was_encrypted = "encrypted fragment payload";
}
- if (payload_is_known(type) && !was_encrypted &&
+ if (payload_is_known(type, this->major_version) && !was_encrypted &&
!is_connectivity_check(this, payload) &&
this->exchange_type != AGGRESSIVE)
{
/**
* See header.
*/
-bool payload_is_known(payload_type_t type)
+bool payload_is_known(payload_type_t type, u_int8_t maj_ver)
{
if (type == PL_HEADER)
{
return TRUE;
}
- if (type >= PLV1_SECURITY_ASSOCIATION && type <= PLV1_CONFIGURATION)
+ switch (maj_ver)
{
- return TRUE;
- }
- if (type >= PLV1_NAT_D && type <= PLV1_NAT_OA)
- {
- return TRUE;
- }
- if (type >= PLV2_SECURITY_ASSOCIATION && type <= PLV2_EAP)
- {
- return TRUE;
- }
- if (type == PLV2_FRAGMENT)
- {
- return TRUE;
- }
+ case 0:
+ case IKEV1_MAJOR_VERSION:
+ if (type >= PLV1_SECURITY_ASSOCIATION && type <= PLV1_CONFIGURATION)
+ {
+ return TRUE;
+ }
+ if (type >= PLV1_NAT_D && type <= PLV1_NAT_OA)
+ {
+ return TRUE;
+ }
+ if (type >= PLV1_NAT_D_DRAFT_00_03 && type <= PLV1_FRAGMENT)
+ {
+ return TRUE;
+ }
+ if (maj_ver)
+ {
+ break;
+ }
+ /* fall-through */
+ case IKEV2_MAJOR_VERSION:
+ if (type >= PLV2_SECURITY_ASSOCIATION && type <= PLV2_EAP)
+ {
+ return TRUE;
+ }
+ if (type == PLV2_FRAGMENT)
+ {
+ return TRUE;
+ }
#ifdef ME
- if (type == PLV2_ID_PEER)
- {
- return TRUE;
- }
+ if (type == PLV2_ID_PEER)
+ {
+ return TRUE;
+ }
#endif
- if (type >= PLV1_NAT_D_DRAFT_00_03 && type <= PLV1_FRAGMENT)
- {
- return TRUE;
+ break;
+ default:
+ break;
}
return FALSE;
}
* Check if a specific payload is implemented, or handled as unknown payload.
*
* @param type type of the payload to check
+ * @param maj_ver major IKE version (use 0 to skip version check)
* @return FALSE if payload type handled as unknown payload
*/
-bool payload_is_known(payload_type_t type);
+bool payload_is_known(payload_type_t type, u_int8_t maj_ver);
/**
* Get the value field in a payload using encoding rules.
{
unknown = (unknown_payload_t*)payload;
type = payload->get_type(payload);
- if (!payload_is_known(type) &&
+ if (!payload_is_known(type, msg->get_major_version(msg)) &&
unknown->is_critical(unknown))
{
DBG1(DBG_ENC, "payload type %N is not supported, "
projects / thirdparty / strongswan.git / commitdiff
