encoding: Verify the length of KE payload data for known groups

IKE is very strict in the length of KE payloads, and it should be safe to
strictly verify their length. Not doing so is no direct threat, but allows DDoS
amplification by sending short KE payloads for large groups using the target
as the source address.

0 files changed, 0 insertions, 0 deletions