aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/encoding/message.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/encoding/message.c')
-rw-r--r--src/libcharon/encoding/message.c22
1 files changed, 13 insertions, 9 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index b63264bf9..0a808ac02 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -574,6 +574,7 @@ static payload_order_t aggressive_r_order[] = {
*/
static payload_rule_t informational_i_rules_v1[] = {
/* payload type min max encr suff */
+ {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
{NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
{DELETE_V1, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
{VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
@@ -1946,22 +1947,25 @@ METHOD(message_t, parse_body, status_t,
{
hash_payload_t *hash_payload;
chunk_t other_hash;
- if (this->first_payload != HASH_V1)
+ if ((this->first_payload != HASH_V1) && (this->public.get_exchange_type(&this->public) != INFORMATIONAL_V1))
{
DBG1(DBG_ENC, "expected HASH payload as first payload");
chunk_free(&hash);
return VERIFY_ERROR;
}
- hash_payload = (hash_payload_t*)get_payload(this, HASH_V1);
- other_hash = hash_payload->get_hash(hash_payload);
- if (!chunk_equals(hash, other_hash))
+ if (this->first_payload == HASH_V1)
{
- DBG1(DBG_ENC, "our hash does not match received %B",
- &other_hash);
- chunk_free(&hash);
- return FAILED;
+ hash_payload = (hash_payload_t*)get_payload(this, HASH_V1);
+ other_hash = hash_payload->get_hash(hash_payload);
+ if (!chunk_equals(hash, other_hash))
+ {
+ DBG1(DBG_ENC, "our hash does not match received %B",
+ &other_hash);
+ chunk_free(&hash);
+ return FAILED;
+ }
+ DBG2(DBG_ENC, "verified IKEv1 message with hash %B", &hash);
}
- DBG2(DBG_ENC, "verified IKEv1 message with hash %B", &hash);
chunk_free(&hash);
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 21:18:12 +0000