]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 269e487)
Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the same
authorMartin Willi <martin@revosec.ch>
Tue, 7 Feb 2012 08:37:51 +0000 (09:37 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 7 Feb 2012 09:54:53 +0000 (10:54 +0100)
src/libtls/tls_crypto.c patch | blob | blame | history

diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 7487da96d30499b5242c3f9485dbca6f0d7eb3ad..2eb0a9b767d4583cfea8ed4b70acc5508c179a62 100644 (file)
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -839,25 +839,25 @@ static void filter_mac_config_suites(private_tls_crypto_t *this,
                        while (enumerator->enumerate(enumerator, &token))
                        {
                                if (strcaseeq(token, "md5") &&
-                                       suites[i].hash == HASH_MD5)
+                                       suites[i].mac == AUTH_HMAC_MD5_128)
                                {
                                        suites[remaining++] = suites[i];
                                        break;
                                }
                                if (strcaseeq(token, "sha1") &&
-                                       suites[i].hash == HASH_SHA1)
+                                       suites[i].mac == AUTH_HMAC_SHA1_160)
                                {
                                        suites[remaining++] = suites[i];
                                        break;
                                }
                                if (strcaseeq(token, "sha256") &&
-                                       suites[i].hash == HASH_SHA256)
+                                       suites[i].mac == AUTH_HMAC_SHA2_256_256)
                                {
                                        suites[remaining++] = suites[i];
                                        break;
                                }
                                if (strcaseeq(token, "sha384") &&
-                                       suites[i].hash == HASH_SHA384)
+                                       suites[i].mac == AUTH_HMAC_SHA2_384_384)
                                {
                                        suites[remaining++] = suites[i];
                                        break;
Unnamed repository; edit this file 'description' to name the repository.