From 859f9c8c83ab3a8355c929e6216df0ba53f33009 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 6 Feb 2020 15:46:27 +0100
Subject: [PATCH] proposal-substructure: Encode transform number of selected
 IKEv1 proposal

---
 .../encoding/payloads/proposal_substructure.c | 19 ++++++++++---------
 .../encoding/payloads/proposal_substructure.h | 14 --------------
 2 files changed, 10 insertions(+), 23 deletions(-)

diff --git a/src/libcharon/encoding/payloads/proposal_substructure.c b/src/libcharon/encoding/payloads/proposal_substructure.c
index 4cf0340b56..802adac84b 100644
--- a/src/libcharon/encoding/payloads/proposal_substructure.c
+++ b/src/libcharon/encoding/payloads/proposal_substructure.c
@@ -1552,11 +1552,11 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
 }
 
 /**
- * See header.
+ * Creates an IKEv1 proposal_substructure_t from a proposal_t.
  */
-proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
+static proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
 			proposal_t *proposal, uint32_t lifetime, uint64_t lifebytes,
-			auth_method_t auth, ipsec_mode_t mode, encap_t udp)
+			auth_method_t auth, ipsec_mode_t mode, encap_t udp, uint8_t number)
 {
 	private_proposal_substructure_t *this;
 
@@ -1565,12 +1565,12 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
 	switch (proposal->get_protocol(proposal))
 	{
 		case PROTO_IKE:
-			set_from_proposal_v1_ike(this, proposal, lifetime, auth, 1);
+			set_from_proposal_v1_ike(this, proposal, lifetime, auth, number);
 			break;
 		case PROTO_ESP:
 		case PROTO_AH:
 			set_from_proposal_v1(this, proposal, lifetime,
-								 lifebytes, mode, udp, 1);
+								 lifebytes, mode, udp, number);
 			break;
 		default:
 			break;
@@ -1590,17 +1590,18 @@ proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
 	private_proposal_substructure_t *this = NULL;
 	enumerator_t *enumerator;
 	proposal_t *proposal;
-	int number = 0;
+	int number = 1;
 
 	enumerator = proposals->create_enumerator(proposals);
 	while (enumerator->enumerate(enumerator, &proposal))
 	{
 		if (!this)
-		{
+		{	/* as responder the transform number is set and we only have a
+			 * single proposal, start with 1 otherwise */
 			this = (private_proposal_substructure_t*)
 						proposal_substructure_create_from_proposal_v1(
-								proposal, lifetime, lifebytes, auth, mode, udp);
-			++number;
+							proposal, lifetime, lifebytes, auth, mode, udp,
+							proposal->get_transform_number(proposal) ?: number);
 		}
 		else
 		{
diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h
index 8101d9f386..0395ac8cf4 100644
--- a/src/libcharon/encoding/payloads/proposal_substructure.h
+++ b/src/libcharon/encoding/payloads/proposal_substructure.h
@@ -181,20 +181,6 @@ proposal_substructure_t *proposal_substructure_create(payload_type_t type);
  */
 proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
 														proposal_t *proposal);
-/**
- * Creates an IKEv1 proposal_substructure_t from a proposal_t.
- *
- * @param proposal	proposal to build a substruct out of it
- * @param lifetime	lifetime in seconds
- * @param lifebytes	lifebytes, in bytes
- * @param auth		authentication method to use, or AUTH_NONE
- * @param mode		IPsec encapsulation mode, TRANSPORT or TUNNEL
- * @param udp		ENCAP_UDP to use UDP encapsulation
- * @return			proposal_substructure_t object PLV1_PROPOSAL_SUBSTRUCTURE
- */
-proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
-			proposal_t *proposal,  uint32_t lifetime, uint64_t lifebytes,
-			auth_method_t auth, ipsec_mode_t mode, encap_t udp);
 
 /**
  * Creates an IKEv1 proposal_substructure_t from a list of proposal_t.
-- 
2.39.2