diff options
author | Tobias Brunner <tobias@strongswan.org> | 2013-08-05 15:41:45 +0200 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2013-10-11 15:55:40 +0200 |
commit | e8229ad558efcb7b07c6ef0f77269120d49500f9 (patch) | |
tree | 381b9b0c797ba4642775b9aa0f933dbb89239a47 /src/libipsec | |
parent | d74c254dfd88b497a5262a3d8ce2dc7a684c74a8 (diff) | |
download | strongswan-e8229ad558efcb7b07c6ef0f77269120d49500f9.tar.bz2 strongswan-e8229ad558efcb7b07c6ef0f77269120d49500f9.tar.xz |
iv_gen: Provide external sequence number (IKE, ESP)
This prevents duplicate sequential IVs in case of a HA failover.
Diffstat (limited to 'src/libipsec')
-rw-r--r-- | src/libipsec/esp_packet.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libipsec/esp_packet.c b/src/libipsec/esp_packet.c index 1b8625ca7..db5ef3685 100644 --- a/src/libipsec/esp_packet.c +++ b/src/libipsec/esp_packet.c @@ -319,7 +319,7 @@ METHOD(esp_packet_t, encrypt, status_t, writer->write_uint32(writer, next_seqno); iv = writer->skip(writer, iv.len); - if (!iv_gen->get_iv(iv_gen, iv.len, iv.ptr)) + if (!iv_gen->get_iv(iv_gen, next_seqno, iv.len, iv.ptr)) { DBG1(DBG_ESP, "ESP encryption failed: could not generate IV"); writer->destroy(writer); |