From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 28 Mar 2019 17:44:08 +0000 (+0100)
Subject: ike-config: Ignore unrequested virtual IP addresses
X-Git-Tag: 5.8.0rc1~40
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b5ac0bd35fcebb6823402cb4ab69eaf574ea8839;p=thirdparty%2Fstrongswan.git

ike-config: Ignore unrequested virtual IP addresses

But forward them to handlers in case they requested them.
---

diff --git a/src/libcharon/sa/ikev2/tasks/ike_config.c b/src/libcharon/sa/ikev2/tasks/ike_config.c
index 4a8acb97e4..fdccda5f55 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_config.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_config.c
@@ -41,6 +41,11 @@ struct private_ike_config_t {
 	 */
 	bool initiator;
 
+	/**
+	 * Did we request a virtual IP?
+	 */
+	bool vip_requested;
+
 	/**
 	 * Received list of virtual IPs, host_t*
 	 */
@@ -149,6 +154,12 @@ static void process_attribute(private_ike_config_t *this,
 			/* fall */
 		case INTERNAL_IP6_ADDRESS:
 		{
+			if (this->initiator && !this->vip_requested)
+			{
+				handle_attribute(this, ca);
+				return;
+			}
+
 			addr = ca->get_chunk(ca);
 			if (addr.len == 0)
 			{
@@ -270,6 +281,7 @@ METHOD(task_t, build_i, status_t,
 				cp->add_attribute(cp, build_vip(host));
 			}
 			enumerator->destroy(enumerator);
+			this->vip_requested = TRUE;
 		}
 
 		enumerator = charon->attributes->create_initiator_enumerator(