ha: Add DH group to CHILD_ADD message
authorTobias Brunner <tobias@strongswan.org>
Tue, 19 Jan 2016 14:00:23 +0000 (15:00 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 1 Feb 2016 09:50:53 +0000 (10:50 +0100)
References #1267.

src/libcharon/plugins/ha/ha_child.c
src/libcharon/plugins/ha/ha_dispatcher.c

index dbb6adc..7dafb16 100644 (file)
@@ -91,6 +91,10 @@ METHOD(listener_t, child_keys, bool,
        {
                m->add_attribute(m, HA_ALG_INTEG, alg);
        }
+       if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, &alg, NULL))
+       {
+               m->add_attribute(m, HA_ALG_DH, alg);
+       }
        if (proposal->get_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, &alg, NULL))
        {
                m->add_attribute(m, HA_ESN, alg);
index 8ea28a4..ce90f5b 100644 (file)
@@ -655,7 +655,7 @@ static void process_child_add(private_ha_dispatcher_t *this,
        u_int32_t inbound_spi = 0, outbound_spi = 0;
        u_int16_t inbound_cpi = 0, outbound_cpi = 0;
        u_int8_t mode = MODE_TUNNEL, ipcomp = 0;
-       u_int16_t encr = 0, integ = 0, len = 0;
+       u_int16_t encr = 0, integ = 0, len = 0, dh_grp = 0;
        u_int16_t esn = NO_EXT_SEQ_NUMBERS;
        u_int seg_i, seg_o;
        chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty, secret = chunk_empty;
@@ -705,6 +705,9 @@ static void process_child_add(private_ha_dispatcher_t *this,
                        case HA_ALG_INTEG:
                                integ = value.u16;
                                break;
+                       case HA_ALG_DH:
+                               dh_grp = value.u16;
+                               break;
                        case HA_ESN:
                                esn = value.u16;
                                break;
@@ -755,6 +758,10 @@ static void process_child_add(private_ha_dispatcher_t *this,
        {
                proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, encr, len);
        }
+       if (dh_grp)
+       {
+               proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP, dh_grp, 0);
+       }
        proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, esn, 0);
        if (secret.len)
        {