aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/charon-cmd/cmd/cmd_connection.c1
-rw-r--r--src/charon-nm/nm/nm_service.c1
-rw-r--r--src/conftest/config.c1
-rw-r--r--src/frontends/android/jni/libandroidbridge/backend/android_service.c1
-rw-r--r--src/frontends/osx/charon-xpc/xpc_dispatch.c1
-rw-r--r--src/libcharon/plugins/ha/ha_tunnel.c1
-rw-r--r--src/libcharon/plugins/maemo/maemo_service.c1
-rw-r--r--src/libcharon/plugins/medcli/medcli_config.c2
-rw-r--r--src/libcharon/plugins/medsrv/medsrv_config.c1
-rw-r--r--src/libcharon/plugins/sql/sql_config.c1
-rw-r--r--src/libcharon/plugins/stroke/stroke_config.c1
-rw-r--r--src/libcharon/plugins/vici/vici_config.c35
12 files changed, 37 insertions, 10 deletions
diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index c4c8a2a96..79df8037b 100644
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -187,6 +187,7 @@ static peer_cfg_t* create_peer_cfg(private_cmd_connection_t *this)
else
{
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
}
peer_cfg = peer_cfg_create("cmd", ike_cfg,
CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
diff --git a/src/charon-nm/nm/nm_service.c b/src/charon-nm/nm/nm_service.c
index 67366a067..82d212d20 100644
--- a/src/charon-nm/nm/nm_service.c
+++ b/src/charon-nm/nm/nm_service.c
@@ -532,6 +532,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
(char*)address, IKEV2_UDP_PORT,
FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
peer_cfg = peer_cfg_create(priv->name, ike_cfg,
CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
36000, 0, /* rekey 10h, reauth none */
diff --git a/src/conftest/config.c b/src/conftest/config.c
index 5aa742d79..bd63df02a 100644
--- a/src/conftest/config.c
+++ b/src/conftest/config.c
@@ -129,6 +129,7 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
else
{
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
}
return ike_cfg;
}
diff --git a/src/frontends/android/jni/libandroidbridge/backend/android_service.c b/src/frontends/android/jni/libandroidbridge/backend/android_service.c
index ccf5ce8e7..db9bebcc5 100644
--- a/src/frontends/android/jni/libandroidbridge/backend/android_service.c
+++ b/src/frontends/android/jni/libandroidbridge/backend/android_service.c
@@ -530,6 +530,7 @@ static job_requeue_t initiate(private_android_service_t *this)
this->gateway, IKEV2_UDP_PORT,
FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
peer_cfg = peer_cfg_create("android", ike_cfg, CERT_SEND_IF_ASKED,
UNIQUE_REPLACE, 0, /* keyingtries */
diff --git a/src/frontends/osx/charon-xpc/xpc_dispatch.c b/src/frontends/osx/charon-xpc/xpc_dispatch.c
index 564fd6e7d..f20c54bce 100644
--- a/src/frontends/osx/charon-xpc/xpc_dispatch.c
+++ b/src/frontends/osx/charon-xpc/xpc_dispatch.c
@@ -87,6 +87,7 @@ static peer_cfg_t* create_peer_cfg(char *name, char *host)
ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE, "0.0.0.0", local_port,
host, remote_port, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
peer_cfg = peer_cfg_create(name, ike_cfg,
CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
36000, 0, /* rekey 10h, reauth none */
diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c
index 74147e553..53369008b 100644
--- a/src/libcharon/plugins/ha/ha_tunnel.c
+++ b/src/libcharon/plugins/ha/ha_tunnel.c
@@ -207,6 +207,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
charon->socket->get_port(charon->socket, FALSE),
remote, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
peer_cfg = peer_cfg_create("ha", ike_cfg, CERT_NEVER_SEND,
UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE,
TRUE, 30, 0, FALSE, NULL, NULL);
diff --git a/src/libcharon/plugins/maemo/maemo_service.c b/src/libcharon/plugins/maemo/maemo_service.c
