diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-08-03 13:30:11 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2015-08-04 11:23:27 +0200 |
| commit | a7f381ef000eb4f7687f64e967d66089085d3821 (patch) | |
| tree | 4352de2f3fbbb0f924f2024cdade862ee9c2a7c9 /src | |
| parent | 3434709460d83295d54f3bf5ad46cbd197e859cb (diff) | |
| download | strongswan-a7f381ef000eb4f7687f64e967d66089085d3821.tar.bz2 strongswan-a7f381ef000eb4f7687f64e967d66089085d3821.tar.xz | |
ha: Properly initialize algo variables when installing CHILD_SAs
If AEAD algorithms are used no integrity algorithm will be received from
the other HA node. But since AUTH_UNDEFINED is 1024 and not 0 this value
was incorrectly added to the proposal, resulting in a failure during key
derivation. The variables are now explicitly initialized to 0, as already
was the case for the IKE SAs.
Fixes #1051.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/plugins/ha/ha_dispatcher.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index 75d503084..afa099309 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -647,7 +647,7 @@ static void process_child_add(private_ha_dispatcher_t *this, u_int32_t inbound_spi = 0, outbound_spi = 0; u_int16_t inbound_cpi = 0, outbound_cpi = 0; u_int8_t mode = MODE_TUNNEL, ipcomp = 0; - u_int16_t encr = ENCR_UNDEFINED, integ = AUTH_UNDEFINED, len = 0; + u_int16_t encr = 0, integ = 0, len = 0; u_int16_t esn = NO_EXT_SEQ_NUMBERS; u_int seg_i, seg_o; chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty, secret = chunk_empty; |