while (prefer_enum->enumerate(prefer_enum, &proposal))
{
- proposal = proposal->clone(proposal);
- if (flags & PROPOSAL_STRIP_DH)
- {
- proposal->strip_dh(proposal, MODP_NONE);
- }
if (flags & PROPOSAL_PREFER_CONFIGURED)
{
proposals->reset_enumerator(proposals, match_enum);
}
while (match_enum->enumerate(match_enum, &match))
{
- match = match->clone(match);
- if (flags & PROPOSAL_STRIP_DH)
- {
- match->strip_dh(match, MODP_NONE);
- }
selected = proposal->select(proposal, match, flags);
- match->destroy(match);
if (selected)
{
DBG2(DBG_CFG, "received proposals: %#P", proposals);
break;
}
}
- proposal->destroy(proposal);
if (selected)
{
break;
char *self;
char *other;
char *expected;
+ proposal_selection_flag_t flags;
} select_data[] = {
{ PROTO_ESP, "aes128", "aes128", "aes128" },
{ PROTO_ESP, "aes128", "aes256", NULL },
{ PROTO_ESP, "aes128-aes256-sha1-sha256", "aes256-aes128-sha256-sha1", "aes128-sha1" },
{ PROTO_ESP, "aes256-aes128-sha256-sha1", "aes128-aes256-sha1-sha256", "aes256-sha256" },
{ PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256", NULL },
+ { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256", "aes128-sha256", PROPOSAL_SKIP_DH },
{ PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072", NULL },
+ { PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072", "aes128-sha256", PROPOSAL_SKIP_DH },
+ { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-modp3072", "aes128-sha256", PROPOSAL_SKIP_DH },
+ { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-ecp256", "aes128-sha256", PROPOSAL_SKIP_DH },
{ PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-modpnone", NULL },
{ PROTO_ESP, "aes128-sha256-modpnone", "aes128-sha256-modp3072", NULL },
{ PROTO_ESP, "aes128-sha256-modp3072-modpnone", "aes128-sha256", "aes128-sha256" },
select_data[_i].self);
other = proposal_create_from_string(select_data[_i].proto,
select_data[_i].other);
- selected = self->select(self, other, PROPOSAL_PREFER_CONFIGURED);
+ selected = self->select(self, other,
+ select_data[_i].flags | PROPOSAL_PREFER_CONFIGURED);
if (select_data[_i].expected)
{
expected = proposal_create_from_string(select_data[_i].proto,
select_data[_i].other);
if (select_data[_i].expected)
{
- ck_assert(self->matches(self, other, FALSE));
- ck_assert(other->matches(other, self, FALSE));
+ ck_assert(self->matches(self, other, select_data[_i].flags));
+ ck_assert(other->matches(other, self, select_data[_i].flags));
+ ck_assert(self->matches(self, other,
+ select_data[_i].flags | PROPOSAL_PREFER_CONFIGURED));
+ ck_assert(other->matches(other, self,
+ select_data[_i].flags | PROPOSAL_PREFER_CONFIGURED));
}
else
{
- ck_assert(!self->matches(self, other, FALSE));
- ck_assert(!other->matches(other, self, FALSE));
+ ck_assert(!self->matches(self, other, select_data[_i].flags));
+ ck_assert(!other->matches(other, self, select_data[_i].flags));
+ ck_assert(!self->matches(self, other,
+ select_data[_i].flags | PROPOSAL_PREFER_CONFIGURED));
+ ck_assert(!other->matches(other, self,
+ select_data[_i].flags | PROPOSAL_PREFER_CONFIGURED));
}
other->destroy(other);
self->destroy(self);