diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2014-06-20 16:22:15 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2014-06-20 16:34:29 +0200 |
| commit | a4844dbc8f15acb59688078e0c99313ee095aad0 (patch) | |
| tree | 3a782816dc072ab714fba5976937f19ad15c8dd9 /src/libstrongswan/crypto/crypto_factory.c | |
| parent | 90854d289fefbb5575391bfb8e493cf69f6a5804 (diff) | |
| parent | aba9ef542ee73645c895ab0e1128c195f56dc5b7 (diff) | |
| download | strongswan-a4844dbc8f15acb59688078e0c99313ee095aad0.tar.bz2 strongswan-a4844dbc8f15acb59688078e0c99313ee095aad0.tar.xz | |
Merge branch 'algorithm-order'
Restores the behavior we had before 2e22333fb (except for RNGs), that is,
algorithms are stored in the registration order again. Which is not optimal
as we must rely on plugins to register them in a sensible order, but ordering
them by identifier definitely caused weaker algorithms to be proposed first
in the default proposal, which was even worse.
Diffstat (limited to 'src/libstrongswan/crypto/crypto_factory.c')
| -rw-r--r-- | src/libstrongswan/crypto/crypto_factory.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c index 6dea30ee3..96fbc0d87 100644 --- a/src/libstrongswan/crypto/crypto_factory.c +++ b/src/libstrongswan/crypto/crypto_factory.c @@ -392,10 +392,10 @@ METHOD(crypto_factory_t, create_dh, diffie_hellman_t*, /** * Insert an algorithm entry to a list * - * Entries are sorted by algorithm identifier (which is important for RNGs) - * while maintaining the order in which algorithms were added, unless they were + * Entries maintain the order in which algorithms were added, unless they were * benchmarked and speed is provided, which then is used to order entries of * the same algorithm. + * An exception are RNG entries, which are sorted by algorithm identifier. */ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, int algo, const char *plugin_name, @@ -403,6 +403,7 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, { enumerator_t *enumerator; entry_t *entry, *current; + bool sort = (list == this->rngs), found = FALSE; INIT(entry, .algo = algo, @@ -415,12 +416,19 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, enumerator = list->create_enumerator(list); while (enumerator->enumerate(enumerator, ¤t)) { - if (current->algo > algo) + if (sort && current->algo > algo) { break; } - else if (current->algo == algo && speed && - current->speed < speed) + else if (current->algo == algo) + { + if (speed > current->speed) + { + break; + } + found = TRUE; + } + else if (found) { break; } |