aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/encoding
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2011-02-01 09:46:32 +0100
committerMartin Willi <martin@revosec.ch>2011-02-01 09:47:36 +0100
commitfe79cd4257953d5519e7f95250c7a34d90211352 (patch)
tree71b5546eb6d29df25cdab53a893e8e14ee5db0cf /src/libcharon/encoding
parent1d34612f073181abf6de81da1ee2f1cd80a7cacd (diff)
downloadstrongswan-fe79cd4257953d5519e7f95250c7a34d90211352.tar.bz2
strongswan-fe79cd4257953d5519e7f95250c7a34d90211352.tar.xz
Accept non-encrypted INFORMATIONALs for ME connectivity checks
Diffstat (limited to 'src/libcharon/encoding')
-rw-r--r--src/libcharon/encoding/message.c28
1 files changed, 27 insertions, 1 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 860ef627a..dbef340ab 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1249,6 +1249,31 @@ METHOD(message_t, parse_header, status_t,
}
/**
+ * Check if a payload is for a mediation extension connectivity check
+ */
+static bool is_connectivity_check(private_message_t *this, payload_t *payload)
+{
+#ifdef ME
+ if (this->exchange_type == INFORMATIONAL &&
+ payload->get_type(payload) == NOTIFY)
+ {
+ notify_payload_t *notify = (notify_payload_t*)payload;
+
+ switch (notify->get_notify_type(notify))
+ {
+ case ME_CONNECTID:
+ case ME_ENDPOINT:
+ case ME_CONNECTAUTH:
+ return TRUE;
+ default:
+ break;
+ }
+ }
+#endif /* !ME */
+ return FALSE;
+}
+
+/**
* Decrypt payload from the encryption payload
*/
static status_t decrypt_payloads(private_message_t *this, aead_t *aead)
@@ -1319,7 +1344,8 @@ static status_t decrypt_payloads(private_message_t *this, aead_t *aead)
}
encryption->destroy(encryption);
}
- if (payload_is_known(type) && !was_encrypted)
+ if (payload_is_known(type) && !was_encrypted &&
+ !is_connectivity_check(this, payload))
{
rule = get_payload_rule(this, type);
if (!rule || rule->encrypted)