aboutsummaryrefslogtreecommitdiffstats
path: root/Source
diff options
context:
space:
mode:
Diffstat (limited to 'Source')
-rw-r--r--Source/charon/encoding/message.c3
-rw-r--r--Source/charon/encoding/payloads/Makefile.payloads4
-rw-r--r--Source/charon/encoding/payloads/auth_payload.c2
-rw-r--r--Source/charon/encoding/payloads/id_payload.c2
-rw-r--r--Source/charon/encoding/payloads/id_payload.h2
-rw-r--r--Source/charon/encoding/payloads/proposal_substructure.c22
-rw-r--r--Source/charon/encoding/payloads/sa_payload.c13
-rw-r--r--Source/charon/encoding/payloads/transform_substructure.c23
-rw-r--r--Source/charon/sa/states/responder_init.c2
9 files changed, 60 insertions, 13 deletions
diff --git a/Source/charon/encoding/message.c b/Source/charon/encoding/message.c
index 82572e5a8..9e962328b 100644
--- a/Source/charon/encoding/message.c
+++ b/Source/charon/encoding/message.c
@@ -614,6 +614,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "payload type %s could not be verified",mapping_find(payload_type_m,current_payload_type));
+ current_payload->destroy(current_payload);
status = VERIFY_ERROR;
return status;
}
@@ -627,12 +628,14 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "encryption payload signature invaild");
+ current_payload->destroy(current_payload);
return status;
}
status = encryption_payload->decrypt(encryption_payload, crypter);
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "parsing decrypted encryption payload failed");
+ current_payload->destroy(current_payload);
return status;
}
}
diff --git a/Source/charon/encoding/payloads/Makefile.payloads b/Source/charon/encoding/payloads/Makefile.payloads
index da2587eb8..c9046a089 100644
--- a/Source/charon/encoding/payloads/Makefile.payloads
+++ b/Source/charon/encoding/payloads/Makefile.payloads
@@ -42,6 +42,10 @@ OBJS+= $(BUILD_DIR)auth_payload.o
$(BUILD_DIR)auth_payload.o : $(PAYLOADS_DIR)auth_payload.c $(PAYLOADS_DIR)auth_payload.h
$(CC) $(CFLAGS) -c -o $@ $<
+#OBJS+= $(BUILD_DIR)ts_payload.o
+#$(BUILD_DIR)ts_payload.o : $(PAYLOADS_DIR)ts_payload.c $(PAYLOADS_DIR)ts_payload.h
+# $(CC) $(CFLAGS) -c -o $@ $<
+
OBJS+= $(BUILD_DIR)payload.o
$(BUILD_DIR)payload.o : $(PAYLOADS_DIR)payload.c $(PAYLOADS_DIR)payload.h
$(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/charon/encoding/payloads/auth_payload.c b/Source/charon/encoding/payloads/auth_payload.c
index d5af17ff5..1070826c2 100644
--- a/Source/charon/encoding/payloads/auth_payload.c
+++ b/Source/charon/encoding/payloads/auth_payload.c
@@ -1,7 +1,7 @@
/**
* @file auth_payload.h
*
- * @brief Interface of auth_payload_t.
+ * @brief Implementation of auth_payload_t.
*
*/
diff --git a/Source/charon/encoding/payloads/id_payload.c b/Source/charon/encoding/payloads/id_payload.c
index 6201dcce1..073be7972 100644
--- a/Source/charon/encoding/payloads/id_payload.c
+++ b/Source/charon/encoding/payloads/id_payload.c
@@ -53,7 +53,7 @@ struct private_id_payload_t {
id_payload_t public;
/**
- * TRUE if this ID payload is of type IDi, FALSE for IDr
+ * TRUE if this ID payload is of type IDi, FALSE for IDr.
*/
bool is_initiator;
diff --git a/Source/charon/encoding/payloads/id_payload.h b/Source/charon/encoding/payloads/id_payload.h
index 6837d910a..416c1c4b5 100644
--- a/Source/charon/encoding/payloads/id_payload.h
+++ b/Source/charon/encoding/payloads/id_payload.h
@@ -176,8 +176,6 @@ struct id_payload_t {
/**
* @brief Creates an empty id_payload_t object.
*
- * As default a ID payload of type IDi is created.
