We generally prefer AEAD nowadays.
References #3461.
}
else
{
+ child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
- child_cfg->add_proposal(child_cfg,
- proposal_create_default_aead(PROTO_ESP));
}
while (this->local_ts->remove_first(this->local_ts, (void**)&ts) == SUCCESS)
{
}
else
{
- child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
}
ts = traffic_selector_create_dynamic(0, 0, 65535);
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
}
else
{
+ child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
- child_cfg->add_proposal(child_cfg,
- proposal_create_default_aead(PROTO_ESP));
}
token = settings->get_str(settings, "configs.%s.%s.lts", NULL, config, child);
child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
"aes128gcm8-aes128gcm12-aes128gcm16-"
"aes256gcm8-aes256gcm12-aes256gcm16"));
- child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
ts = traffic_selector_create_dynamic(0, 0, 65535);
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
ts = traffic_selector_create_from_string(0, TS_IPV4_ADDR_RANGE,
child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);
child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
- child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
peer_cfg->add_child_cfg(peer_cfg, child_cfg);
this->backend.cfg = peer_cfg;
peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
child_cfg = child_cfg_create(name, &child);
- child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, ts_from_string(local_net));
child_cfg->add_traffic_selector(child_cfg, FALSE, ts_from_string(remote_net));
peer_cfg->add_child_cfg(peer_cfg, child_cfg);
this->current->add_auth_cfg(this->current, auth, FALSE);
child_cfg = child_cfg_create(name, &child);
- child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, ts_from_string(local_net));
child_cfg->add_traffic_selector(child_cfg, FALSE, ts_from_string(remote_net));
this->current->add_child_cfg(this->current, child_cfg);
}
if (use_default)
{
- child->add_proposal(child, proposal_create_default(PROTO_ESP));
child->add_proposal(child, proposal_create_default_aead(PROTO_ESP));
+ child->add_proposal(child, proposal_create_default(PROTO_ESP));
}
}
}
if (child.proposals->get_count(child.proposals) == 0)
{
- proposal = proposal_create_default(PROTO_ESP);
+ proposal = proposal_create_default_aead(PROTO_ESP);
if (proposal)
{
child.proposals->insert_last(child.proposals, proposal);
}
- proposal = proposal_create_default_aead(PROTO_ESP);
+ proposal = proposal_create_default(PROTO_ESP);
if (proposal)
{
child.proposals->insert_last(child.proposals, proposal);
projects / thirdparty / strongswan.git / commitdiff
