[Swan-dev] DH group naming
Oleg Rosowiecki
orosowiecki at gmail.com
Thu Jun 22 23:04:32 UTC 2017
Speaking of the algorithm rename... Is there any reason behind accepting
only the value of "dh21" for ike= and allowing only "ecp_521" for phase2alg?
Libreswan 3.20 doesn't accept "ecp_521" for ike= because the algorithm
parser stumbles upon the underscore, which it doesn't like:
ike string error: Non alphanum char found after in modp string, just after
"aes-256-sha512;ecp" (state=ST_AK)
However, struct oakley_group oakley_group_dh21 {} does have "ecp_521" among
its alternative names. So I assume this is not the intented behavior.
If you try to use "dh21" for phase2alg, it will reject it because for
phase2alg it knows only about ecp_521.
What do you think?
Oleg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20170623/5756ac2e/attachment.html>
More information about the Swan-dev
mailing list