diff options
| author | Martin Willi <martin@revosec.ch> | 2014-04-24 14:15:49 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2014-05-16 16:01:21 +0200 |
| commit | 8642f8bdb782e35be84183351a20a3df33e55586 (patch) | |
| tree | ed6d2b6e6486c099d30404fcbe37a21bf659ec0c | |
| parent | 0fc4dd429deafbf734ad687be73d5aaff7277c72 (diff) | |
| download | strongswan-8642f8bdb782e35be84183351a20a3df33e55586.tar.bz2 strongswan-8642f8bdb782e35be84183351a20a3df33e55586.tar.xz | |
proposal: Use an additional "default" constructor specific to AEAD algorithms
This allows a caller to create a separated proposal for supported AEAD
algorithms, as required by RFC 5996.
| -rw-r--r-- | src/libcharon/config/proposal.c | 23 | ||||
| -rw-r--r-- | src/libcharon/config/proposal.h | 8 |
2 files changed, 31 insertions, 0 deletions
diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c index fcfaebeb4..48313b753 100644 --- a/src/libcharon/config/proposal.c +++ b/src/libcharon/config/proposal.c @@ -812,6 +812,29 @@ proposal_t *proposal_create_default(protocol_id_t protocol) /* * Describtion in header-file */ +proposal_t *proposal_create_default_aead(protocol_id_t protocol) +{ + private_proposal_t *this; + + switch (protocol) + { + case PROTO_IKE: + this = (private_proposal_t*)proposal_create(protocol, 0); + proposal_add_supported_ike(this, TRUE); + return &this->public; + case PROTO_ESP: + /* we currently don't include any AEAD proposal for ESP, as we + * don't know if our kernel backend actually supports it. */ + return NULL; + case PROTO_AH: + default: + return NULL; + } +} + +/* + * Describtion in header-file + */ proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs) { private_proposal_t *this; diff --git a/src/libcharon/config/proposal.h b/src/libcharon/config/proposal.h index 7733143a8..78b868868 100644 --- a/src/libcharon/config/proposal.h +++ b/src/libcharon/config/proposal.h @@ -196,6 +196,14 @@ proposal_t *proposal_create(protocol_id_t protocol, u_int number); proposal_t *proposal_create_default(protocol_id_t protocol); /** + * Create a default proposal for supported AEAD algorithms + * + * @param protocol protocol, such as PROTO_ESP + * @return proposal_t object, NULL if none supported + */ +proposal_t *proposal_create_default_aead(protocol_id_t protocol); + +/** * Create a proposal from a string identifying the algorithms. * * The string is in the same form as a in the ipsec.conf file. |