From 2dd0cbad46a24503eb4961957ee2bb20fd9ad8e5 Mon Sep 17 00:00:00 2001
From: Daniel Lenski <dlenski@gmail.com>
Date: Sun, 7 Mar 2021 14:40:00 -0800
Subject: [PATCH] bugfix: condition for incomplete ESP config with GP was
 inverted

Fixes #227. Messed this up in https://gitlab.com/openconnect/openconnect/-/commit/edb1591f313167df4b708123e338975335b55203

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---
 gpst.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gpst.c b/gpst.c
index d06210b6..a08918aa 100644
--- a/gpst.c
+++ b/gpst.c
@@ -601,7 +601,7 @@ static int gpst_parse_config_xml(struct openconnect_info *vpninfo, xmlNode *xml_
 					else if (!xmlnode_get_val(member, "ipsec-mode", &s) && strcmp(s, "esp-tunnel"))
 						vpn_progress(vpninfo, PRG_ERR, _("GlobalProtect config sent ipsec-mode=%s (expected esp-tunnel)\n"), s);
 				}
-				if (vpninfo->esp_enc > 0 && vpninfo->esp_hmac > 0 && vpninfo->enc_key_len > 0 && vpninfo->hmac_key_len > 0)
+				if (!(vpninfo->esp_enc > 0 && vpninfo->esp_hmac > 0 && vpninfo->enc_key_len > 0 && vpninfo->hmac_key_len > 0))
 					vpn_progress(vpninfo, PRG_ERR, "Server's ESP configuration is incomplete or uses unknown algorithms.\n");
 				else if (openconnect_setup_esp_keys(vpninfo, 0))
 					vpn_progress(vpninfo, PRG_ERR, "Failed to setup ESP keys.\n");
-- 
2.49.0