sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity

encoding: Don't verify length of IKEv1 KE payloads

Browse Source 
The verification introduced with 84738b1aed95 ("encoding: Verify the length
of KE payload data for known groups") can't be done for IKEv1 as the KE
payload does not contain the DH group.
This commit is contained in:
Tobias Brunner 2015-03-20 16:32:56 +01:00
parent d2f4345b03
commit 2ed5f5693d
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libcharon/encoding/payloads/ke_payload.c
View File

@ -146,6 +146,12 @@ METHOD(payload_t, verify, status_t,
diffie_hellman_group_t g = this->dh_group_number;
bool valid = TRUE;
if (this->type == PLV1_KEY_EXCHANGE)
{
/* IKEv1 does not transmit the group */
return SUCCESS;
}
switch (g)
{
case MODP_NONE: