iv_gen: Provide external sequence number (IKE, ESP)

This prevents duplicate sequential IVs in case of a HA failover.
author: Tobias Brunner <tobias@strongswan.org> 2013-08-05 15:41:45 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2013-10-11 15:55:40 +0200
commit: e8229ad558efcb7b07c6ef0f77269120d49500f9 (patch)
tree: 381b9b0c797ba4642775b9aa0f933dbb89239a47 /src/libipsec
parent: d74c254dfd88b497a5262a3d8ce2dc7a684c74a8 (diff)
download: strongswan-e8229ad558efcb7b07c6ef0f77269120d49500f9.tar.bz2
strongswan-e8229ad558efcb7b07c6ef0f77269120d49500f9.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libipsec/esp_packet.c b/src/libipsec/esp_packet.c
index 1b8625ca7..db5ef3685 100644
--- a/src/libipsec/esp_packet.c
+++ b/src/libipsec/esp_packet.c
@@ -319,7 +319,7 @@ METHOD(esp_packet_t, encrypt, status_t,
 	writer->write_uint32(writer, next_seqno);
 
 	iv = writer->skip(writer, iv.len);
-	if (!iv_gen->get_iv(iv_gen, iv.len, iv.ptr))
+	if (!iv_gen->get_iv(iv_gen, next_seqno, iv.len, iv.ptr))
 	{
 		DBG1(DBG_ESP, "ESP encryption failed: could not generate IV");
 		writer->destroy(writer);
author	Tobias Brunner <tobias@strongswan.org>	2013-08-05 15:41:45 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2013-10-11 15:55:40 +0200
commit	e8229ad558efcb7b07c6ef0f77269120d49500f9 (patch)
tree	381b9b0c797ba4642775b9aa0f933dbb89239a47 /src/libipsec
parent	d74c254dfd88b497a5262a3d8ce2dc7a684c74a8 (diff)
download	strongswan-e8229ad558efcb7b07c6ef0f77269120d49500f9.tar.bz2 strongswan-e8229ad558efcb7b07c6ef0f77269120d49500f9.tar.xz