message: Update rules for optimized rekeying

The SA payload is optional, the new notify should be at the beginning
for easy access.

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 68823905ab7f4a3b89ee0f3bc7baf02dc0b317f8..17c9fe5513ac274bd1d61706dedf6a8b62b712b5 100644 (file)
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -337,7 +337,7 @@ static payload_rule_t create_child_sa_i_rules[] = {
 /*     payload type                                    min     max                                             encr    suff */
        {PLV2_FRAGMENT,                                 0,      1,                                              TRUE,   TRUE},
        {PLV2_NOTIFY,                                   0,      MAX_NOTIFY_PAYLOADS,    TRUE,   FALSE},
-       {PLV2_SECURITY_ASSOCIATION,             1,      1,                                              TRUE,   FALSE},
+       {PLV2_SECURITY_ASSOCIATION,             0,      1,                                              TRUE,   FALSE},
        {PLV2_NONCE,                                    1,      1,                                              TRUE,   FALSE},
        {PLV2_KEY_EXCHANGE,                             0,      1,                                              TRUE,   FALSE},
        {PLV2_TS_INITIATOR,                             0,      1,                                              TRUE,   FALSE},
@@ -352,6 +352,7 @@ static payload_rule_t create_child_sa_i_rules[] = {
 static payload_order_t create_child_sa_i_order[] = {
 /*     payload type                                    notify type */
        {PLV2_NOTIFY,                                   REKEY_SA},
+       {PLV2_NOTIFY,                                   OPTIMIZED_REKEY},
        {PLV2_NOTIFY,                                   IPCOMP_SUPPORTED},
        {PLV2_NOTIFY,                                   USE_TRANSPORT_MODE},
        {PLV2_NOTIFY,                                   ESP_TFC_PADDING_NOT_SUPPORTED},
@@ -372,7 +373,7 @@ static payload_rule_t create_child_sa_r_rules[] = {
 /*     payload type                                    min     max                                             encr    suff */
        {PLV2_FRAGMENT,                                 0,      1,                                              TRUE,   TRUE},
        {PLV2_NOTIFY,                                   0,      MAX_NOTIFY_PAYLOADS,    TRUE,   TRUE},
-       {PLV2_SECURITY_ASSOCIATION,             1,      1,                                              TRUE,   FALSE},
+       {PLV2_SECURITY_ASSOCIATION,             0,      1,                                              TRUE,   FALSE},
        {PLV2_NONCE,                                    1,      1,                                              TRUE,   FALSE},
        {PLV2_KEY_EXCHANGE,                             0,      1,                                              TRUE,   FALSE},
        {PLV2_TS_INITIATOR,                             0,      1,                                              TRUE,   FALSE},
@@ -386,6 +387,7 @@ static payload_rule_t create_child_sa_r_rules[] = {
  */
 static payload_order_t create_child_sa_r_order[] = {
 /*     payload type                                    notify type */
+       {PLV2_NOTIFY,                                   OPTIMIZED_REKEY},
        {PLV2_NOTIFY,                                   IPCOMP_SUPPORTED},
        {PLV2_NOTIFY,                                   USE_TRANSPORT_MODE},
        {PLV2_NOTIFY,                                   ESP_TFC_PADDING_NOT_SUPPORTED},