diff options
| author | Ermal LUÇI <eri@pfsense.org> | 2015-04-20 20:53:00 +0200 |
|---|---|---|
| committer | Ermal LUÇI <eri@pfsense.org> | 2015-04-20 20:53:00 +0200 |
| commit | 7a747654e9ef5b4cec7184c770a24bd1e184ea6e (patch) | |
| tree | 497563b3b10206090745e3b56d508f77f36bcfe9 /etc | |
| parent | 162d7d2316acd6b4bb2818e591781e8d9d6a2195 (diff) | |
| download | pfsense-7a747654e9ef5b4cec7184c770a24bd1e184ea6e.zip pfsense-7a747654e9ef5b4cec7184c770a24bd1e184ea6e.tar.gz | |
Allow to configure new modes for phase1 according to RFC 5903 by manually merging pull request #1501 partially. While here preserve style.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/ipsec.inc | 3 | ||||
| -rw-r--r-- | etc/inc/vpn.inc | 9 |
2 files changed, 12 insertions, 0 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index ef47b15..5196236 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -105,6 +105,9 @@ $p1_dhgroups = array( 16 => '16 (4096 bit)', 17 => '17 (6144 bit)', 18 => '18 (8192 bit)', + 19 => '19 (nist ecp256)', + 20 => '20 (nist ecp384)', + 21 => '21 (nist ecp521)', 22 => '22 (1024(sub 160) bit)', 23 => '23 (2048(sub 224) bit)', 24 => '24 (2048(sub 256) bit)' diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index a9c50aa..83e8397 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -91,6 +91,15 @@ function vpn_ipsec_convert_to_modp($index) case '18': $convertion = "modp8192"; break; + case '19': + $convertion = "ecp256"; + break; + case '20': + $convertion = "ecp384"; + break; + case '21': + $convertion = "ecp512"; + break; } return $convertion; |
