diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-12-21 16:40:58 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-12-24 10:24:48 +0100 |
| commit | 9b1659f52c9dba7f5c4c827a7cda474bb83d992f (patch) | |
| tree | a36bff4835b65b6defb38ae4156d763f9fd76500 /src | |
| parent | ddfad8b67e9b673941558a4709c93379eafc7313 (diff) | |
| download | strongswan-9b1659f52c9dba7f5c4c827a7cda474bb83d992f.tar.bz2 strongswan-9b1659f52c9dba7f5c4c827a7cda474bb83d992f.tar.xz | |
Add message rules to properly handle IKE fragments
These are sent in unencrypted messages and are the only payload
contained in such messages.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/encoding/message.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index c0f468663..28fdda735 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -442,6 +442,7 @@ static payload_rule_t id_prot_i_rules[] = { {CERTIFICATE_V1, 0, 2, TRUE, FALSE}, {SIGNATURE_V1, 0, 1, TRUE, FALSE}, {HASH_V1, 0, 1, TRUE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -461,6 +462,7 @@ static payload_order_t id_prot_i_order[] = { {VENDOR_ID_V1, 0}, {NAT_D_V1, 0}, {NAT_D_DRAFT_00_03_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -480,6 +482,7 @@ static payload_rule_t id_prot_r_rules[] = { {CERTIFICATE_V1, 0, 2, TRUE, FALSE}, {SIGNATURE_V1, 0, 1, TRUE, FALSE}, {HASH_V1, 0, 1, TRUE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -499,6 +502,7 @@ static payload_order_t id_prot_r_order[] = { {VENDOR_ID_V1, 0}, {NAT_D_V1, 0}, {NAT_D_DRAFT_00_03_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -518,6 +522,7 @@ static payload_rule_t aggressive_i_rules[] = { {CERTIFICATE_V1, 0, 1, TRUE, FALSE}, {SIGNATURE_V1, 0, 1, TRUE, FALSE}, {HASH_V1, 0, 1, TRUE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -537,6 +542,7 @@ static payload_order_t aggressive_i_order[] = { {CERTIFICATE_REQUEST_V1, 0}, {NOTIFY_V1, 0}, {VENDOR_ID_V1, 0}, + {FRAGMENT_V1, 0}, }; /** @@ -556,6 +562,7 @@ static payload_rule_t aggressive_r_rules[] = { {CERTIFICATE_V1, 0, 1, FALSE, FALSE}, {SIGNATURE_V1, 0, 1, FALSE, FALSE}, {HASH_V1, 0, 1, FALSE, FALSE}, + {FRAGMENT_V1, 0, 1, FALSE, TRUE}, }; /** @@ -575,6 +582,7 @@ static payload_order_t aggressive_r_order[] = { {CERTIFICATE_REQUEST_V1, 0}, {NOTIFY_V1, 0}, {VENDOR_ID_V1, 0}, + {FRAGMENT_V1, 0}, }; /** |