2 files changed, 31 insertions, 0 deletions

diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c
index fcfaebeb4..48313b753 100644
--- a/src/libcharon/config/proposal.c
+++ b/src/libcharon/config/proposal.c
@@ -812,6 +812,29 @@ proposal_t *proposal_create_default(protocol_id_t protocol)
 /*
  * Describtion in header-file
  */
+proposal_t *proposal_create_default_aead(protocol_id_t protocol)
+{
+	private_proposal_t *this;
+
+	switch (protocol)
+	{
+		case PROTO_IKE:
+			this = (private_proposal_t*)proposal_create(protocol, 0);
+			proposal_add_supported_ike(this, TRUE);
+			return &this->public;
+		case PROTO_ESP:
+			/* we currently don't include any AEAD proposal for ESP, as we
+			 * don't know if our kernel backend actually supports it. */
+			return NULL;
+		case PROTO_AH:
+		default:
+			return NULL;
+	}
+}
+
+/*
+ * Describtion in header-file
+ */
 proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs)
 {
 	private_proposal_t *this;
diff --git a/src/libcharon/config/proposal.h b/src/libcharon/config/proposal.h
index 7733143a8..78b868868 100644
--- a/src/libcharon/config/proposal.h
+++ b/src/libcharon/config/proposal.h
@@ -196,6 +196,14 @@ proposal_t *proposal_create(protocol_id_t protocol, u_int number);
 proposal_t *proposal_create_default(protocol_id_t protocol);
 
 /**
+ * Create a default proposal for supported AEAD algorithms
+ *
+ * @param protocol			protocol, such as PROTO_ESP
+ * @return					proposal_t object, NULL if none supported
+ */
+proposal_t *proposal_create_default_aead(protocol_id_t protocol);
+
+/**
  * Create a proposal from a string identifying the algorithms.
  *
  * The string is in the same form as a in the ipsec.conf file.