/**
* Initialize the cipher suite list
*/
-static void build_cipher_suite_list(private_tls_crypto_t *this,
- bool require_encryption)
+static void build_cipher_suite_list(private_tls_crypto_t *this)
{
suite_algs_t suites[countof(suite_algs)];
tls_version_t min_version, max_version;
+ bool require_encryption;
int count = 0, i;
+ switch (this->tls->get_purpose(this->tls))
+ {
+ case TLS_PURPOSE_EAP_TLS:
+ case TLS_PURPOSE_GENERIC_NULLOK:
+ require_encryption = FALSE;
+ break;
+ case TLS_PURPOSE_EAP_PEAP:
+ case TLS_PURPOSE_EAP_TTLS:
+ case TLS_PURPOSE_GENERIC:
+ require_encryption = TRUE;
+ break;
+ default:
+ return;
+ }
+
min_version = this->tls->get_version_min(this->tls);
max_version = this->tls->get_version_max(this->tls);
METHOD(tls_crypto_t, get_cipher_suites, int,
private_tls_crypto_t *this, tls_cipher_suite_t **suites)
{
+ if (!this->suites)
+ {
+ build_cipher_suite_list(this);
+ }
*suites = this->suites;
return this->suite_count;
}
suite_algs_t *algs;
int i, j;
+ if (!this->suites)
+ {
+ build_cipher_suite_list(this);
+ }
+
for (i = 0; i < this->suite_count; i++)
{
for (j = 0; j < count; j++)
case TLS_PURPOSE_EAP_TLS:
/* MSK PRF ASCII constant label according to EAP-TLS RFC 5216 */
this->msk_label = "client EAP encryption";
- build_cipher_suite_list(this, FALSE);
break;
case TLS_PURPOSE_EAP_PEAP:
this->msk_label = "client EAP encryption";
- build_cipher_suite_list(this, TRUE);
break;
case TLS_PURPOSE_EAP_TTLS:
/* MSK PRF ASCII constant label according to EAP-TTLS RFC 5281 */
this->msk_label = "ttls keying material";
- build_cipher_suite_list(this, TRUE);
- break;
- case TLS_PURPOSE_GENERIC:
- build_cipher_suite_list(this, TRUE);
- break;
- case TLS_PURPOSE_GENERIC_NULLOK:
- build_cipher_suite_list(this, FALSE);
break;
default:
break;
projects / thirdparty / strongswan.git / commitdiff
