diff options
author | jim-p <jimp@pfsense.org> | 2013-01-27 14:54:50 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-01-27 14:55:46 -0500 |
commit | 349bf35803271f84960060b2dc13f98346469f89 (patch) | |
tree | c5e9482cd4014a2f0c764d9c6625e4e16e9c1035 /etc/inc | |
parent | be82765a4f1f2bd9bd9561ddbce01c47f923fc1e (diff) | |
download | pfsense-349bf35803271f84960060b2dc13f98346469f89.zip pfsense-349bf35803271f84960060b2dc13f98346469f89.tar.gz |
Display a list of ciphers accelerated by a specific engine. Also, skip engines that are listed but unavailable for direct use.
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/openvpn.inc | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index fc7bf1a..ae9ca0d 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -180,12 +180,31 @@ function openvpn_get_cipherlist() { function openvpn_get_engines() { $openssl_engines = array('none' => 'No Hardware Crypto Acceleration'); - exec("/usr/local/bin/openssl engine", $openssl_engine_output); + exec("/usr/local/bin/openssl engine -t -c", $openssl_engine_output); + $openssl_engine_output = implode("\n", $openssl_engine_output); + $openssl_engine_output = preg_replace("/\\n\\s+/", "|", $openssl_engine_output); + $openssl_engine_output = explode("\n", $openssl_engine_output); + foreach ($openssl_engine_output as $oeo) { + $keep = true; + $details = explode("|", $oeo); + $engine = array_shift($details); $linematch = array(); - preg_match("/\((.*)\)\s(.*)/", $oeo, $linematch); - if ($linematch[1] != "dynamic") - $openssl_engines[$linematch[1]] = $linematch[2]; + preg_match("/\((.*)\)\s(.*)/", $engine, $linematch); + foreach ($details as $dt) { + if (strpos($dt, "unavailable") !== FALSE) + $keep = false; + if (strpos($dt, "available") !== FALSE) + continue; + if (strpos($dt, "[") !== FALSE) + $ciphers = trim($dt, "[]"); + } + if (!empty($ciphers)) + $ciphers = " - " . $ciphers; + if (strlen($ciphers) > 60) + $ciphers = substr($ciphers, 0, 60) . " ... "; + if ($keep) + $openssl_engines[$linematch[1]] = $linematch[2] . $ciphers; } return $openssl_engines; } |