This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 60cc2e54a74de59f7bbecac7965d7aa58a3fda2e (commit) via b2531cb080d5e44df059c7ba2431ce6d702249e7 (commit) from 558a00527937969b0090c01d10cc60a812254922 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 60cc2e54a74de59f7bbecac7965d7aa58a3fda2e Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 15 15:57:29 2013 +0100
vpnmain.cgi: Fix selection of AES-192 as ESP cipher.
commit b2531cb080d5e44df059c7ba2431ce6d702249e7 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 15 15:45:29 2013 +0100
vpnmain.cgi: Allow to use PSK if public IP is '%defaultroute'.
Openswan did not support to use PSKs on net-to-net connections, when the public IP of the IPFire box was "%defaultroute". However, it is required to set the public IP to "%defaultroute" on NAT-ed devices (such as UMTS connections in Germany) to connect to other sites as the IPFire box does not know the real public IP address.
-----------------------------------------------------------------------
Summary of changes: html/cgi-bin/vpnmain.cgi | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-)
Difference in files: diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index e9d114b..6bae487 100755 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -1987,8 +1987,6 @@ END ; &Header::closebox(); } elsif (! $cgiparams{'KEY'}) { - my $pskdisabled = ($vpnsettings{'VPN_IP'} eq '%defaultroute') ? "disabled='disabled'" : '' ; - $cgiparams{'PSK'} = $Lang::tr{'vpn incompatible use of defaultroute'} if ($pskdisabled); my $cakeydisabled = ( ! -f "${General::swroot}/private/cakey.pem" ) ? "disabled='disabled'" : ''; $cgiparams{'CERT_NAME'} = $Lang::tr{'vpn no full pki'} if ($cakeydisabled); my $cacrtdisabled = ( ! -f "${General::swroot}/ca/cacert.pem" ) ? "disabled='disabled'" : ''; @@ -1996,9 +1994,9 @@ END &Header::openbox('100%', 'left', $Lang::tr{'authentication'}); print <<END <table width='100%' cellpadding='0' cellspacing='5' border='0'> - <tr><td width='5%'><input type='radio' name='AUTH' value='psk' $checked{'AUTH'}{'psk'} $pskdisabled/></td> + <tr><td width='5%'><input type='radio' name='AUTH' value='psk' $checked{'AUTH'}{'psk'} /></td> <td class='base' width='55%'>$Lang::tr{'use a pre-shared key'}</td> - <td class='base' width='40%'><input type='password' name='PSK' size='30' value='$cgiparams{'PSK'}' $pskdisabled/></td></tr> + <td class='base' width='40%'><input type='password' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td></tr> <tr><td colspan='3' bgcolor='#000000'></td></tr> <tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td> <td class='base'><hr />$Lang::tr{'upload a certificate request'}</td> @@ -2094,7 +2092,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || goto ADVANCED_ERROR; } foreach my $val (@temp) { - if ($val !~ /^(aes256|aes128|3des)$/) { + if ($val !~ /^(aes256|aes192|aes128|3des)$/) { $errormessage = $Lang::tr{'invalid input'}; goto ADVANCED_ERROR; }
hooks/post-receive -- IPFire 2.x development tree