diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-05-15 13:26:49 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-06-11 17:33:31 +0200 |
| commit | efc69e9f3889000bf6cecc04a510f6095bd9aca2 (patch) | |
| tree | b2ad39c13447d2eb6b7fd70956d42ecb56f9716c /src/starter/confread.c | |
| parent | 6d065f14ae04d582a5d3ef425a850fe7a85c9500 (diff) | |
| download | strongswan-efc69e9f.tar.bz2 strongswan-efc69e9f.tar.xz | |
starter: Removed pfs and pfsgroup options (handled via esp option).
Diffstat (limited to 'src/starter/confread.c')
| -rw-r--r-- | src/starter/confread.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/src/starter/confread.c b/src/starter/confread.c index 377964951..a003a14d6 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -35,7 +35,7 @@ #define ip_version(string) (strchr(string, '.') ? AF_INET : AF_INET6) static const char ike_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536"; -static const char esp_defaults[] = "aes128-sha1,3des-sha1"; +static const char esp_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536"; static const char firewall_defaults[] = "ipsec _updown iptables"; @@ -84,7 +84,7 @@ static void default_values(starter_config_t *cfg) cfg->conn_default.startup = STARTUP_NO; cfg->conn_default.state = STATE_IGNORE; cfg->conn_default.mode = MODE_TUNNEL; - cfg->conn_default.policy = POLICY_PFS | POLICY_MOBIKE; + cfg->conn_default.policy = POLICY_MOBIKE; cfg->conn_default.ike = strdupnull(ike_defaults); cfg->conn_default.esp = strdupnull(esp_defaults); @@ -561,9 +561,6 @@ static void load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg cfg->err++; } break; - case KW_PFS: - KW_POLICY_FLAG("yes", "no", POLICY_PFS) - break; case KW_COMPRESS: KW_POLICY_FLAG("yes", "no", POLICY_COMPRESS) break; |