proposal: Remove MODP_NONE from IKE proposals parsed from strings
authorTobias Brunner <tobias@strongswan.org>
Wed, 1 Jun 2016 12:53:23 +0000 (14:53 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 17 Jun 2016 16:48:07 +0000 (18:48 +0200)
src/libcharon/config/proposal.c

index d676dec..a83acec 100644 (file)
@@ -453,6 +453,16 @@ static void check_proposal(private_proposal_t *this)
                        }
                }
                e->destroy(e);
                        }
                }
                e->destroy(e);
+               /* remove MODP_NONE from IKE proposal */
+               e = array_create_enumerator(this->transforms);
+               while (e->enumerate(e, &entry))
+               {
+                       if (entry->type == DIFFIE_HELLMAN_GROUP && !entry->alg)
+                       {
+                               array_remove_at(this->transforms, e);
+                       }
+               }
+               e->destroy(e);
        }
 
        if (this->protocol == PROTO_ESP)
        }
 
        if (this->protocol == PROTO_ESP)