pluto aborts if no SHA-1 and MD5 hashers are present

2025-10-05 00:00:45 -04:00 · 2009-05-15 15:23:16 +02:00 · 2009-05-15 15:23:16 +02:00 · b73c5526da
commit b73c5526da
parent d43cfda7dd
1 changed files with 42 additions and 29 deletions
--- a/src/pluto/crypto.c
+++ b/src/pluto/crypto.c
@ -59,7 +59,49 @@ void init_crypto(void)
 	enumerator_t *enumerator;
 	encryption_algorithm_t encryption_alg;
 	hash_algorithm_t hash_alg;
+	bool no_md5  = TRUE;
+	bool no_sha1 = TRUE;

+	enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
+	while (enumerator->enumerate(enumerator, &hash_alg))
+	{
+		const struct hash_desc *desc;
+
+		switch (hash_alg)
+		{
+			case HASH_SHA1:
+				desc = &hash_desc_sha1;
+				no_sha1 = FALSE;
+				break;
+			case HASH_SHA256:
+				desc = &hash_desc_sha2_256;
+				break;
+			case HASH_SHA384:
+				desc = &hash_desc_sha2_384;
+				break;
+			case HASH_SHA512:
+				desc = &hash_desc_sha2_512;
+				break;
+			case HASH_MD5:
+				desc = &hash_desc_md5;
+				no_md5 = FALSE;
+				break;
+			default:
+				continue;
+		}
+		ike_alg_add((struct ike_alg *)desc);
+	}
+	enumerator->destroy(enumerator);
+
+	if (no_sha1)
+	{
+		exit_log("pluto cannot run without a SHA-1 hasher");
+	}
+	if (no_md5)
+	{
+		exit_log("pluto cannot run without an MD5 hasher");
+	}
+		
 	enumerator = lib->crypto->create_crypter_enumerator(lib->crypto);
 	while (enumerator->enumerate(enumerator, &encryption_alg))
 	{
@ -90,35 +132,6 @@ void init_crypto(void)
 	}
 	enumerator->destroy(enumerator);

-	enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
-	while (enumerator->enumerate(enumerator, &hash_alg))
-	{
-		const struct hash_desc *desc;
-
-		switch (hash_alg)
-		{
-			case HASH_SHA1:
-				desc = &hash_desc_sha1;
-				break;
-			case HASH_SHA256:
-				desc = &hash_desc_sha2_256;
-				break;
-			case HASH_SHA384:
-				desc = &hash_desc_sha2_384;
-				break;
-			case HASH_SHA512:
-				desc = &hash_desc_sha2_512;
-				break;
-			case HASH_MD5:
-				desc = &hash_desc_md5;
-				break;
-			default:
-				continue;
-		}
-		ike_alg_add((struct ike_alg *)desc);
-	}
-	enumerator->destroy(enumerator);
-
 	if (mpz_init_set_str(&groupgenerator, MODP_GENERATOR, 10) != 0
 	 || mpz_init_set_str(&modp1024_modulus, MODP1024_MODULUS, 16) != 0
 	 || mpz_init_set_str(&modp1536_modulus, MODP1536_MODULUS, 16) != 0