admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat: multiple OpenVPN ciphers for negotiation

Browse Source 
- Perfect privacy to accept AES-256-CBC and AES-256-GCM
- Cyberghost default cipher set to AES-256-GCM
- `OPENVPN_CIPHER` accept comma separated cipher values
- Use `ncp-ciphers` for OpenVPN 2.4
This commit is contained in:
Quentin McGaw (desktop)
2021-10-05 20:36:23 +00:00
parent e0e3ca3832
commit ca975b1c01
27 changed files with 101 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
internal/provider/utils/cipher_test.go
View File

@@ -9,24 +9,31 @@ import (
func Test_CipherLines(t *testing.T) {
t.Parallel()
testCases := map[string]struct {
ciphers []string
version string
lines []string
}{
"empty version": {
ciphers: []string{"AES"},
lines: []string{
"data-ciphers-fallback AES",
"data-ciphers AES",
},
},
"2.4": {
ciphers: []string{"AES", "CBC"},
version: "2.4",
lines: []string{"cipher AES"},
lines: []string{
"cipher AES",
"ncp-ciphers AES:CBC",
},
},
"2.5": {
ciphers: []string{"AES", "CBC"},
version: "2.5",
lines: []string{
"data-ciphers-fallback AES",
"data-ciphers AES",
"data-ciphers AES:CBC",
},
},
}
@@ -35,9 +42,7 @@ func Test_CipherLines(t *testing.T) {
t.Run(name, func(t *testing.T) {
t.Parallel()
const cipher = "AES"
lines := CipherLines(cipher, testCase.version)
lines := CipherLines(testCase.ciphers, testCase.version)
assert.Equal(t, testCase.lines, lines)
})