diff options
author | Pierre POMES <pierre.pomes@gmail.com> | 2012-05-26 08:43:55 -0400 |
---|---|---|
committer | Pierre POMES <pierre.pomes@gmail.com> | 2012-05-26 08:43:55 -0400 |
commit | b20a5cdb2e64b7a8d00cce2ea3852a3495393e95 (patch) | |
tree | 8d3271488515190e6499e811a2f52dc434722cc8 /usr/local/www | |
parent | 2f8782fe42f50018491279bba74db54e5bfffeed (diff) | |
download | pfsense-b20a5cdb2e64b7a8d00cce2ea3852a3495393e95.zip pfsense-b20a5cdb2e64b7a8d00cce2ea3852a3495393e95.tar.gz |
Ticket #2455: do not check encryption algo for AH protocol
Diffstat (limited to 'usr/local/www')
-rw-r--r-- | usr/local/www/vpn_ipsec_phase2.php | 29 |
1 files changed, 17 insertions, 12 deletions
diff --git a/usr/local/www/vpn_ipsec_phase2.php b/usr/local/www/vpn_ipsec_phase2.php index a97f7d5..2bfd905 100644 --- a/usr/local/www/vpn_ipsec_phase2.php +++ b/usr/local/www/vpn_ipsec_phase2.php @@ -207,11 +207,14 @@ if ($_POST) { } } } - - $ealgos = pconfig_to_ealgos($pconfig); - if (!count($ealgos)) { - $input_errors[] = gettext("At least one encryption algorithm must be selected."); + /* For ESP protocol, handle encryption algorithms */ + if ( $pconfig['proto'] == "esp") { + $ealgos = pconfig_to_ealgos($pconfig); + + if (!count($ealgos)) { + $input_errors[] = gettext("At least one encryption algorithm must be selected."); + } } if (($_POST['lifetime'] && !is_numeric($_POST['lifetime']))) { $input_errors[] = gettext("The P2 lifetime must be an integer."); @@ -558,7 +561,7 @@ function change_protocol() { <?php foreach ($p2_ealgos as $algo => $algodata): $checked = ''; - if (in_array($algo,$pconfig['ealgos'])) + if (is_array($pconfig['ealgos']) && in_array($algo,$pconfig['ealgos'])) $checked = " checked"; ?> <tr> @@ -701,13 +704,15 @@ function pconfig_to_ealgos(& $pconfig) { global $p2_ealgos; $ealgos = array(); - foreach ($p2_ealgos as $algo_name => $algo_data) { - if (in_array($algo_name,$pconfig['ealgos'])) { - $ealg = array(); - $ealg['name'] = $algo_name; - if (is_array($algo_data['keysel'])) - $ealg['keylen'] = $_POST["keylen_".$algo_name]; - $ealgos[] = $ealg; + if (is_array($pconfig['ealgos'])) { + foreach ($p2_ealgos as $algo_name => $algo_data) { + if (in_array($algo_name,$pconfig['ealgos'])) { + $ealg = array(); + $ealg['name'] = $algo_name; + if (is_array($algo_data['keysel'])) + $ealg['keylen'] = $_POST["keylen_".$algo_name]; + $ealgos[] = $ealg; + } } } |