Project

General

Profile

Feature #1064

Updated by Tobias Brunner almost 7 years ago

While trying to get AES128 I saw:

<pre>
received proposals: ESP:AES_CBC_256/HMAC_SHA1_96/MODP_1024/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA1_96/MODP_1024/NO_EXT_SEQ, ESP:AES_CBC/HMAC_SHA1_96/MODP_1024/NO_EXT_SEQ, ...
configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_1024/NO_EXT_SEQ, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/BLOWFISH_CBC_256/HMAC_SHA1_96/AES_XCBC_96...
no matching proposal found, sending NO_PROPOSAL_CHOSEN
</pre>


So I debugged and found FritzBox was sending key size 0 (meaning AES128?)

So I patched proposal.c from
<pre>

if (alg1 == alg2 && ks1 == ks2)
</pre>
to
<pre>

if (alg1 == alg2 && (ks1 == ks2 || ks1==128 && ks2==0))
</pre>

and it worked.

Is FritzBox sending 0 for 128 and is this compliant?

Thank you!
Daniel

Back