From 5f15faebc81682a9814bb8e5ae46001de69d4717 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 25 Nov 2010 11:35:43 +0100 Subject: Include the used reserved bytes from ID payloads in AUTH calculation --- src/conftest/hooks/pretend_auth.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/conftest/hooks/pretend_auth.c') diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c index 451c414bd..4b7168cac 100644 --- a/src/conftest/hooks/pretend_auth.c +++ b/src/conftest/hooks/pretend_auth.c @@ -39,6 +39,11 @@ struct private_pretend_auth_t { */ identification_t *id; + /** + * reserved bytes of ID payload + */ + char reserved[3]; + /** * IKE_SA_INIT data for signature */ @@ -232,7 +237,7 @@ static bool build_auth(private_pretend_auth_t *this, } keymat = ike_sa->get_keymat(ike_sa); octets = keymat->get_auth_octets(keymat, TRUE, this->ike_init, - this->nonce, this->id); + this->nonce, this->id, this->reserved); if (!private->sign(private, scheme, octets, &auth_data)) { chunk_free(&octets); -- cgit v1.2.3