current = current->clone(current);
if (strip_dh)
{
- current->strip_dh(current);
+ current->strip_dh(current, MODP_NONE);
}
proposals->insert_last(proposals, current);
}
{
if (strip_dh)
{
- stored->strip_dh(stored);
+ stored->strip_dh(stored, MODP_NONE);
}
selected = stored->select(stored, supplied, private);
if (selected)
}
METHOD(proposal_t, strip_dh, void,
- private_proposal_t *this)
+ private_proposal_t *this, diffie_hellman_group_t keep)
{
+ enumerator_t *enumerator;
algorithm_t *alg;
- while (this->dh_groups->remove_last(this->dh_groups, (void**)&alg) == SUCCESS)
+ enumerator = this->dh_groups->create_enumerator(this->dh_groups);
+ while (enumerator->enumerate(enumerator, (void**)&alg))
{
- free(alg);
+ if (alg->algorithm != keep)
+ {
+ this->dh_groups->remove_at(this->dh_groups, enumerator);
+ free(alg);
+ }
}
+ enumerator->destroy(enumerator);
}
/**
/**
* Strip DH groups from proposal to use it without PFS.
+ *
+ * @param keep group to keep (MODP_NONE to remove all)
*/
- void (*strip_dh)(proposal_t *this);
+ void (*strip_dh)(proposal_t *this, diffie_hellman_group_t keep);
/**
* Compare two proposal, and select a matching subset.
projects / strongswan.git / commitdiff