From bd8d1f1d9c96a816a7b172c05a9a51d6af22b758 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 10 Jan 2012 10:58:29 +0100
Subject: Accept unencrypted Aggressive Mode messages.

Racoon does not encrypt the third message during Aggressive Mode.
---
 src/libcharon/encoding/message.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/libcharon/encoding/message.c')

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index e6036177a..99aca870a 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1882,7 +1882,8 @@ static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
 			encryption->destroy(encryption);
 		}
 		if (payload_is_known(type) && !was_encrypted &&
-			!is_connectivity_check(this, payload))
+			!is_connectivity_check(this, payload) &&
+			this->exchange_type != AGGRESSIVE)
 		{
 			rule = get_payload_rule(this, type);
 			if (!rule || rule->encrypted)
-- 
cgit v1.2.3