]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2f62bb1)
Include source port in init hash for fragmented messages
authorTobias Brunner <tobias@strongswan.org>
Fri, 21 Dec 2012 17:40:23 +0000 (18:40 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 24 Dec 2012 11:29:31 +0000 (12:29 +0100)
src/libcharon/sa/ike_sa_manager.c patch | blob | blame | history

diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index 260da8be1df50a429efecd5861c568c1f28a03e1..2ac8c312333583cf0b3bd163d951c88e54738701 100644 (file)
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -975,7 +975,8 @@ static bool get_init_hash(private_ike_sa_manager_t *this, message_t *message,
                return FALSE;
        }
        if (message->get_first_payload_type(message) == FRAGMENT_V1)
-       {       /* only hash the source IP and SPI for fragmented init messages */
+       {       /* only hash the source IP, port and SPI for fragmented init messages */
+               u_int16_t port;
                u_int64_t spi;
 
                src = message->get_source(message);
@@ -984,6 +985,12 @@ static bool get_init_hash(private_ike_sa_manager_t *this, message_t *message,
                {
                        return FALSE;
                }
+               port = src->get_port(src);
+               if (!this->hasher->allocate_hash(this->hasher,
+                                                                                chunk_from_thing(port), NULL))
+               {
+                       return FALSE;
+               }
                spi = message->get_initiator_spi(message);
                return this->hasher->allocate_hash(this->hasher,
                                                                                   chunk_from_thing(spi), hash);
Unnamed repository; edit this file 'description' to name the repository.