projects / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4eba726) | patch
Remove all ESP proposals with non-matching DH group during Quick Mode
authorTobias Brunner <tobias@strongswan.org>
Thu, 18 Oct 2012 16:09:16 +0000 (18:09 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 24 Oct 2012 14:09:42 +0000 (16:09 +0200)
commitf48e7272322941f23abf9b517a13bf54dde3f79f
tree086aa7e3420fe47f0056bc06bd63b541cc7320b2tree | snapshot
parent4eba7269b830a2f2841dc11f5b688d409091ccebcommit | diff
Remove all ESP proposals with non-matching DH group during Quick Mode

According to RFC 2409, section 5.5, if PFS is used all proposals MUST
include the selected DH group, so we remove proposals without the
proposed group and remove other DH groups from the remaining proposals.
src/libcharon/sa/ikev1/tasks/quick_mode.c diff | blob | history
strongSwan - IPsec VPN