index f0f3105c4..82e90694b 100644
--- a/src/libcharon/plugins/maemo/maemo_service.c
+++ b/src/libcharon/plugins/maemo/maemo_service.c
@@ -327,6 +327,7 @@ static gboolean initiate_connection(private_maemo_service_t *this,
charon->socket->get_port(charon->socket, FALSE),
hostname, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
peer_cfg = peer_cfg_create(this->current, ike_cfg,
CERT_SEND_IF_ASKED,
diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c
index d048b003b..c0b39e415 100644
--- a/src/libcharon/plugins/medcli/medcli_config.c
+++ b/src/libcharon/plugins/medcli/medcli_config.c
@@ -106,6 +106,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
charon->socket->get_port(charon->socket, FALSE),
address, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
med_cfg = peer_cfg_create(
"mediation", ike_cfg,
CERT_NEVER_SEND, UNIQUE_REPLACE,
@@ -382,6 +383,7 @@ medcli_config_t *medcli_config_create(database_t *db)
FRAGMENTATION_NO, 0),
);
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
+ this->ike->add_proposal(this->ike, proposal_create_default_aead(PROTO_IKE));
schedule_autoinit(this);
diff --git a/src/libcharon/plugins/medsrv/medsrv_config.c b/src/libcharon/plugins/medsrv/medsrv_config.c
index ac6076ae8..02d805e06 100644
--- a/src/libcharon/plugins/medsrv/medsrv_config.c
+++ b/src/libcharon/plugins/medsrv/medsrv_config.c
@@ -145,6 +145,7 @@ medsrv_config_t *medsrv_config_create(database_t *db)
FRAGMENTATION_NO, 0),
);
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
+ this->ike->add_proposal(this->ike, proposal_create_default_aead(PROTO_IKE));
return &this->public;
}
diff --git a/src/libcharon/plugins/sql/sql_config.c b/src/libcharon/plugins/sql/sql_config.c
index a8d34f2d4..152c4ec52 100644
--- a/src/libcharon/plugins/sql/sql_config.c
+++ b/src/libcharon/plugins/sql/sql_config.c
@@ -242,6 +242,7 @@ static void add_ike_proposals(private_sql_config_t *this,
if (use_default)
{
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
}
}
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index e5e6d9246..aa6138bcf 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -174,6 +174,7 @@ static void add_proposals(private_stroke_config_t *this, char *string,
if (ike_cfg)
{
ike_cfg->add_proposal(ike_cfg, proposal_create_default(proto));
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(proto));
}
else
{
diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index 52a3dba16..83d221653 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -442,17 +442,24 @@ static bool parse_proposal(linked_list_t *list, protocol_id_t proto, chunk_t v)
if (strcaseeq("default", buf))
{
proposal = proposal_create_default(proto);
+ if (proposal)
+ {
+ list->insert_last(list, proposal);
+ }
+ proposal = proposal_create_default_aead(proto);
+ if (proposal)
+ {
+ list->insert_last(list, proposal);
+ }
+ return TRUE;
}
- else
- {
- proposal = proposal_create_from_string(proto, buf);
- }
- if (!proposal)
+ proposal = proposal_create_from_string(proto, buf);
+ if (proposal)
{
- return FALSE;
+ list->insert_last(list, proposal);
+ return TRUE;
}
- list->insert_last(list, proposal);
- return TRUE;
+ return FALSE;
}
/**
@@ -1755,8 +1762,16 @@ CALLBACK(config_sn, bool,
}
if (peer.proposals->get_count(peer.proposals) == 0)
{
- peer.proposals->insert_last(peer.proposals,
- proposal_create_default(PROTO_IKE));
+ proposal = proposal_create_default(PROTO_IKE);
+ if (proposal)
+ {
+ peer.proposals->insert_last(peer.proposals, proposal);
+ }
+ proposal = proposal_create_default_aead(PROTO_IKE);
+ if (proposal)
+ {
+ peer.proposals->insert_last(peer.proposals, proposal);
+ }
}
if (!peer.local_addrs)
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 22:04:01 +0000