diff options
| author | Martin Willi <martin@revosec.ch> | 2011-02-01 09:46:32 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2011-02-01 09:47:36 +0100 |
| commit | fe79cd4257953d5519e7f95250c7a34d90211352 (patch) | |
| tree | 71b5546eb6d29df25cdab53a893e8e14ee5db0cf | |
| parent | 1d34612f073181abf6de81da1ee2f1cd80a7cacd (diff) | |
| download | strongswan-fe79cd4257953d5519e7f95250c7a34d90211352.tar.bz2 strongswan-fe79cd4257953d5519e7f95250c7a34d90211352.tar.xz | |
Accept non-encrypted INFORMATIONALs for ME connectivity checks
| -rw-r--r-- | src/libcharon/encoding/message.c | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 860ef627a..dbef340ab 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -1249,6 +1249,31 @@ METHOD(message_t, parse_header, status_t, } /** + * Check if a payload is for a mediation extension connectivity check + */ +static bool is_connectivity_check(private_message_t *this, payload_t *payload) +{ +#ifdef ME + if (this->exchange_type == INFORMATIONAL && + payload->get_type(payload) == NOTIFY) + { + notify_payload_t *notify = (notify_payload_t*)payload; + + switch (notify->get_notify_type(notify)) + { + case ME_CONNECTID: + case ME_ENDPOINT: + case ME_CONNECTAUTH: + return TRUE; + default: + break; + } + } +#endif /* !ME */ + return FALSE; +} + +/** * Decrypt payload from the encryption payload */ static status_t decrypt_payloads(private_message_t *this, aead_t *aead) @@ -1319,7 +1344,8 @@ static status_t decrypt_payloads(private_message_t *this, aead_t *aead) } encryption->destroy(encryption); } - if (payload_is_known(type) && !was_encrypted) + if (payload_is_known(type) && !was_encrypted && + !is_connectivity_check(this, payload)) { rule = get_payload_rule(this, type); if (!rule || rule->encrypted) |