projects / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 774c8c3) | patch
ikev1: Assume a default key length of 128-bit for AES-CBC
authorTobias Brunner <tobias@strongswan.org>
Thu, 13 Aug 2015 16:54:34 +0000 (18:54 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 17 Aug 2015 15:13:50 +0000 (17:13 +0200)
commit636b2e9b2ae29012b82901e6e5d85a159c359478
tree286ac7f5754aa6e88e7a9dcbf1bd34be0f741249tree | snapshot
parent774c8c38471da95725e7dcad17fad6c7d1edb2abcommit | diff
ikev1: Assume a default key length of 128-bit for AES-CBC

Some implementations don't send a Key Length attribute for AES-128.
This was allowed for IKE in early drafts of RFC 3602, however, some
implementations also seem to do it for ESP, where it never was allowed.
And the final version of RFC 3602 demands a Key Length attribute for both
phases so they shouldn't do it anymore anyway.

Fixes #1064.
src/libcharon/encoding/payloads/proposal_substructure.c diff | blob | history
strongSwan - IPsec VPN