diff options
| author | Martin Willi <martin@strongswan.org> | 2006-02-16 16:24:50 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-02-16 16:24:50 +0000 |
| commit | 0a373aec33c977b061c57b72a3bc909ef5971b56 (patch) | |
| tree | 99d9c1b185161f324a3393261bdfd5dcbad2938b /Source/charon/config/configuration_manager.c | |
| parent | 30b5b412da849251d6000c2dc52731af3e5409b8 (diff) | |
| download | strongswan-0a373aec33c977b061c57b72a3bc909ef5971b56.tar.bz2 strongswan-0a373aec33c977b061c57b72a3bc909ef5971b56.tar.xz | |
- fixed socket code, so we know on which address we receive traffic
- AH/ESP setup in kernel is working now!!! :-)))
Diffstat (limited to 'Source/charon/config/configuration_manager.c')
| -rw-r--r-- | Source/charon/config/configuration_manager.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/Source/charon/config/configuration_manager.c b/Source/charon/config/configuration_manager.c index 07eaf53e2..9028a5c47 100644 --- a/Source/charon/config/configuration_manager.c +++ b/Source/charon/config/configuration_manager.c @@ -279,13 +279,14 @@ static void load_default_config (private_configuration_manager_t *this) sa_config_t *sa_config_a, *sa_config_b; traffic_selector_t *ts; - init_config_a = init_config_create("0.0.0.0","192.168.0.3",IKEV2_UDP_PORT,IKEV2_UDP_PORT); - init_config_b = init_config_create("0.0.0.0","192.168.0.2",IKEV2_UDP_PORT,IKEV2_UDP_PORT); + init_config_a = init_config_create("192.168.0.2","192.168.0.3",IKEV2_UDP_PORT,IKEV2_UDP_PORT); + init_config_b = init_config_create("192.168.0.3","192.168.0.2",IKEV2_UDP_PORT,IKEV2_UDP_PORT); /* IKE proposals for alice */ proposal = proposal_create(1); proposal->add_algorithm(proposal, IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); proposal->add_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0); + proposal->add_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); proposal->add_algorithm(proposal, IKE, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0); proposal->add_algorithm(proposal, IKE, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0); proposal->add_algorithm(proposal, IKE, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0); @@ -294,7 +295,8 @@ static void load_default_config (private_configuration_manager_t *this) /* IKE proposals for bob */ proposal = proposal_create(1); proposal->add_algorithm(proposal, IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); - proposal->add_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0); + proposal->add_algorithm(proposal, IKE, ENCRYPTION_ALGORITHM, ENCR_3DES, 0); + proposal->add_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); proposal->add_algorithm(proposal, IKE, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0); proposal->add_algorithm(proposal, IKE, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0); init_config_b->add_proposal(init_config_b, proposal); @@ -346,7 +348,7 @@ static void load_default_config (private_configuration_manager_t *this) // proposal->add_algorithm(proposal, AH, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0); proposal->add_algorithm(proposal, ESP, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); - proposal->add_algorithm(proposal, ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0); + proposal->add_algorithm(proposal, ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); proposal->add_algorithm(proposal, ESP, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0); proposal->add_algorithm(proposal, ESP, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0); |