WARNING: untranslated string: ovpn ciphers = Ciphers
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn unsupported cipher selected = Unknown cipher selected
WARNING: untranslated string: pakfire invalid tree = Invalid repository selected
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn ha = Hash algorithm
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn no connections = No active OpenVPN connections
WARNING: untranslated string: ovpn on blue = OpenVPN on BLUE:
WARNING: untranslated string: ovpn on orange = OpenVPN on ORANGE:
WARNING: untranslated string: ovpn ciphers = Ciphers
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn unsupported cipher selected = Unknown cipher selected
WARNING: untranslated string: pakfire ago = ago.
WARNING: untranslated string: quality of service = Quality of Service
WARNING: untranslated string: ovpn ciphers = Ciphers
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn unsupported cipher selected = Unknown cipher selected
WARNING: untranslated string: pakfire ago = ago.
WARNING: untranslated string: ovpn connection name = Connection Name
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn ha = Hash algorithm
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn ha = Hash algorithm
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn no connections = No active OpenVPN connections
WARNING: untranslated string: ovpn port in root range = A port number of 1024 or higher is required.
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn ha = Hash algorithm
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn no connections = No active OpenVPN connections
WARNING: untranslated string: ovpn port in root range = A port number of 1024 or higher is required.
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn connection name = Connection Name
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
-WARNING: untranslated string: ovpn if ncp is disabled we must have cipher = If you want to disable cipher negotiation, you will have to select a fallback cipher.
+WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server
WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
< ovpn ciphers
< ovpn fallback cipher
< ovpn fallback cipher help
-< ovpn if ncp is disabled we must have cipher
+< ovpn no cipher selected
< ovpn roadwarrior server
< ovpn unsupported cipher selected
< quality of service
< ovpn ciphers
< ovpn fallback cipher
< ovpn fallback cipher help
-< ovpn if ncp is disabled we must have cipher
+< ovpn no cipher selected
< ovpn unsupported cipher selected
< quality of service
############################################################################
< ovpn ciphers
< ovpn fallback cipher
< ovpn fallback cipher help
-< ovpn if ncp is disabled we must have cipher
+< ovpn no cipher selected
< ovpn roadwarrior server
< ovpn unsupported cipher selected
< password has quotation mark
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
-< ovpn if ncp is disabled we must have cipher
+< ovpn no cipher selected
< ovpn roadwarrior server
< ovpn rw connection log
< ovpn tls auth
< ovpn fallback cipher help
< ovpn generating the root and host certificates
< ovpn ha
-< ovpn if ncp is disabled we must have cipher
+< ovpn no cipher selected
< ovpn reneg sec
< ovpn roadwarrior server
< ovpn rw connection log
< ovpn fallback cipher help
< ovpn generating the root and host certificates
< ovpn ha
-< ovpn if ncp is disabled we must have cipher
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< ovpn mtu-disc off
< ovpn mtu-disc with mssfix or fragment
< ovpn mtu-disc yes
+< ovpn no cipher selected
< ovpn no connections
< ovpn port in root range
< ovpn reneg sec
< ovpn fallback cipher help
< ovpn generating the root and host certificates
< ovpn ha
-< ovpn if ncp is disabled we must have cipher
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< ovpn mtu-disc off
< ovpn mtu-disc with mssfix or fragment
< ovpn mtu-disc yes
+< ovpn no cipher selected
< ovpn no connections
< ovpn port in root range
< ovpn reneg sec
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
-< ovpn if ncp is disabled we must have cipher
+< ovpn no cipher selected
< ovpn roadwarrior server
< ovpn rw connection log
< ovpn tls auth
$vpnsettings{'TLSAUTH'} = $cgiparams{'TLSAUTH'};
my @temp=();
- # If NCP is disabled, we need the fallback cipher
- if ($cgiparams{'DATACIPHERS'} eq '' && $cgiparams{'DCIPHER'} eq '') {
- $errormessage = $Lang::tr{'ovpn if ncp is disabled we must have cipher'};
+ # We must have at least one cipher selected
+ if ($cgiparams{'DATACIPHERS'} eq '') {
+ $errormessage = $Lang::tr{'ovpn no cipher selected'};
goto ADV_ERROR;
}
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";
}
- # Cryptography
-
- # If no data ciphers have been selected, we try to use the fallback cipher
- if ($vpnsettings{'DATACIPHERS'} eq '') {
- print CLIENTCONF "ncp-disable\r\n";
-
- if ($vpnsettings{'DCIPHER'} ne '') {
- print CLIENTCONF "cipher $vpnsettings{'DCIPHER'}\r\n";
- }
- } else {
- # Otherwise we don't write anything because the server and client will negotiate
- }
+ # We no longer send any cryptographic configuration since 2.6.
+ # That way, we will be able to push this from the server.
+ # Therefore we always mandate NCP for new clients.
print CLIENTCONF "auth $vpnsettings{'DAUTH'}\r\n";
</td>
<td>
- <select name='DATACIPHERS' multiple>
+ <select name='DATACIPHERS' multiple required>
END
foreach my $cipher (@SUPPORTED_CIPHERS) {
'ovpn fallback cipher help' => 'This cipher is being used by clients that do not support cipher negotiation.',
'ovpn generating the root and host certificates' => 'Generating the root and host certificate can take a long time.',
'ovpn ha' => 'Hash algorithm',
-'ovpn if ncp is disabled we must have cipher' => 'If you want to disable cipher negotiation, you will have to select a fallback cipher.',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'ovpn mtu-disc off' => 'Disabled',
'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery cannot be used with mssfix or fragment.',
'ovpn mtu-disc yes' => 'Forced',
+'ovpn no cipher selected' => 'No cipher selected',
'ovpn no connections' => 'No active OpenVPN connections',
'ovpn on blue' => 'OpenVPN on BLUE:',
'ovpn on orange' => 'OpenVPN on ORANGE:',
projects / ipfire-2.x.git / commitdiff
