diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-05-15 15:23:16 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-05-15 15:23:16 +0200 |
| commit | b73c5526dae8ee0a5ed8c83b9b47a22dc8159267 (patch) | |
| tree | 91a92e7a875bf60b01149638740de8f071d6b4c9 /src/pluto/crypto.c | |
| parent | d43cfda7dd1bbaac1dcbd353e9514ea505d854c9 (diff) | |
| download | strongswan-b73c5526dae8ee0a5ed8c83b9b47a22dc8159267.tar.bz2 strongswan-b73c5526dae8ee0a5ed8c83b9b47a22dc8159267.tar.xz | |
pluto aborts if no SHA-1 and MD5 hashers are present
Diffstat (limited to 'src/pluto/crypto.c')
| -rw-r--r-- | src/pluto/crypto.c | 71 |
1 files changed, 42 insertions, 29 deletions
diff --git a/src/pluto/crypto.c b/src/pluto/crypto.c index 81a4ec57a..b60c685e0 100644 --- a/src/pluto/crypto.c +++ b/src/pluto/crypto.c @@ -59,7 +59,49 @@ void init_crypto(void) enumerator_t *enumerator; encryption_algorithm_t encryption_alg; hash_algorithm_t hash_alg; + bool no_md5 = TRUE; + bool no_sha1 = TRUE; + enumerator = lib->crypto->create_hasher_enumerator(lib->crypto); + while (enumerator->enumerate(enumerator, &hash_alg)) + { + const struct hash_desc *desc; + + switch (hash_alg) + { + case HASH_SHA1: + desc = &hash_desc_sha1; + no_sha1 = FALSE; + break; + case HASH_SHA256: + desc = &hash_desc_sha2_256; + break; + case HASH_SHA384: + desc = &hash_desc_sha2_384; + break; + case HASH_SHA512: + desc = &hash_desc_sha2_512; + break; + case HASH_MD5: + desc = &hash_desc_md5; + no_md5 = FALSE; + break; + default: + continue; + } + ike_alg_add((struct ike_alg *)desc); + } + enumerator->destroy(enumerator); + + if (no_sha1) + { + exit_log("pluto cannot run without a SHA-1 hasher"); + } + if (no_md5) + { + exit_log("pluto cannot run without an MD5 hasher"); + } + enumerator = lib->crypto->create_crypter_enumerator(lib->crypto); while (enumerator->enumerate(enumerator, &encryption_alg)) { @@ -90,35 +132,6 @@ void init_crypto(void) } enumerator->destroy(enumerator); - enumerator = lib->crypto->create_hasher_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &hash_alg)) - { - const struct hash_desc *desc; - - switch (hash_alg) - { - case HASH_SHA1: - desc = &hash_desc_sha1; - break; - case HASH_SHA256: - desc = &hash_desc_sha2_256; - break; - case HASH_SHA384: - desc = &hash_desc_sha2_384; - break; - case HASH_SHA512: - desc = &hash_desc_sha2_512; - break; - case HASH_MD5: - desc = &hash_desc_md5; - break; - default: - continue; - } - ike_alg_add((struct ike_alg *)desc); - } - enumerator->destroy(enumerator); - if (mpz_init_set_str(&groupgenerator, MODP_GENERATOR, 10) != 0 || mpz_init_set_str(&modp1024_modulus, MODP1024_MODULUS, 16) != 0 || mpz_init_set_str(&modp1536_modulus, MODP1536_MODULUS, 16) != 0 |