aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/frontends/android/jni/libandroidbridge/backend/android_service.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/src/frontends/android/jni/libandroidbridge/backend/android_service.c b/src/frontends/android/jni/libandroidbridge/backend/android_service.c
index 1a6a9203d..0bab31d5b 100644
--- a/src/frontends/android/jni/libandroidbridge/backend/android_service.c
+++ b/src/frontends/android/jni/libandroidbridge/backend/android_service.c
@@ -726,8 +726,18 @@ static job_requeue_t initiate(private_android_service_t *this)
child_cfg = child_cfg_create("android", &lifetime, NULL, TRUE, MODE_TUNNEL,
ACTION_NONE, ACTION_RESTART, ACTION_RESTART,
FALSE, 0, 0, NULL, NULL, 0);
- /* create an ESP proposal with the algorithms currently supported by
- * libipsec, no PFS for now */
+ /* create ESP proposals with and without DH groups, let responder decide
+ * if PFS is used */
+ child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
+ "aes128gcm16-aes256gcm16-ecp256"));
+ child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
+ "aes128-sha256-ecp256-modp3072"));
+ child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
+ "aes256-sha384-ecp521-modp8192"));
+ child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
+ "aes128-aes192-aes256-sha1-sha256-sha384-sha512-"
+ "ecp256-ecp384-ecp521-"
+ "modp2048-modp3072-modp4096-modp1024"));
child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
"aes128gcm16-aes256gcm16"));
child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-17 06:26:01 +0000