diff options
| author | Martin Willi <martin@revosec.ch> | 2014-12-05 13:48:51 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2014-12-05 14:00:36 +0100 |
| commit | 0a5b60db2066e4e62d2e9da387080c80201a08b4 (patch) | |
| tree | df3cfbeff7769ec143e414a6f7aa2da63e016b7c | |
| parent | 02df52fd2b557ddcecdf250ecb7f32b2c716ebc8 (diff) | |
| download | strongswan-0a5b60db2066e4e62d2e9da387080c80201a08b4.tar.bz2 strongswan-0a5b60db2066e4e62d2e9da387080c80201a08b4.tar.xz | |
diffie-hellman: Handle dh_exponent_ansi_x9_42 as a boolean setting
While it was always documented as boolean setting, the option is currently
handled as integer value, for which yes/no values do not work. Instead the
default of TRUE is used for a no value.
The option has been moved a lot during the last years, and in some locations
was handled as bool, in some as integer. In the latest codebase it
congruently used integer, which is actually not what is documented and used
in testing.
Fixes #781.
| -rw-r--r-- | src/libstrongswan/crypto/diffie_hellman.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index 87c9b21f8..bada1c529 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -439,7 +439,7 @@ void diffie_hellman_init() { int i; - if (lib->settings->get_int(lib->settings, + if (lib->settings->get_bool(lib->settings, "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns)) { for (i = 0; i < countof(dh_params); i++) @@ -463,7 +463,7 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group) if (!dh_params[i].public.exp_len) { if (!dh_params[i].public.subgroup.len && - lib->settings->get_int(lib->settings, + lib->settings->get_bool(lib->settings, "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns)) { dh_params[i].public.exp_len = dh_params[i].public.prime.len; |