aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/encoding/message.c
diff options
context:
space:
mode:
authorClavister OpenSource <opensource@clavister.com>2011-12-09 16:04:12 +0100
committerClavister OpenSource <opensource@clavister.com>2012-03-20 17:31:14 +0100
commitb8383f1f2dd2202bf2dc8b7e78851a22ead6603a (patch)
treef921c9202d83d81996e3e165383797abc9bfebb9 /src/libcharon/encoding/message.c
parentfbbd439bf9830c5ca8994f4b4549f91abddddbad (diff)
downloadstrongswan-b8383f1f2dd2202bf2dc8b7e78851a22ead6603a.tar.bz2
strongswan-b8383f1f2dd2202bf2dc8b7e78851a22ead6603a.tar.xz
Encrypt INFORMATIONAL exchange if needed
Diffstat (limited to 'src/libcharon/encoding/message.c')
-rwxr-xr-xsrc/libcharon/encoding/message.c33
1 files changed, 22 insertions, 11 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 91131ad22..1296475d5 100755
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1459,24 +1459,35 @@ METHOD(message_t, generate, status_t,
hash_payload->set_hash(hash_payload, hash);
this->payloads->insert_first(this->payloads,
(payload_t*)hash_payload);
+
+ if (this->exchange_type == INFORMATIONAL_V1)
+ {
+ DBG3(DBG_ENC, "encrypting IKEv1 INFORMATIONAL exchange message");
+ this->is_encrypted = TRUE;
+ encrypted = TRUE;
+ }
+
chunk_free(&hash);
}
- /* if at least one payload requires encryption, encrypt the message.
- * if we have no key material available, the flag will be reset below */
- enumerator = this->payloads->create_enumerator(this->payloads);
- while (enumerator->enumerate(enumerator, (void**)&payload))
+ if (!encrypted)
{
- payload_rule_t *rule;
- rule = get_payload_rule(this, payload->get_type(payload));
- if (rule && rule->encrypted)
+ /* if at least one payload requires encryption, encrypt the message.
+ * if we have no key material available, the flag will be reset below */
+ enumerator = this->payloads->create_enumerator(this->payloads);
+ while (enumerator->enumerate(enumerator, (void**)&payload))
{
- this->is_encrypted = TRUE;
- encrypted = TRUE;
- break;
+ payload_rule_t *rule;
+ rule = get_payload_rule(this, payload->get_type(payload));
+ if (rule && rule->encrypted)
+ {
+ this->is_encrypted = TRUE;
+ encrypted = TRUE;
+ break;
+ }
}
+ enumerator->destroy(enumerator);
}
- enumerator->destroy(enumerator);
}
DBG1(DBG_ENC, "generating %s", get_string(this, str, sizeof(str)));
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 21:00:34 +0000