- *
* @param is_initiator
* - TRUE if this payload is of type IDi
* - FALSE if this payload is of type IDr
diff --git a/Source/charon/encoding/payloads/proposal_substructure.c b/Source/charon/encoding/payloads/proposal_substructure.c
index c80880d77..354eedb9e 100644
--- a/Source/charon/encoding/payloads/proposal_substructure.c
+++ b/Source/charon/encoding/payloads/proposal_substructure.c
@@ -141,6 +141,9 @@ encoding_rule_t proposal_substructure_encodings[] = {
*/
static status_t verify(private_proposal_substructure_t *this)
{
+ status_t status = SUCCESS;
+ iterator_t *iterator;
+
if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != PROPOSAL_SUBSTRUCTURE))
{
/* must be 0 or 2 */
@@ -157,9 +160,26 @@ static status_t verify(private_proposal_substructure_t *this)
/* reserved are not supported */
return FAILED;
}
+
+ iterator = this->transforms->create_iterator(this->transforms,TRUE);
+
+ while(iterator->has_next(iterator))
+ {
+ payload_t *current_transform;
+ iterator->current(iterator,(void **)&current_transform);
+
+ status = current_transform->verify(current_transform);
+ if (status != SUCCESS)
+ {
+ break;
+ }
+ }
+
+ iterator->destroy(iterator);
+
/* proposal number is checked in SA payload */
- return SUCCESS;
+ return status;
}
/**
diff --git a/Source/charon/encoding/payloads/sa_payload.c b/Source/charon/encoding/payloads/sa_payload.c
index d9175de60..4054c6fb3 100644
--- a/Source/charon/encoding/payloads/sa_payload.c
+++ b/Source/charon/encoding/payloads/sa_payload.c
@@ -115,7 +115,7 @@ encoding_rule_t sa_payload_encodings[] = {
static status_t verify(private_sa_payload_t *this)
{
int proposal_number = 1;
- status_t status;
+ status_t status = SUCCESS;
iterator_t *iterator;
bool first = TRUE;
@@ -131,10 +131,7 @@ static status_t verify(private_sa_payload_t *this)
while(iterator->has_next(iterator))
{
proposal_substructure_t *current_proposal;
- status = iterator->current(iterator,(void **)&current_proposal);
- {
- break;
- }
+ iterator->current(iterator,(void **)&current_proposal);
if (current_proposal->get_proposal_number(current_proposal) > proposal_number)
{
if (first)
@@ -158,6 +155,12 @@ static status_t verify(private_sa_payload_t *this)
status = FAILED;
break;
}
+
+ status = current_proposal->payload_interface.verify(&(current_proposal->payload_interface));
+ if (status != SUCCESS)
+ {
+ break;
+ }
first = FALSE;
}
diff --git a/Source/charon/encoding/payloads/transform_substructure.c b/Source/charon/encoding/payloads/transform_substructure.c
index 4e3655b15..3c91b257c 100644
--- a/Source/charon/encoding/payloads/transform_substructure.c
+++ b/Source/charon/encoding/payloads/transform_substructure.c
@@ -148,7 +148,10 @@ encoding_rule_t transform_substructure_encodings[] = {
*/
static status_t verify(private_transform_substructure_t *this)
{
- if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != TRANSFORM_SUBSTRUCTURE))
+ status_t status = SUCCESS;
+ iterator_t *iterator;
+
+ if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 3))
{
/* must be 0 or 3 */
return FAILED;
@@ -218,9 +221,25 @@ static status_t verify(private_transform_substructure_t *this)
return FAILED;
}
}
+ iterator = this->attributes->create_iterator(this->attributes,TRUE);
+
+ while(iterator->has_next(iterator))
+ {
+ payload_t *current_attributes;
+ iterator->current(iterator,(void **)&current_attributes);
+
+ status = current_attributes->verify(current_attributes);
+ if (status != SUCCESS)
+ {
+ break;
+ }
+ }
+
+ iterator->destroy(iterator);
+
/* proposal number is checked in SA payload */
- return SUCCESS;
+ return status;
}
/**
diff --git a/Source/charon/sa/states/responder_init.c b/Source/charon/sa/states/responder_init.c
index ae906fc39..c056502b3 100644
--- a/Source/charon/sa/states/responder_init.c
+++ b/Source/charon/sa/states/responder_init.c
@@ -275,7 +275,6 @@ static status_t process_message(private_responder_init_t *this, message_t *messa
payloads->destroy(payloads);
return NOT_SUPPORTED;
}
-
this->logger->log(this->logger, CONTROL | MORE, "Set other DH public value");
dh->set_other_public_value(dh, ke_payload->get_key_exchange_data(ke_payload));
@@ -425,6 +424,7 @@ static void build_ke_payload(private_responder_init_t *this, payload_t **payload
this->diffie_hellman->get_my_public_value(this->diffie_hellman,&key_data);
ke_payload = ke_payload_create();
+ ke_payload->set_key_exchange_data(ke_payload,key_data);
ke_payload->set_dh_group_number(ke_payload, MODP_1024_BIT);
allocator_free_chunk(&key_data);
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-20 23:16:39 +0000