cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yas...@apache.org
Subject git commit: CS-15649: Remove DES from s2s vpn support policy
Date Fri, 20 Jul 2012 17:53:49 GMT
Updated Branches:
  refs/heads/vpc c0fcca399 -> e9ae7336c


CS-15649: Remove DES from s2s vpn support policy

DES is considered INSECURE.


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/e9ae7336
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/e9ae7336
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/e9ae7336

Branch: refs/heads/vpc
Commit: e9ae7336c1ceba8d81dd4ee034e7e7c3af09578a
Parents: c0fcca3
Author: Sheng Yang <sheng.yang@citrix.com>
Authored: Fri Jul 20 10:50:48 2012 -0700
Committer: Sheng Yang <sheng.yang@citrix.com>
Committed: Fri Jul 20 10:53:42 2012 -0700

----------------------------------------------------------------------
 utils/src/com/cloud/utils/net/NetUtils.java      |    2 +-
 utils/test/com/cloud/utils/net/NetUtilsTest.java |    4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/e9ae7336/utils/src/com/cloud/utils/net/NetUtils.java
----------------------------------------------------------------------
diff --git a/utils/src/com/cloud/utils/net/NetUtils.java b/utils/src/com/cloud/utils/net/NetUtils.java
index fe3dedc..e84a7e2 100755
--- a/utils/src/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/com/cloud/utils/net/NetUtils.java
@@ -1080,7 +1080,7 @@ public class NetUtils {
             }
             String cipher = list[0];
             String hash = list[1];
-            if (!cipher.matches("des|3des|aes|aes128|aes256")) {
+            if (!cipher.matches("3des|aes|aes128|aes256")) {
                 return false;
             }
             if (!hash.matches("md5|sha1")) {

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/e9ae7336/utils/test/com/cloud/utils/net/NetUtilsTest.java
----------------------------------------------------------------------
diff --git a/utils/test/com/cloud/utils/net/NetUtilsTest.java b/utils/test/com/cloud/utils/net/NetUtilsTest.java
index b187b55..67465d7 100644
--- a/utils/test/com/cloud/utils/net/NetUtilsTest.java
+++ b/utils/test/com/cloud/utils/net/NetUtilsTest.java
@@ -55,10 +55,12 @@ public class NetUtilsTest extends TestCase {
 
     public void testVpnPolicy() {
         assertTrue(NetUtils.isValidS2SVpnPolicy("aes-sha1"));
+        assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1"));
+        assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1"));
         assertFalse(NetUtils.isValidS2SVpnPolicy("des-md5;modp1024"));
         assertFalse(NetUtils.isValidS2SVpnPolicy("des-md5;modp1024,aes-sha1;modp1536"));
         assertFalse(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1;modp1536"));
-        assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1"));
+        assertFalse(NetUtils.isValidS2SVpnPolicy("des-sha1"));
         assertFalse(NetUtils.isValidS2SVpnPolicy("abc-123,ase-sha1"));
         assertFalse(NetUtils.isValidS2SVpnPolicy("de-sh,aes-sha1"));
         assertFalse(NetUtils.isValidS2SVpnPolicy(""));


Mime
View raw message