vpnmain.cgi: Rewrite algorithm generation code

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index b25cb6ade2e7e277a83794f8d7f80459a00817ef..55566d7cfb8ffa9df59c85dd4ab615ce8a162bc3 100644 (file)
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -310,67 +310,33 @@ sub writeipsecfiles {
 
        # Algorithms
        if ($lconfighash{$key}[18] && $lconfighash{$key}[19] && $lconfighash{$key}[20]) {
-           print CONF "\tike=";
-           my @encs   = split('\|', $lconfighash{$key}[18]);
-           my @ints   = split('\|', $lconfighash{$key}[19]);
-           my @groups = split('\|', $lconfighash{$key}[20]);
-           my $comma = 0;
-           foreach my $i (@encs) {
-               foreach my $j (@ints) {
-                   foreach my $k (@groups) {
-                       if ($comma != 0) { print CONF ","; } else { $comma = 1; }
-
-                       my @l = split("", $k);
-                       if ($l[0] eq "e") {
-                           shift @l;
-                           print CONF "$i-$j-ecp".join("", @l);
-                       } else {
-                           print CONF "$i-$j-modp$k";
-                       }
-                   }
-               }
-           }
-           if ($lconfighash{$key}[24] eq 'on') {       #only proposed algorythms?
-               print CONF "!\n";
-           } else {
-               print CONF "\n";
-           }
+               my @encs   = split('\|', $lconfighash{$key}[18]);
+               my @ints   = split('\|', $lconfighash{$key}[19]);
+               my @groups = split('\|', $lconfighash{$key}[20]);
+
+               my @algos = &make_algos("ike", \@encs, \@ints, \@groups, 1);
+               print CONF "\tike=" . join(",", @algos);
+
+               if ($lconfighash{$key}[24] eq 'on') {   #only proposed algorythms?
+                       print CONF "!\n";
+               } else {
+                       print CONF "\n";
+               }
        }
+
        if ($lconfighash{$key}[21] && $lconfighash{$key}[22]) {
-           print CONF "\tesp=";
-           my @encs   = split('\|', $lconfighash{$key}[21]);
-           my @ints   = split('\|', $lconfighash{$key}[22]);
-           my @groups = split('\|', $lconfighash{$key}[20]);
-           my $comma = 0;
-           foreach my $i (@encs) {
-               foreach my $j (@ints) {
-                       my $modp = "";
-                       if ($pfs eq "on") {
-                               foreach my $k (@groups) {
-                                   if ($comma != 0) { print CONF ","; } else { $comma = 1; }
-                                   if ($pfs eq "on") {
-                                       my @l = split("", $k);
-                                       if ($l[0] eq "e") {
-                                               $modp = "";
-                                       } else {
-                                               $modp = "-modp$k";
-                                       }
-                                   } else {
-                                       $modp = "";
-                                   }
-                                   print CONF "$i-$j$modp";
-                               }
-                       } else {
-                               if ($comma != 0) { print CONF ","; } else { $comma = 1; }
-                               print CONF "$i-$j";
-                       }
+               my @encs   = split('\|', $lconfighash{$key}[21]);
+               my @ints   = split('\|', $lconfighash{$key}[22]);
+               my @groups = split('\|', $lconfighash{$key}[20]);
+
+               my @algos = &make_algos("esp", \@encs, \@ints, \@groups, ($pfs eq "on"));
+               print CONF "\tesp=" . join(",", @algos);
+
+               if ($lconfighash{$key}[24] eq 'on') {   #only proposed algorythms?
+                       print CONF "!\n";
+               } else {
+                       print CONF "\n";
                }
-           }
-           if ($lconfighash{$key}[24] eq 'on') {       #only proposed algorythms?
-               print CONF "!\n";
-           } else {
-               print CONF "\n";
-           }
        }
 
        # IKE V1 or V2
@@ -3025,3 +2991,54 @@ END
     &Header::closebox();
     &Header::closebigbox();
     &Header::closepage();
+
+sub array_unique($) {
+       my $array = shift;
+       my @unique = ();
+
+       my %seen = ();
+       foreach my $e (@$array) {
+               next if $seen{$e}++;
+               push(@unique, $e);
+       }
+
+       return @unique;
+}
+
+sub make_algos($$$$$) {
+       my ($mode, $encs, $ints, $grps, $pfs) = @_;
+       my @algos = ();
+
+       foreach my $enc (@$encs) {
+               foreach my $int (@$ints) {
+                       foreach my $grp (@$grps) {
+                               my @algo = ($enc);
+
+                               my $is_aead = ($enc =~ m/[cg]cm/);
+                               if (!$is_aead) {
+                                       push(@algo, $int);
+                               }
+
+                               if ($mode eq "ike") {
+                                       if ($grp =~ m/^e(\d+)/) {
+                                               push(@algo, "ecp$1");
+                                       } else {
+                                               push(@algo, "modp$grp");
+                                       }
+                               }
+
+                               if ($mode eq "esp" && $pfs) {
+                                       if ($grp =~ m/^e\d+/) {
+                                               push(@algo, $grp);
+                                       } else {
+                                               push(@algo, "modp$grp");
+                                       }
+                               }
+
+                               push(@algos, join("-", @algo));
+                       }
+               }
+       }
+
+       return &array_unique(\@algos);
+}