From 8212de6f940cdb22d2908907ce7f4ccd035b2abe Mon Sep 17 00:00:00 2001 From: Sheng Yang Date: Tue, 10 Jul 2012 10:30:48 -0700 Subject: [PATCH] CS-15513: Fix group 5 of s2s vpn --- .../com/cloud/network/vpn/Site2SiteVpnManagerImpl.java | 4 ++-- utils/src/com/cloud/utils/net/NetUtils.java | 2 +- utils/test/com/cloud/utils/net/NetUtilsTest.java | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java index 56934e91981..7c367a3737f 100644 --- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java +++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java @@ -110,10 +110,10 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { String ikePolicy = cmd.getIkePolicy(); String espPolicy = cmd.getEspPolicy(); if (!NetUtils.isValidS2SVpnPolicy(ikePolicy)) { - throw new InvalidParameterValueException("The customer gateway IKE policy" + ikePolicy + " is invalid!"); + throw new InvalidParameterValueException("The customer gateway IKE policy " + ikePolicy + " is invalid!"); } if (!NetUtils.isValidS2SVpnPolicy(espPolicy)) { - throw new InvalidParameterValueException("The customer gateway ESP policy" + espPolicy + " is invalid!"); + throw new InvalidParameterValueException("The customer gateway ESP policy " + espPolicy + " is invalid!"); } Long lifetime = cmd.getLifetime(); if (lifetime == null) { diff --git a/utils/src/com/cloud/utils/net/NetUtils.java b/utils/src/com/cloud/utils/net/NetUtils.java index 070362dc57a..0dfeee7cf41 100755 --- a/utils/src/com/cloud/utils/net/NetUtils.java +++ b/utils/src/com/cloud/utils/net/NetUtils.java @@ -1082,7 +1082,7 @@ public class NetUtils { if (!hash.matches("md5|sha1")) { return false; } - if (pfsGroup != null && !pfsGroup.matches("modp768|modp1024|modp2048")) { + if (pfsGroup != null && !pfsGroup.matches("modp1024|modp1536")) { return false; } } diff --git a/utils/test/com/cloud/utils/net/NetUtilsTest.java b/utils/test/com/cloud/utils/net/NetUtilsTest.java index 3242793479b..e73e08f4ef6 100644 --- a/utils/test/com/cloud/utils/net/NetUtilsTest.java +++ b/utils/test/com/cloud/utils/net/NetUtilsTest.java @@ -51,14 +51,14 @@ public class NetUtilsTest extends TestCase { public void testVpnPolicy() { assertTrue(NetUtils.isValidS2SVpnPolicy("aes-sha1")); - assertTrue(NetUtils.isValidS2SVpnPolicy("des-md5;modp768")); - assertTrue(NetUtils.isValidS2SVpnPolicy("des-md5;modp768,aes-sha1;modp2048")); - assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1;modp2048")); + assertTrue(NetUtils.isValidS2SVpnPolicy("des-md5;modp1024")); + assertTrue(NetUtils.isValidS2SVpnPolicy("des-md5;modp1024,aes-sha1;modp1536")); + assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1;modp1536")); assertTrue(NetUtils.isValidS2SVpnPolicy("3des-sha1,aes-sha1")); assertFalse(NetUtils.isValidS2SVpnPolicy("abc-123,ase-sha1")); assertFalse(NetUtils.isValidS2SVpnPolicy("de-sh,aes-sha1")); assertFalse(NetUtils.isValidS2SVpnPolicy("")); - assertFalse(NetUtils.isValidS2SVpnPolicy(";modp2048")); - assertFalse(NetUtils.isValidS2SVpnPolicy(",aes;modp2048,,,")); + assertFalse(NetUtils.isValidS2SVpnPolicy(";modp1536")); + assertFalse(NetUtils.isValidS2SVpnPolicy(",aes;modp1536,,,")); } }