IKE_INTEGRITY' multiple='multiple' size='6'
style='width: 100%'>
- <option value='sha2_512'
$checked{'IKE_INTEGRITY'}{'sha2_512'}>SHA2 512 bit</option>
+ <option value='sha2_512'
$checked{'IKE_INTEGRITY'}{'sha2_512'}>SHA2 512 bit
($Lang::tr{'recommended'})</option>
<option value='sha2_384'
$checked{'IKE_INTEGRITY'}{'sha2_384'}>SHA2 384 bit</option>
<option value='sha2_256'
$checked{'IKE_INTEGRITY'}{'sha2_256'}>SHA2 256 bit</option>
<option value='aesxcbc' $checked{'IKE_INTEGRITY'}{'aesxcbc'}>AES
XCBC</option>
@@ -2488,7 +2488,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
</td>
<td class='boldbase'>
<select name='ESP_INTEGRITY' multiple='multiple' size='6'
style='width: 100%'>
- <option value='sha2_512'
$checked{'ESP_INTEGRITY'}{'sha2_512'}>SHA2 512 bit</option>
+ <option value='sha2_512'
$checked{'ESP_INTEGRITY'}{'sha2_512'}>SHA2 512 bit
($Lang::tr{'recommended'})</option>
<option value='sha2_384'
$checked{'ESP_INTEGRITY'}{'sha2_384'}>SHA2 384 bit</option>
<option value='sha2_256'
$checked{'ESP_INTEGRITY'}{'sha2_256'}>SHA2 256 bit</option>
<option value='aesxcbc' $checked{'ESP_INTEGRITY'}{'aesxcbc'}>AES
XCBC</option>
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 2bca854..b18cace 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1914,6 +1914,7 @@
'rebooting ipfire' => 'Starte IPFire neu',
'reconnect' => 'Neu Verbinden',
'reconnection' => 'Wiederverbindung',
+'recommended' => 'empfohlen',
'red' => 'Internet',
'red1' => 'ROT',
'references' => 'Referenzen',
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
next prev parent reply other threads:[~2015-12-07 16:35 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-23 14:18 [PATCH] Disallow OpenVPN DH params less than 1024 bits IT Superhack
2015-11-24 14:14 ` ue
2015-12-01 22:58 ` Michael Tremer
2015-12-02 9:07 ` IT Superhack
2015-12-02 10:47 ` Michael Tremer
2015-12-02 18:19 ` IT Superhack
2015-12-07 16:35 ` IT Superhack [this message]
2015-12-10 17:16 ` [PATCH] Mark recommended ciphers/algorithms Michael Tremer
2015-12-13 15:10 ` IT Superhack
2015-12-13 17:47 ` Larsen
2015-12-15 14:13 ` Michael Tremer
2015-12-15 15:03 ` Larsen
2015-12-15 21:18 ` Michael Tremer
2015-12-16 8:06 ` Larsen
2015-12-18 16:12 ` IT Superhack
2016-01-01 16:54 ` IT Superhack
2016-01-04 16:31 ` Michael Tremer
2016-01-10 16:29 ` IT Superhack
2016-01-10 22:22 ` Michael Tremer
2016-01-02 13:03 ` ue
2016-01-04 16:36 ` Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5665B543.1040304@web.de \
--to=itsuperhack@web.de \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox