Include source port in init hash for fragmented messages

author: Tobias Brunner <tobias@strongswan.org> 2012-12-21 18:40:23 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2012-12-24 12:29:31 +0100
commit: e645c15b9c918303134b1be63d67dacf51e1945b (patch)
tree: 773415bc14a85f814d55e60383308853fed3791e
parent: 2f62bb1549c7c4c35453674b4ad3bd00dfa6b162 (diff)
download: strongswan-e645c15b9c918303134b1be63d67dacf51e1945b.tar.bz2
strongswan-e645c15b9c918303134b1be63d67dacf51e1945b.tar.xz
1 files changed, 8 insertions, 1 deletions
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index 260da8be1..2ac8c3123 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -975,7 +975,8 @@ static bool get_init_hash(private_ike_sa_manager_t *this, message_t *message,
 		return FALSE;
 	}
 	if (message->get_first_payload_type(message) == FRAGMENT_V1)
-	{	/* only hash the source IP and SPI for fragmented init messages */
+	{	/* only hash the source IP, port and SPI for fragmented init messages */
+		u_int16_t port;
 		u_int64_t spi;
 
 		src = message->get_source(message);
@@ -984,6 +985,12 @@ static bool get_init_hash(private_ike_sa_manager_t *this, message_t *message,
 		{
 			return FALSE;
 		}
+		port = src->get_port(src);
+		if (!this->hasher->allocate_hash(this->hasher,
+										 chunk_from_thing(port), NULL))
+		{
+			return FALSE;
+		}
 		spi = message->get_initiator_spi(message);
 		return this->hasher->allocate_hash(this->hasher,
 										   chunk_from_thing(spi), hash);
author	Tobias Brunner <tobias@strongswan.org>	2012-12-21 18:40:23 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2012-12-24 12:29:31 +0100
commit	e645c15b9c918303134b1be63d67dacf51e1945b (patch)
tree	773415bc14a85f814d55e60383308853fed3791e
parent	2f62bb1549c7c4c35453674b4ad3bd00dfa6b162 (diff)
download	strongswan-e645c15b9c918303134b1be63d67dacf51e1945b.tar.bz2 strongswan-e645c15b9c918303134b1be63d67dacf51e1945b.tar.xz