apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CS-15649: Remove DES from s2s vpn support policy

Browse Source 
DES is considered INSECURE.
This commit is contained in:
Sheng Yang 2012-07-20 10:50:48 -07:00
parent c0fcca3990
commit e9ae7336c1
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
utils/src/com/cloud/utils/net/NetUtils.java
View File

@ -1080,7 +1080,7 @@ public class NetUtils {
}
String cipher = list[0];
String hash = list[1];
if (!cipher.matches("des|3des|aes|aes128|aes256")) {
if (!cipher.matches("3des|aes|aes128|aes256")) {
return false;
}
if (!hash.matches("md5|sha1")) {

4
utils/test/com/cloud/utils/net/NetUtilsTest.java
View File

@ -55,10 +55,12 @@ public class NetUtilsTest extends TestCase {
public void testVpnPolicy() {
assertTrue(NetUtils.isValidS2SVpnPolicy("aes-sha1"));
assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1"));
assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1"));
assertFalse(NetUtils.isValidS2SVpnPolicy("des-md5;modp1024"));
assertFalse(NetUtils.isValidS2SVpnPolicy("des-md5;modp1024,aes-sha1;modp1536"));
assertFalse(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1;modp1536"));
assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1"));
assertFalse(NetUtils.isValidS2SVpnPolicy("des-sha1"));
assertFalse(NetUtils.isValidS2SVpnPolicy("abc-123,ase-sha1"));
assertFalse(NetUtils.isValidS2SVpnPolicy("de-sh,aes-sha1"));
assertFalse(NetUtils.isValidS2SVpnPolicy(""));