admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat: multiple OpenVPN ciphers for negotiation

Browse Source 
- Perfect privacy to accept AES-256-CBC and AES-256-GCM
- Cyberghost default cipher set to AES-256-GCM
- `OPENVPN_CIPHER` accept comma separated cipher values
- Use `ncp-ciphers` for OpenVPN 2.4
This commit is contained in:
Quentin McGaw (desktop)
2021-10-05 20:36:23 +00:00
parent e0e3ca3832
commit ca975b1c01
27 changed files with 101 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/configuration/openvpn.go
View File

@@ -19,7 +19,7 @@ type OpenVPN struct {
Flags []string `json:"flags"`
MSSFix uint16 `json:"mssfix"`
Root bool `json:"run_as_root"`
Cipher string `json:"cipher"`
Ciphers []string `json:"ciphers"`
Auth string `json:"auth"`
ConfFile string `json:"conf_file"`
Version string `json:"version"`
@@ -52,8 +52,8 @@ func (settings *OpenVPN) lines() (lines []string) {
lines = append(lines, indent+lastIndent+"Run as root: enabled")
}
if len(settings.Cipher) > 0 {
lines = append(lines, indent+lastIndent+"Custom cipher: "+settings.Cipher)
if len(settings.Ciphers) > 0 {
lines = append(lines, indent+lastIndent+"Custom ciphers: "+commaJoin(settings.Ciphers))
}
if len(settings.Auth) > 0 {
lines = append(lines, indent+lastIndent+"Custom auth algorithm: "+settings.Auth)
@@ -132,7 +132,7 @@ func (settings *OpenVPN) read(r reader, serviceProvider string) (err error) {
return fmt.Errorf("environment variable OPENVPN_ROOT: %w", err)
}
settings.Cipher, err = r.env.Get("OPENVPN_CIPHER")
settings.Ciphers, err = r.env.CSV("OPENVPN_CIPHER")
if err != nil {
return fmt.Errorf("environment variable OPENVPN_CIPHER: %w", err)
}