From 22b839e6e9463f8e139d6fbb1b7aa2ffcf01fccc Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 17 Aug 2016 10:26:01 +0200
Subject: ikev1: Accept more than one certificate payload in aggressive mode

Fixes #2085.
---
 src/libcharon/encoding/message.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 1fd644203..50dab9e38 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -535,7 +535,7 @@ static payload_rule_t aggressive_i_rules[] = {
 	{PLV1_NAT_D,					0,	MAX_NAT_D_PAYLOADS,		FALSE,	FALSE},
 	{PLV1_NAT_D_DRAFT_00_03,		0,	MAX_NAT_D_PAYLOADS,		FALSE,	FALSE},
 	{PLV1_ID,						0,	1,						FALSE,	FALSE},
-	{PLV1_CERTIFICATE,				0,	1,						TRUE,	FALSE},
+	{PLV1_CERTIFICATE,				0,	MAX_CERT_PAYLOADS,		TRUE,	FALSE},
 	{PLV1_SIGNATURE,				0,	1,						TRUE,	FALSE},
 	{PLV1_HASH,						0,	1,						TRUE,	FALSE},
 	{PLV1_FRAGMENT,					0,	1,						FALSE,	TRUE},
@@ -575,7 +575,7 @@ static payload_rule_t aggressive_r_rules[] = {
 	{PLV1_NAT_D,					0,	MAX_NAT_D_PAYLOADS,		FALSE,	FALSE},
 	{PLV1_NAT_D_DRAFT_00_03,		0,	MAX_NAT_D_PAYLOADS,		FALSE,	FALSE},
 	{PLV1_ID,						0,	1,						FALSE,	FALSE},
-	{PLV1_CERTIFICATE,				0,	1,						FALSE,	FALSE},
+	{PLV1_CERTIFICATE,				0,	MAX_CERT_PAYLOADS,		FALSE,	FALSE},
 	{PLV1_SIGNATURE,				0,	1,						FALSE,	FALSE},
 	{PLV1_HASH,						0,	1,						FALSE,	FALSE},
 	{PLV1_FRAGMENT,					0,	1,						FALSE,	TRUE},
-- 
cgit v1.2.3