sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

ikev1: Determine transform ID before mapping integrity algorithm ID

Browse Source 
Due to the lookup based on the mapped algorithm ID the resulting AH
proposals were invalid.

Fixes #2347.

Fixes: 8456d6f5a8e9 ("ikev1: Don't require AH mapping for integrity algorithm when generating proposal")
This commit is contained in:
Tobias Brunner 2017-05-30 18:23:12 +02:00
parent 1aba82bfd7
commit 5d580ae063
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libcharon/encoding/payloads/proposal_substructure.c
View File

@ -1360,10 +1360,10 @@ static void set_from_proposal_v1(private_proposal_substructure_t *this,
enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
if (enumerator->enumerate(enumerator, &alg, &key_size))
{
transid = get_ikev1_transid_from_alg(INTEGRITY_ALGORITHM, alg);
alg = get_ikev1_auth_from_alg(alg);
if (alg)
{
transid = get_ikev1_transid_from_alg(INTEGRITY_ALGORITHM, alg);
if (!transform && transid)
{
transform = transform_substructure_create_type(