From 1dabf5bfc7ad87ec83c115852ebac221d524deee Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Tue, 7 Feb 2012 09:37:51 +0100
Subject: Filter TLS suite MAC by HMAC algorithm, as the hash is not
 necessarily the same

---
 src/libtls/tls_crypto.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 7487da96d..2eb0a9b76 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -839,25 +839,25 @@ static void filter_mac_config_suites(private_tls_crypto_t *this,
 			while (enumerator->enumerate(enumerator, &token))
 			{
 				if (strcaseeq(token, "md5") &&
-					suites[i].hash == HASH_MD5)
+					suites[i].mac == AUTH_HMAC_MD5_128)
 				{
 					suites[remaining++] = suites[i];
 					break;
 				}
 				if (strcaseeq(token, "sha1") &&
-					suites[i].hash == HASH_SHA1)
+					suites[i].mac == AUTH_HMAC_SHA1_160)
 				{
 					suites[remaining++] = suites[i];
 					break;
 				}
 				if (strcaseeq(token, "sha256") &&
-					suites[i].hash == HASH_SHA256)
+					suites[i].mac == AUTH_HMAC_SHA2_256_256)
 				{
 					suites[remaining++] = suites[i];
 					break;
 				}
 				if (strcaseeq(token, "sha384") &&
-					suites[i].hash == HASH_SHA384)
+					suites[i].mac == AUTH_HMAC_SHA2_384_384)
 				{
 					suites[remaining++] = suites[i];
 					break;
-- 
cgit v1.2.3