etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloudstack/framework
History
Abhisar Sinha 002d9768b2
Add settings to mark cryptographic algorithms in vpn customer gateways as excluded or obsolete (#12193) 
This PR introduces several configuration settings using which an operator can mark certain cryptographic algorithms and parameters as excluded or obsolete for VPN Customer Gateway creation for Site-to-Site VPN.

Cloud providers following modern security frameworks (e.g., ISO 27001/27017) are required to enforce and communicate approved cryptographic standards. CloudStack currently accepts several weak or deprecated algorithms without guidance to users. This PR closes that gap by giving operators explicit control over what is disallowed vs discouraged, improving security posture without breaking existing deployments.

These settings are:

1. vpn.customer.gateway.excluded.encryption.algorithms
2. vpn.customer.gateway.excluded.hashing.algorithms
3. vpn.customer.gateway.excluded.ike.versions
4. vpn.customer.gateway.excluded.dh.group
5. vpn.customer.gateway.obsolete.encryption.algorithms
6. vpn.customer.gateway.obsolete.hashing.algorithms
7. vpn.customer.gateway.obsolete.ike.versions
8. vpn.customer.gateway.obsolete.dh.group
 		2026-01-19 13:18:37 +05:30
..
agent-lb Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
ca Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
cluster Merge branch '4.22' 2025-12-22 14:13:50 +01:00
config Add settings to mark cryptographic algorithms in vpn customer gateways as excluded or obsolete (#12193) 2026-01-19 13:18:37 +05:30
db removed code in comments (#11145) 2025-12-08 16:31:48 +01:00
direct-download Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
events Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
extensions Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
ipc removed code in comments (#11145) 2025-12-08 16:31:48 +01:00
jobs removed code in comments (#11145) 2025-12-08 16:31:48 +01:00
managed-context Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
quota Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
rest Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
security Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
spring Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30
pom.xml Updating pom.xml version numbers for release 4.23.0.0-SNAPSHOT 2025-11-05 16:54:39 +05:30