diff options
| author | Martin Willi <martin@revosec.ch> | 2010-11-10 15:34:38 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2011-01-05 16:45:43 +0100 |
| commit | fea3aa5d12a7ab90df762256010f8be468d6a5ae (patch) | |
| tree | 1cbc3c35faf7e06bae2efb9806db51d29151ad17 /src | |
| parent | 9b2ed9501fa69f82e4302c6bc094d0d8572b7111 (diff) | |
| download | strongswan-fea3aa5d12a7ab90df762256010f8be468d6a5ae.tar.bz2 strongswan-fea3aa5d12a7ab90df762256010f8be468d6a5ae.tar.xz | |
Check for exceeded payload count even if we have a found one flagged as sufficient
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/encoding/message.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index f4cb5b0e1..913b57c62 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -1295,6 +1295,7 @@ static status_t decrypt_payloads(private_message_t *this, aead_t *aead) */ static status_t verify(private_message_t *this) { + bool complete = FALSE; int i; DBG2(DBG_ENC, "verifying message structure"); @@ -1343,15 +1344,15 @@ static status_t verify(private_message_t *this) } enumerator->destroy(enumerator); - if (found < rule->min_occurence) + if (!complete && found < rule->min_occurence) { DBG1(DBG_ENC, "payload of type %N not occured %d times (%d)", payload_type_names, rule->type, rule->min_occurence, found); return VERIFY_ERROR; } - if (rule->sufficient) + if (found && rule->sufficient) { - return SUCCESS; + complete = TRUE; } } return SUCCESS; |