diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2013-01-12 11:58:26 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2013-01-12 11:58:26 +0100 |
| commit | 21235e1ec247b1d1bd58096f72d4f0dc21cec66f (patch) | |
| tree | 97f8ee3441c0c2ec6c3318a4b02b836a4edf91ab /src/libcharon/encoding/message.c | |
| parent | 54a1a75b2f5f3a9419eb5c18c07173827d5c9b39 (diff) | |
| parent | f31b418094f2f9deb9a69244bf01e8d5dd4c3337 (diff) | |
| download | strongswan-21235e1ec247b1d1bd58096f72d4f0dc21cec66f.tar.bz2 strongswan-21235e1ec247b1d1bd58096f72d4f0dc21cec66f.tar.xz | |
Merge branch 'ikev1-fragmentation'
This adds support for the proprietary IKEv1 fragmentation extension.
Conflicts:
NEWS
Diffstat (limited to 'src/libcharon/encoding/message.c')
| -rw-r--r-- | src/libcharon/encoding/message.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 55e9f33fc..28fdda735 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -442,6 +442,7 @@ static payload_rule_t id_prot_i_rules[] = { {CERTIFICATE_V1, 0, 2, TRUE, FALSE}, {SIGNATURE_V1, 0, 1, TRUE, FALSE}, {HASH_V1, 0, 1, TRUE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -461,6 +462,7 @@ static payload_order_t id_prot_i_order[] = { {VENDOR_ID_V1, 0}, {NAT_D_V1, 0}, {NAT_D_DRAFT_00_03_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -480,6 +482,7 @@ static payload_rule_t id_prot_r_rules[] = { {CERTIFICATE_V1, 0, 2, TRUE, FALSE}, {SIGNATURE_V1, 0, 1, TRUE, FALSE}, {HASH_V1, 0, 1, TRUE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -499,6 +502,7 @@ static payload_order_t id_prot_r_order[] = { {VENDOR_ID_V1, 0}, {NAT_D_V1, 0}, {NAT_D_DRAFT_00_03_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -518,6 +522,7 @@ static payload_rule_t aggressive_i_rules[] = { {CERTIFICATE_V1, 0, 1, TRUE, FALSE}, {SIGNATURE_V1, 0, 1, TRUE, FALSE}, {HASH_V1, 0, 1, TRUE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -537,6 +542,7 @@ static payload_order_t aggressive_i_order[] = { {CERTIFICATE_REQUEST_V1, 0}, {NOTIFY_V1, 0}, {VENDOR_ID_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -556,6 +562,7 @@ static payload_rule_t aggressive_r_rules[] = { {CERTIFICATE_V1, 0, 1, FALSE, FALSE}, {SIGNATURE_V1, 0, 1, FALSE, FALSE}, {HASH_V1, 0, 1, FALSE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -575,6 +582,7 @@ static payload_order_t aggressive_r_order[] = { {CERTIFICATE_REQUEST_V1, 0}, {NOTIFY_V1, 0}, {VENDOR_ID_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -1693,6 +1701,12 @@ METHOD(message_t, parse_header, status_t, } this->first_payload = ike_header->payload_interface.get_next_type( &ike_header->payload_interface); + if (this->first_payload == FRAGMENT_V1 && this->is_encrypted) + { /* racoon sets the encryted bit when sending a fragment, but these + * messages are really not encrypted */ + this->is_encrypted = FALSE; + } + for (i = 0; i < countof(this->reserved); i++) { reserved = payload_get_field(&ike_header->payload_interface, |