allow private algorithms
[strongswan.git] / src / libcharon / sa / ikev1 / tasks / main_mode.c
index a7be229..53c3874 100755 (executable)
@@ -322,6 +322,7 @@ METHOD(task_t, process_r, status_t,
                {
                        linked_list_t *list;
                        sa_payload_t *sa_payload;
+                       bool private;
 
                        this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
                        DBG0(DBG_IKE, "%H is initiating a Main Mode IKE_SA",
@@ -345,8 +346,10 @@ METHOD(task_t, process_r, status_t,
                        }
 
                        list = sa_payload->get_proposals(sa_payload);
+                       private = this->ike_sa->supports_extension(this->ike_sa,
+                                                                                                                  EXT_STRONGSWAN);
                        this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
-                                                                                                                       list, FALSE);
+                                                                                                                       list, private);
                        list->destroy_offset(list, offsetof(proposal_t, destroy));
                        if (!this->proposal)
                        {
@@ -523,6 +526,7 @@ METHOD(task_t, process_i, status_t,
                        sa_payload_t *sa_payload;
                        auth_method_t method;
                        u_int32_t lifetime;
+                       bool private;
 
                        sa_payload = (sa_payload_t*)message->get_payload(message,
                                                                                                        SECURITY_ASSOCIATION_V1);
@@ -532,8 +536,10 @@ METHOD(task_t, process_i, status_t,
                                return send_notify(this, INVALID_PAYLOAD_TYPE);
                        }
                        list = sa_payload->get_proposals(sa_payload);
+                       private = this->ike_sa->supports_extension(this->ike_sa,
+                                                                                                                  EXT_STRONGSWAN);
                        this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
-                                                                                                                       list, FALSE);
+                                                                                                                       list, private);
                        list->destroy_offset(list, offsetof(proposal_t, destroy));
                        if (!this->proposal)
                        {