From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 5 Nov 2019 09:22:36 +0000 (+0100)
Subject: proposal: Make all key exchange transforms optional in ESP/AH proposals
X-Git-Tag: 6.0.0rc1~56^2~42
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9cc5f4a511a7feac235f986a2c82316fa312d707;p=thirdparty%2Fstrongswan.git

proposal: Make all key exchange transforms optional in ESP/AH proposals
---

diff --git a/src/libstrongswan/crypto/proposal/proposal.c b/src/libstrongswan/crypto/proposal/proposal.c
index 5c568a0816..ba6b3f0f2f 100644
--- a/src/libstrongswan/crypto/proposal/proposal.c
+++ b/src/libstrongswan/crypto/proposal/proposal.c
@@ -322,7 +322,7 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
 	uint16_t alg1, alg2, ks1, ks2;
 	bool found = FALSE, optional = FALSE;
 
-	if (type == KEY_EXCHANGE_METHOD)
+	if (is_ke_transform(type))
 	{
 		optional = this->protocol == PROTO_ESP || this->protocol == PROTO_AH;
 	}