From: Martin Willi <martin@revosec.ch>
Date: Fri, 5 Dec 2014 12:48:51 +0000 (+0100)
Subject: diffie-hellman: Handle dh_exponent_ansi_x9_42 as a boolean setting
X-Git-Tag: 5.2.2rc1~35
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0a5b60db2066e4e62d2e9da387080c80201a08b4;p=thirdparty%2Fstrongswan.git

diffie-hellman: Handle dh_exponent_ansi_x9_42 as a boolean setting

While it was always documented as boolean setting, the option is currently
handled as integer value, for which yes/no values do not work. Instead the
default of TRUE is used for a no value.

The option has been moved a lot during the last years, and in some locations
was handled as bool, in some as integer. In the latest codebase it
congruently used integer, which is actually not what is documented and used
in testing.

Fixes #781.
---

diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 87c9b21f8d..bada1c5299 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -439,7 +439,7 @@ void diffie_hellman_init()
 {
 	int i;
 
-	if (lib->settings->get_int(lib->settings,
+	if (lib->settings->get_bool(lib->settings,
 					"%s.dh_exponent_ansi_x9_42", TRUE, lib->ns))
 	{
 		for (i = 0; i < countof(dh_params); i++)
@@ -463,7 +463,7 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group)
 			if (!dh_params[i].public.exp_len)
 			{
 				if (!dh_params[i].public.subgroup.len &&
-					lib->settings->get_int(lib->settings,
+					lib->settings->get_bool(lib->settings,
 									"%s.dh_exponent_ansi_x9_42", TRUE, lib->ns))
 				{
 					dh_params[i].public.exp_len = dh_params[i].public.prime.len;