diff options
| author | Martin Willi <martin@revosec.ch> | 2012-05-23 12:27:47 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-05-23 12:27:47 +0200 |
| commit | 3c475660c50fa11d6b95b86072cf35165057c911 (patch) | |
| tree | 1ffd16aee8d214dd9f4f12352f6915daa3c9bde7 /src | |
| parent | 523ce7c20cdc86e732e3a2b00f5749552fdea2c8 (diff) | |
| download | strongswan-3c475660c50fa11d6b95b86072cf35165057c911.tar.bz2 strongswan-3c475660c50fa11d6b95b86072cf35165057c911.tar.xz | |
Apply IDir before deriving keys as aggressive initiator
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/sa/ikev1/tasks/aggressive_mode.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c index e1c51a865..664fce918 100644 --- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c +++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c @@ -569,10 +569,6 @@ METHOD(task_t, process_i, status_t, { return send_notify(this, NO_PROPOSAL_CHOSEN); } - if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method)) - { - return send_notify(this, INVALID_KEY_INFORMATION); - } id_payload = (id_payload_t*)message->get_payload(message, ID_V1); if (!id_payload) @@ -590,6 +586,10 @@ METHOD(task_t, process_i, status_t, } this->ike_sa->set_other_id(this->ike_sa, id); + if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method)) + { + return send_notify(this, INVALID_KEY_INFORMATION); + } if (!this->ph1->verify_auth(this->ph1, this->method, message, id_payload->get_encoded(id_payload))) { |