Add message rules to properly handle IKE fragments

These are sent in unencrypted messages and are the only payload
contained in such messages.

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index c0f468663575d7f87126bf75a7fbbbc4c598252a..28fdda7353904b9b616a0502c265cbf56fa03643 100644 (file)
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -442,6 +442,7 @@ static payload_rule_t id_prot_i_rules[] = {
        {CERTIFICATE_V1,                        0,      2,                                              TRUE,   FALSE},
        {SIGNATURE_V1,                          0,      1,                                              TRUE,   FALSE},
        {HASH_V1,                                       0,      1,                                              TRUE,   FALSE},
+       {FRAGMENT_V1,                           0,      1,                                              FALSE,  TRUE},
 };
 
 /**
@@ -461,6 +462,7 @@ static payload_order_t id_prot_i_order[] = {
        {VENDOR_ID_V1,                          0},
        {NAT_D_V1,                                      0},
        {NAT_D_DRAFT_00_03_V1,          0},
+       {FRAGMENT_V1,                           0},
 };
 
 /**
@@ -480,6 +482,7 @@ static payload_rule_t id_prot_r_rules[] = {
        {CERTIFICATE_V1,                        0,      2,                                              TRUE,   FALSE},
        {SIGNATURE_V1,                          0,      1,                                              TRUE,   FALSE},
        {HASH_V1,                                       0,      1,                                              TRUE,   FALSE},
+       {FRAGMENT_V1,                           0,      1,                                              FALSE,  TRUE},
 };
 
 /**
@@ -499,6 +502,7 @@ static payload_order_t id_prot_r_order[] = {
        {VENDOR_ID_V1,                          0},
        {NAT_D_V1,                                      0},
        {NAT_D_DRAFT_00_03_V1,          0},
+       {FRAGMENT_V1,                           0},
 };
 
 /**
@@ -518,6 +522,7 @@ static payload_rule_t aggressive_i_rules[] = {
        {CERTIFICATE_V1,                        0,      1,                                              TRUE,   FALSE},
        {SIGNATURE_V1,                          0,      1,                                              TRUE,   FALSE},
        {HASH_V1,                                       0,      1,                                              TRUE,   FALSE},
+       {FRAGMENT_V1,                           0,      1,                                              FALSE,  TRUE},
 };
 
 /**
@@ -537,6 +542,7 @@ static payload_order_t aggressive_i_order[] = {
        {CERTIFICATE_REQUEST_V1,        0},
        {NOTIFY_V1,                                     0},
        {VENDOR_ID_V1,                          0},
+       {FRAGMENT_V1,                           0},
 };
 
 /**
@@ -556,6 +562,7 @@ static payload_rule_t aggressive_r_rules[] = {
        {CERTIFICATE_V1,                        0,      1,                                              FALSE,  FALSE},
        {SIGNATURE_V1,                          0,      1,                                              FALSE,  FALSE},
        {HASH_V1,                                       0,      1,                                              FALSE,  FALSE},
+       {FRAGMENT_V1,                           0,      1,                                              FALSE,  TRUE},
 };
 
 /**
@@ -575,6 +582,7 @@ static payload_order_t aggressive_r_order[] = {
        {CERTIFICATE_REQUEST_V1,        0},
        {NOTIFY_V1,                                     0},
        {VENDOR_ID_V1,                          0},
+       {FRAGMENT_V1,                           0},
 };
 
 /**