diff options
| -rw-r--r-- | src/libcharon/plugins/ha/ha_child.c | 4 | ||||
| -rw-r--r-- | src/libcharon/plugins/ha/ha_dispatcher.c | 5 | ||||
| -rw-r--r-- | src/libcharon/plugins/ha/ha_message.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/ha/ha_message.h | 2 |
4 files changed, 13 insertions, 0 deletions
diff --git a/src/libcharon/plugins/ha/ha_child.c b/src/libcharon/plugins/ha/ha_child.c index 1a9425423..707add94d 100644 --- a/src/libcharon/plugins/ha/ha_child.c +++ b/src/libcharon/plugins/ha/ha_child.c @@ -91,6 +91,10 @@ METHOD(listener_t, child_keys, bool, { m->add_attribute(m, HA_ALG_INTEG, alg); } + if (proposal->get_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, &alg, NULL)) + { + m->add_attribute(m, HA_ESN, alg); + } m->add_attribute(m, HA_NONCE_I, nonce_i); m->add_attribute(m, HA_NONCE_R, nonce_r); if (dh && dh->get_shared_secret(dh, &secret) == SUCCESS) diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index 85dc0f4a4..0d0df8dd1 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -462,6 +462,7 @@ static void process_child_add(private_ha_dispatcher_t *this, u_int16_t inbound_cpi = 0, outbound_cpi = 0; u_int8_t mode = MODE_TUNNEL, ipcomp = 0; u_int16_t encr = ENCR_UNDEFINED, integ = AUTH_UNDEFINED, len = 0; + u_int16_t esn = NO_EXT_SEQ_NUMBERS; u_int seg_i, seg_o; chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty, secret = chunk_empty; chunk_t encr_i, integ_i, encr_r, integ_r; @@ -512,6 +513,9 @@ static void process_child_add(private_ha_dispatcher_t *this, case HA_ALG_INTEG: integ = value.u16; break; + case HA_ESN: + esn = value.u16; + break; case HA_NONCE_I: nonce_i = value.chunk; break; @@ -558,6 +562,7 @@ static void process_child_add(private_ha_dispatcher_t *this, { proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, encr, len); } + proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, esn, 0); keymat = ike_sa->get_keymat(ike_sa); if (!keymat->derive_child_keys(keymat, proposal, secret.ptr ? &dh : NULL, diff --git a/src/libcharon/plugins/ha/ha_message.c b/src/libcharon/plugins/ha/ha_message.c index 7ce9cbe09..f98f78dd4 100644 --- a/src/libcharon/plugins/ha/ha_message.c +++ b/src/libcharon/plugins/ha/ha_message.c @@ -234,6 +234,7 @@ METHOD(ha_message_t, add_attribute, void, case HA_INBOUND_CPI: case HA_OUTBOUND_CPI: case HA_SEGMENT: + case HA_ESN: { u_int16_t val; @@ -447,6 +448,7 @@ METHOD(enumerator_t, attribute_enumerate, bool, case HA_INBOUND_CPI: case HA_OUTBOUND_CPI: case HA_SEGMENT: + case HA_ESN: { if (this->buf.len < sizeof(u_int16_t)) { diff --git a/src/libcharon/plugins/ha/ha_message.h b/src/libcharon/plugins/ha/ha_message.h index 50e11830f..1f8eabd62 100644 --- a/src/libcharon/plugins/ha/ha_message.h +++ b/src/libcharon/plugins/ha/ha_message.h @@ -140,6 +140,8 @@ enum ha_message_attribute_t { HA_MID, /** u_int16_t, HA segment */ HA_SEGMENT, + /** u_int16_t, Extended Sequence numbers */ + HA_ESN, }; /** |