ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

Remove MODP groups from default ESP proposal 

This now actually makes pfs=no the default and it equals the default
listed in ipsec.conf.5. efc69e9f preserved the default of pfs=yes.
This commit is contained in:
Tobias Brunner 2012-10-18 16:38:22 +02:00
parent bca34c3717
commit e74f184cb4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/starter/confread.c
View File

@ -36,7 +36,7 @@
#define SA_REPLACEMENT_RETRIES_DEFAULT 3
static const char ike_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536";
static const char esp_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536";
static const char esp_defaults[] = "aes128-sha1,3des-sha1";
static const char firewall_defaults[] = "ipsec _updown iptables";