|
|
@@ -6,10 +6,10 @@ log to syslog level info;
|
|
|
|
|
|
interface "{{ site }}_{{ network }}";
|
|
|
|
|
|
-{%- if 'aes' in grains['cpu_flags'] %}
|
|
|
-method "aes128-ctr+umac";
|
|
|
+{%- if 'aes' in grains.cpu_flags and grains.oscodename not in [ "stretch" ] %}
|
|
|
+method "aes128-gcm";
|
|
|
{%- else %}
|
|
|
-#method "aes128-ctr+umac"; # Not supported by CPU on this machine
|
|
|
+#method "aes128-gcm"; # - Not supported by CPU on this machine
|
|
|
{%- endif %}
|
|
|
method "salsa2012+umac";
|
|
|
|
