Added Camellia, AES-CTR to default IKE proposal, if supported
[strongswan.git] / src / libcharon / config / proposal.c
index f2a34f2..2308ce7 100644 (file)
@@ -777,20 +777,24 @@ static void proposal_add_supported_ike(private_proposal_t *this)
                switch (encryption)
                {
                        case ENCR_AES_CBC:
+                       case ENCR_AES_CTR:
+                       case ENCR_CAMELLIA_CBC:
+                       case ENCR_CAMELLIA_CTR:
                                /* we assume that we support all AES sizes */
                                add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 128);
                                add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 192);
                                add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256);
                                break;
                        case ENCR_3DES:
-                       case ENCR_AES_CTR:
+                               add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 0);
+                               break;
                        case ENCR_AES_CCM_ICV8:
                        case ENCR_AES_CCM_ICV12:
                        case ENCR_AES_CCM_ICV16:
                        case ENCR_AES_GCM_ICV8:
                        case ENCR_AES_GCM_ICV12:
                        case ENCR_AES_GCM_ICV16:
-                               add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 0);
+                               /* not yet in IKE */
                                break;
                        case ENCR_DES:
                                /* no, thanks */
@@ -858,6 +862,9 @@ static void proposal_add_supported_ike(private_proposal_t *this)
                        case ECP_256_BIT:
                        case ECP_384_BIT:
                        case ECP_521_BIT:
+                       case MODP_1024_160:
+                       case MODP_2048_224:
+                       case MODP_2048_256:
                        case ECP_192_BIT:
                        case ECP_224_BIT:
                                add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0);