message: Enforce encryption except for INFORMATIONALs

The only messages that are generally sent encrypted but could be sent
unencrypted are INFORMATIONALs (currently only used for IKEv1 and ME
connectivity checks).  This should prevent issues if the keymat_t behaves
incorrectly and does not return an aead_t when it actually should.

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index b72a2bf2dd7272c5adebee30b42bbe61f354367f..819f771e567a82e0a420c8054378f74c60294816 100644 (file)
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1744,12 +1744,25 @@ static status_t generate_message(private_message_t *this, keymat_t *keymat,
        {
                aead = keymat->get_aead(keymat, FALSE);
        }
-       if (aead && encrypting)
+       if (encrypting)
        {
-               *encrypted = wrap_payloads(this);
-               (*encrypted)->set_transform(*encrypted, aead);
+               if (aead)
+               {
+                       *encrypted = wrap_payloads(this);
+                       (*encrypted)->set_transform(*encrypted, aead);
+               }
+               else if (this->exchange_type == INFORMATIONAL ||
+                                this->exchange_type == INFORMATIONAL_V1)
+               {       /* allow sending unencrypted INFORMATIONALs */
+                       encrypting = FALSE;
+               }
+               else
+               {
+                       DBG1(DBG_ENC, "unable to encrypt payloads without AEAD transform");
+                       return FAILED;
+               }
        }
-       else
+       if (!encrypting)
        {
                DBG2(DBG_ENC, "not encrypting payloads");
                this->is_encrypted = FALSE;