From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 19 Jan 2016 14:00:23 +0000 (+0100)
Subject: ha: Add DH group to CHILD_ADD message
X-Git-Tag: 5.4.0dr6~16
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=b5c2ed5016a00b3d580abf4f3a61eae8d4776027

ha: Add DH group to CHILD_ADD message

References #1267.
---

diff --git a/src/libcharon/plugins/ha/ha_child.c b/src/libcharon/plugins/ha/ha_child.c
index dbb6adc..7dafb16 100644
--- a/src/libcharon/plugins/ha/ha_child.c
+++ b/src/libcharon/plugins/ha/ha_child.c
@@ -91,6 +91,10 @@ METHOD(listener_t, child_keys, bool,
 	{
 		m->add_attribute(m, HA_ALG_INTEG, alg);
 	}
+	if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, &alg, NULL))
+	{
+		m->add_attribute(m, HA_ALG_DH, alg);
+	}
 	if (proposal->get_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, &alg, NULL))
 	{
 		m->add_attribute(m, HA_ESN, alg);
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 8ea28a4..ce90f5b 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -655,7 +655,7 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	u_int32_t inbound_spi = 0, outbound_spi = 0;
 	u_int16_t inbound_cpi = 0, outbound_cpi = 0;
 	u_int8_t mode = MODE_TUNNEL, ipcomp = 0;
-	u_int16_t encr = 0, integ = 0, len = 0;
+	u_int16_t encr = 0, integ = 0, len = 0, dh_grp = 0;
 	u_int16_t esn = NO_EXT_SEQ_NUMBERS;
 	u_int seg_i, seg_o;
 	chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty, secret = chunk_empty;
@@ -705,6 +705,9 @@ static void process_child_add(private_ha_dispatcher_t *this,
 			case HA_ALG_INTEG:
 				integ = value.u16;
 				break;
+			case HA_ALG_DH:
+				dh_grp = value.u16;
+				break;
 			case HA_ESN:
 				esn = value.u16;
 				break;
@@ -755,6 +758,10 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	{
 		proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, encr, len);
 	}
+	if (dh_grp)
+	{
+		proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP, dh_grp, 0);
+	}
 	proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, esn, 0);
 	if (secret.len)
 	{