Index: freeswan/pluto/kernel_alg.c
===================================================================
RCS file: /home/jjo/cvs.juanjo/freeswan/pluto/Attic/kernel_alg.c,v
retrieving revision 1.1.2.24
diff -u -r1.1.2.24 kernel_alg.c
--- freeswan/pluto/kernel_alg.c	12 Sep 2002 16:08:25 -0000	1.1.2.24
+++ freeswan/pluto/kernel_alg.c	2 Oct 2002 03:16:36 -0000
@@ -389,6 +389,20 @@
 	if (!ESP_EALG_PRESENT(alg_id))
 		goto none;
 	keylen=esp_ealg[alg_id].sadb_alg_maxbits/BITS_PER_BYTE;
+	switch (alg_id) {
+		/* 
+		 * this is veryUgly[TM]
+		 * Peer should have sent KEY_LENGTH attribute for ESP_AES
+		 * but if not do force it to 128 instead of using sadb_alg_maxbits
+		 * from kernel.
+		 * That's the case for alg-0.7.x and earlier versions.
+		 *
+		 * --jjo 01-Oct-02
+		 */
+		case ESP_AES:
+			keylen=128/BITS_PER_BYTE;
+			break;
+	}
 none:	
 	DBG(DBG_KLIPS, DBG_log("kernel_alg_esp_enc_keylen():"
 		"alg_id=%d, keylen=%d",
@@ -537,8 +551,8 @@
 	memset(&ei_buf, 0, sizeof (ei_buf));
 	ei_buf.transid=transid;
 	ei_buf.auth=auth;
-	ei_buf.enckeylen=esp_ealg[sadb_ealg].sadb_alg_maxbits/BITS_PER_BYTE;
-
+	/* ei_buf.enckeylen=esp_ealg[sadb_ealg].sadb_alg_maxbits/BITS_PER_BYTE; */
+	ei_buf.enckeylen=kernel_alg_esp_enc_keylen(sadb_ealg);
 	ei_buf.authkeylen=esp_aalg[sadb_aalg].sadb_alg_maxbits/BITS_PER_BYTE;
 	ei_buf.encryptalg=sadb_ealg;
 	ei_buf.authalg=sadb_aalg;