ALT Linux Bugzilla
– Attachment 21259 Details for
Bug 55846
Не работает алгоритм шифрования по ГОСТ'у
New bug
|
Search
|
[?]
|
Help
Register
|
Log In
[x]
|
Forgot Password
Login:
[x]
|
EN
|
RU
[patch]
Поддержка data-ciphers
alterator-openvpn-server-0.8.8-alt-data-ciphers.patch (text/plain), 6.38 KB, created by
Alexey Volkov
on 2026-05-05 16:26:22 MSK
(
hide
)
Description:
Поддержка data-ciphers
Filename:
MIME Type:
Creator:
Alexey Volkov
Created:
2026-05-05 16:26:22 MSK
Size:
6.38 KB
patch
obsolete
>diff --git a/backend3/openvpn-server b/backend3/openvpn-server >index 06a4cb0..b5fcc95 100755 >--- a/backend3/openvpn-server >+++ b/backend3/openvpn-server >@@ -24,6 +24,7 @@ CACHEDIR="/var/cache/alterator/openvpn-server" > CCDDIR="$CHROOTDIR/$CONFDIR/ccd" > IFACESDIR="$ETCNET_IFACESDIR" > SERVER_NETWORKS_TMP="$CACHEDIR/server_networks.tmp" >+CIPHERS_TMP="$CACHEDIR/ciphers.tmp" > OPENSSL="${OPENSSL:-openssl}" > > # Alternative openvpn patched for GOST support. >@@ -356,6 +357,13 @@ list_bridges() > done > } > >+list_selected_ciphers() >+{ >+ for cipher in $(cat "$CIPHERS_TMP"); do >+ write_enum_item "$cipher" >+ done >+} >+ > ### read client config > read_client_ns_info() > { >@@ -450,7 +458,8 @@ read_server_config() > write_string_param bridge "$(get_bridge "$dev")" > fi > >- write_string_param ciphers "$(get_config_val "$dev" 'cipher')" >+ [ -d "$CACHEDIR" ] || mkdir "$CACHEDIR" >+ [ ! -f "$CIPHERS_TMP" ] && get_config_val "$dev" 'data-ciphers' | tr ':' '\n' > "$CIPHERS_TMP" > write_string_param tls_ciphers "$(get_config_val "$dev" 'tls-cipher')" > write_string_param digests "$(get_config_val "$dev" 'auth')" > else >@@ -782,7 +791,7 @@ status openvpn-status.log > verb 3 > SERVER_CONF_TEMPLATE > >- [ -n "$in_ciphers" ] && echo "cipher $in_ciphers" >> $CACHEDIR/$dev/$OVPNCONFIG >+ [ -f "$CIPHERS_TMP" ] && echo "data-ciphers $(paste -sd: $CIPHERS_TMP)" >> $CACHEDIR/$dev/$OVPNCONFIG > [ -n "$in_tls_ciphers" ] && echo "tls-cipher $in_tls_ciphers" >> $CACHEDIR/$dev/$OVPNCONFIG > [ -n "$in_digests" ] && echo "auth $in_digests" >> $CACHEDIR/$dev/$OVPNCONFIG > >@@ -793,12 +802,7 @@ SERVER_CONF_TEMPLATE > if [ -f "$CRYPTOCOMDIR/lib/engines/libcryptocom.so" ]; then > engine=cryptocom > fi >- cat >> "$CACHEDIR/$dev/$OVPNCONFIG" <<EOF >-engine $engine >-cipher gost89 >-auth gost-mac >-tls-cipher GOST2001-GOST89-GOST89 >-EOF >+ echo "engine $engine" >> "$CACHEDIR/$dev/$OVPNCONFIG" > if [ -x "$GOST_OVPN" ]; then > shell_config_set "$CACHEDIR/$dev/options" OVPN "$GOST_OVPN" > fi >@@ -943,6 +947,16 @@ on_message() > [ -n "$in_server_net" -a -n "$in_server_netmask" ] && > sed -i "/$in_server_net[[:blank:]]\+$in_server_netmask/d" "$SERVER_NETWORKS_TMP" > ;; >+ add-cipher) >+ if [ -n "$in_ciphers" ] && ! grep -Fxq "$in_ciphers" "$CIPHERS_TMP";then >+ echo "$in_ciphers" >> "$CIPHERS_TMP" >+ fi >+ ;; >+ remove-cipher) >+ if [ -n "$in_selected_ciphers" ]; then >+ sed -i "/^$in_selected_ciphers\$/d" "$CIPHERS_TMP" >+ fi >+ ;; > client-ns-domain) > vdev="$(get_cached_vdev)" > if ! check_client_ns "$vdev" "$in_client_name" "$in_client_ns";then >@@ -1003,6 +1017,8 @@ on_message() > ;; > avail_ciphers) list_ciphers | write_enum > ;; >+ selected_ciphers) list_selected_ciphers | write_enum >+ ;; > avail_tls_ciphers) list_tls_ciphers | write_enum > ;; > avail_dhparams) list_dhparams | write_enum >diff --git a/ui/openvpn-server/ajax.scm b/ui/openvpn-server/ajax.scm >index 4b0afea..77ab839 100644 >--- a/ui/openvpn-server/ajax.scm >+++ b/ui/openvpn-server/ajax.scm >@@ -13,6 +13,8 @@ > (form-update-visibility "server_netmask" routed) > (form-update-visibility "add_network" routed) > (form-update-visibility "remove_network" routed) >+ (form-update-visibility "selected_ciphers" routed) >+ (form-update-visibility "add_cipher" routed) > (form-update-visibility "gateway_vpnaddr" (not routed)) > (form-update-visibility "vpnpool_start" (not routed)) > (form-update-visibility "vpnpool_end" (not routed)) >@@ -37,6 +39,7 @@ > (let ((cmd (woo-read-first "/openvpn-server" 'type (form-value "type") 'language (form-value "language")))) > (form-update-enum "server_networks" (woo-list "/openvpn-server/avail_server_networks")) > (form-update-enum "bridge" (woo-list "/openvpn-server/avail_bridges")) >+ (form-update-enum "selected_ciphers" (woo-list "/openvpn-server/selected_ciphers")) > (form-update-value-list > '("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask" > "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "ciphers" "tls_ciphers" "digests" "dhparams") >@@ -65,7 +68,7 @@ > 'operation reason > (form-value-list > '("enabled" "type" "bridge" "port" "server_net" "server_netmask" "vpnnet" "vpnnetmask" >- "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "tls_ciphers" "digests" "dhparams")))))) >+ "gateway_vpnaddr" "vpnpool_start" "vpnpool_end" "lzo" "use_tcp" "language" "ciphers" "selected_ciphers" "tls_ciphers" "digests" "dhparams")))))) > > (define (add-network) > (write-config "add-server-network") >@@ -86,6 +89,14 @@ > 'language (form-value "language")) > (read-config))))) > >+(define (add-cipher) >+ (write-config "add-cipher") >+ (read-config)) >+ >+(define (remove-cipher) >+ (write-config "remove-cipher") >+ (read-config)) >+ > (define (apply-config) > (write-config "apply")) > >@@ -116,10 +127,11 @@ > (form-bind "type" "change" read-config) > (form-bind-upload "upload_button" "click" "ca_cert" on-upload) > (form-bind "server_networks" "change" (lambda() (update-server-net-values (form-value "server_networks")))) >+ (form-bind "ciphers" "change" add-cipher) >+ (form-bind "remove_cipher" "click" remove-cipher) > (form-bind "add_network" "click" add-network) > (form-bind "remove_network" "click" remove-network) > (form-bind "clients_managment" "click" clients-networks-interface) > (form-bind "reset" "click" reset-config) > (form-bind "apply" "click" apply-config) > (form-bind "certificate" "click" certificate-interface)) >- >diff --git a/ui/openvpn-server/index.html b/ui/openvpn-server/index.html >index e1fbd2d..7b550b5 100644 >--- a/ui/openvpn-server/index.html >+++ b/ui/openvpn-server/index.html >@@ -66,9 +66,14 @@ > <td><select name="vpnnetmask"></select></td> > </tr> > <tr> >- <td><span translate="_" name="ciphers">Cipher:</span></td> >+ <td><span translate="_" name="ciphers">Select ciphers:</span></td> > <td><select name="ciphers"></select></td> > </tr> >+ <tr> >+ <td style="vertical-align:top"><span translate="_">Ciphers</span></td> >+ <td colspan="2"><select name="selected_ciphers" size="4" style="width:240px"></select></td> >+ <td><input type="button" class="btn" name="remove_cipher" value="Remove"/></td> >+ </tr> > <tr> > <td><span translate="_" name="tls_ciphers">TLS Cipher:</span></td> > <td><select name="tls_ciphers"></select></td>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=21259">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 55846
: 21259
