diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-11-24 16:38:10 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-11-24 16:38:10 +0100 |
| commit | 2eeab939a0eea49167c72dd0f3ec5a26f1592620 (patch) | |
| tree | d1361ea37448611a7c5691d595c8fbce7dfa5ad6 | |
| parent | 792876ff8780bafaf126e248849318406b7330cb (diff) | |
| download | strongswan-2eeab939a0eea49167c72dd0f3ec5a26f1592620.tar.bz2 strongswan-2eeab939a0eea49167c72dd0f3ec5a26f1592620.tar.xz | |
do not send all available kernel algorithms if esp string is faulty
| -rw-r--r-- | src/pluto/kernel_alg.c | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/src/pluto/kernel_alg.c b/src/pluto/kernel_alg.c index 0429615f7..450c507d0 100644 --- a/src/pluto/kernel_alg.c +++ b/src/pluto/kernel_alg.c @@ -694,12 +694,6 @@ struct db_context* kernel_alg_db_new(struct alg_info_esp *alg_info, /* pass aprox. number of transforms and attributes */ ctx_new = db_prop_new(PROTO_IPSEC_ESP, trans_cnt, trans_cnt * 2); - /* - * Loop: for each element (struct esp_info) of alg_info, - * if kernel support is present then build the transform (and attrs) - * if NULL alg_info, propose everything ... - */ - if (alg_info) { int i; @@ -710,28 +704,6 @@ struct db_context* kernel_alg_db_new(struct alg_info_esp *alg_info, kernel_alg_db_add(ctx_new, &tmp_esp_info, policy); } } - else - { - u_int ealg_id; - - ESP_EALG_FOR_EACH_UPDOWN(ealg_id) - { - u_int aalg_id; - - tmp_esp_info.esp_ealg_id = ealg_id; - tmp_esp_info.esp_ealg_keylen = 0; - - for (aalg_id = 1; aalg_id <= SADB_AALG_MAX; aalg_id++) - { - if (ESP_AALG_PRESENT(aalg_id)) - { - tmp_esp_info.esp_aalg_id = alg_info_esp_sadb2aa(aalg_id); - tmp_esp_info.esp_aalg_keylen = 0; - kernel_alg_db_add(ctx_new, &tmp_esp_info, policy); - } - } - } - } prop = db_prop_get(ctx_new); return ctx_new; } |