Feat: multiple OpenVPN ciphers for negotiation

- Perfect privacy to accept AES-256-CBC and AES-256-GCM - Cyberghost default cipher set to AES-256-GCM - `OPENVPN_CIPHER` accept comma separated cipher values - Use `ncp-ciphers` for OpenVPN 2.4
2021-10-05 20:36:23 +00:00
parent e0e3ca3832
commit ca975b1c01
27 changed files with 101 additions and 94 deletions
--- a/internal/provider/utils/cipher.go
+++ b/internal/provider/utils/cipher.go
@@ -1,17 +1,22 @@
 package utils

 import (
+	"strings"
+
 	"github.com/qdm12/gluetun/internal/constants"
 )

-func CipherLines(cipher, version string) (lines []string) {
+func CipherLines(ciphers []string, version string) (lines []string) {
 	switch version {
 	case constants.Openvpn24:
-		return []string{"cipher " + cipher}
+		return []string{
+			"cipher " + ciphers[0],
+			"ncp-ciphers " + strings.Join(ciphers, ":"),
+		}
 	default: // 2.5 and above
 		return []string{
-			"data-ciphers-fallback " + cipher,
-			"data-ciphers " + cipher,
+			"data-ciphers-fallback " + ciphers[0],
+			"data-ciphers " + strings.Join(ciphers, ":"),
 		}
 	}
 }