diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-11-08 13:50:14 +0100 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-11-14 16:20:51 +0100 |
commit | 99c03e9a110d1adfeab83274b40a5c78f63b4c5f (patch) | |
tree | 27936f4dee37de65fca005437ab9d15edbfee137 /testing/tests/swanctl/config-payload/hosts/carol/etc | |
parent | 549b325d9d4504efe9a189328638225e9fcaad3a (diff) | |
download | strongswan-99c03e9a110d1adfeab83274b40a5c78f63b4c5f.tar.bz2 strongswan-99c03e9a110d1adfeab83274b40a5c78f63b4c5f.tar.xz |
testing: make curve25519 the default DH group
Diffstat (limited to 'testing/tests/swanctl/config-payload/hosts/carol/etc')
-rwxr-xr-x | testing/tests/swanctl/config-payload/hosts/carol/etc/strongswan.conf | 2 | ||||
-rwxr-xr-x | testing/tests/swanctl/config-payload/hosts/carol/etc/swanctl/swanctl.conf | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/testing/tests/swanctl/config-payload/hosts/carol/etc/strongswan.conf b/testing/tests/swanctl/config-payload/hosts/carol/etc/strongswan.conf index 7d7e5f9f5..1f367c2a0 100755 --- a/testing/tests/swanctl/config-payload/hosts/carol/etc/strongswan.conf +++ b/testing/tests/swanctl/config-payload/hosts/carol/etc/strongswan.conf @@ -5,7 +5,7 @@ swanctl { } charon { - load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici + load = random nonce aes sha1 sha2 hmac pem pkcs1 x509 revocation curve25519 gmp curl kernel-netlink socket-default updown vici start-scripts { creds = /usr/local/sbin/swanctl --load-creds diff --git a/testing/tests/swanctl/config-payload/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/config-payload/hosts/carol/etc/swanctl/swanctl.conf index f1a76db62..b97935ad5 100755 --- a/testing/tests/swanctl/config-payload/hosts/carol/etc/swanctl/swanctl.conf +++ b/testing/tests/swanctl/config-payload/hosts/carol/etc/swanctl/swanctl.conf @@ -19,10 +19,10 @@ connections { remote_ts = 10.1.0.0/16 updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128gcm128-modp3072 + esp_proposals = aes128gcm128-curve25519 } } version = 2 - proposals = aes128-sha256-modp3072 + proposals = aes128-sha256-curve25519 } } |