Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the same

author: Martin Willi <martin@revosec.ch> 2012-02-07 09:37:51 +0100
committer: Martin Willi <martin@revosec.ch> 2012-02-07 10:54:53 +0100
commit: 1dabf5bfc7ad87ec83c115852ebac221d524deee (patch)
tree: db685e0c2b83f7b71912fa67643aa2e4a698df2c /src
parent: 269e487567b852e87c912068dac1195297dfdc5a (diff)
download: strongswan-1dabf5bfc7ad87ec83c115852ebac221d524deee.tar.bz2
strongswan-1dabf5bfc7ad87ec83c115852ebac221d524deee.tar.xz
1 files changed, 4 insertions, 4 deletions
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 7487da96d..2eb0a9b76 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -839,25 +839,25 @@ static void filter_mac_config_suites(private_tls_crypto_t *this,
 			while (enumerator->enumerate(enumerator, &token))
 			{
 				if (strcaseeq(token, "md5") &&
-					suites[i].hash == HASH_MD5)
+					suites[i].mac == AUTH_HMAC_MD5_128)
 				{
 					suites[remaining++] = suites[i];
 					break;
 				}
 				if (strcaseeq(token, "sha1") &&
-					suites[i].hash == HASH_SHA1)
+					suites[i].mac == AUTH_HMAC_SHA1_160)
 				{
 					suites[remaining++] = suites[i];
 					break;
 				}
 				if (strcaseeq(token, "sha256") &&
-					suites[i].hash == HASH_SHA256)
+					suites[i].mac == AUTH_HMAC_SHA2_256_256)
 				{
 					suites[remaining++] = suites[i];
 					break;
 				}
 				if (strcaseeq(token, "sha384") &&
-					suites[i].hash == HASH_SHA384)
+					suites[i].mac == AUTH_HMAC_SHA2_384_384)
 				{
 					suites[remaining++] = suites[i];
 					break;
author	Martin Willi <martin@revosec.ch>	2012-02-07 09:37:51 +0100
committer	Martin Willi <martin@revosec.ch>	2012-02-07 10:54:53 +0100
commit	1dabf5bfc7ad87ec83c115852ebac221d524deee (patch)
tree	db685e0c2b83f7b71912fa67643aa2e4a698df2c /src
parent	269e487567b852e87c912068dac1195297dfdc5a (diff)
download	strongswan-1dabf5bfc7ad87ec83c115852ebac221d524deee.tar.bz2 strongswan-1dabf5bfc7ad87ec83c115852ebac221d524deee.tar.xz