admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat: multiple OpenVPN ciphers for negotiation

Browse Source 
- Perfect privacy to accept AES-256-CBC and AES-256-GCM
- Cyberghost default cipher set to AES-256-GCM
- `OPENVPN_CIPHER` accept comma separated cipher values
- Use `ncp-ciphers` for OpenVPN 2.4
This commit is contained in:
Quentin McGaw (desktop)
2021-10-05 20:36:23 +00:00
parent e0e3ca3832
commit ca975b1c01
27 changed files with 101 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/provider/custom/openvpnconf.go
View File

@@ -50,8 +50,8 @@ func modifyConfig(lines []string, connection models.Connection,
strings.HasPrefix(line, "remote "),
strings.HasPrefix(line, "dev "),
// Remove values eventually modified
settings.Cipher != "" && hasPrefixOneOf(line,
"cipher ", "data-ciphers ", "data-ciphers-fallback "),
len(settings.Ciphers) > 0 && hasPrefixOneOf(line,
"cipher ", "ncp-ciphers ", "data-ciphers ", "data-ciphers-fallback "),
settings.Auth != "" && strings.HasPrefix(line, "auth "),
settings.MSSFix > 0 && strings.HasPrefix(line, "mssfix "),
!settings.IPv6 && hasPrefixOneOf(line, "tun-ipv6",
@@ -75,8 +75,8 @@ func modifyConfig(lines []string, connection models.Connection,
modified = append(modified, "auth-user-pass "+constants.OpenVPNAuthConf)
}
modified = append(modified, "verb "+strconv.Itoa(settings.Verbosity))
if settings.Cipher != "" {
modified = append(modified, utils.CipherLines(settings.Cipher, settings.Version)...)
if len(settings.Ciphers) > 0 {
modified = append(modified, utils.CipherLines(settings.Ciphers, settings.Version)...)
}
if settings.Auth != "" {
modified = append(modified, "auth "+settings.Auth)