diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-12-12 18:18:37 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-12-24 10:24:48 +0100 |
| commit | ddfad8b67e9b673941558a4709c93379eafc7313 (patch) | |
| tree | 0860d711054e446faf0b88e2d5d44db167abdc57 /src/libcharon | |
| parent | 8f0ab6dd366ff4d43f5372113035de46d376f784 (diff) | |
| download | strongswan-ddfad8b67e9b673941558a4709c93379eafc7313.tar.bz2 strongswan-ddfad8b67e9b673941558a4709c93379eafc7313.tar.xz | |
Reset the encrypted flag when handling IKE messages that contain a fragment
Racoon sets the encrypted bit for messages containing a fragment, but these
messages are not really encrypted (the fragmented message is though).
Diffstat (limited to 'src/libcharon')
| -rw-r--r-- | src/libcharon/encoding/message.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 55e9f33fc..c0f468663 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -1693,6 +1693,12 @@ METHOD(message_t, parse_header, status_t, } this->first_payload = ike_header->payload_interface.get_next_type( &ike_header->payload_interface); + if (this->first_payload == FRAGMENT_V1 && this->is_encrypted) + { /* racoon sets the encryted bit when sending a fragment, but these + * messages are really not encrypted */ + this->is_encrypted = FALSE; + } + for (i = 0; i < countof(this->reserved); i++) { reserved = payload_get_field(&ike_header->payload_interface, |