From: Martin Willi Date: Tue, 6 Nov 2012 10:27:38 +0000 (+0100) Subject: Raise an alert on traffic selector mismatch X-Git-Tag: 5.0.2dr4~47 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=24f30ec92fff0611072741a3644209ef8d66e54a;p=thirdparty%2Fstrongswan.git Raise an alert on traffic selector mismatch --- diff --git a/src/libcharon/bus/bus.h b/src/libcharon/bus/bus.h index 4b6d3ec8bf..aabc0fed01 100644 --- a/src/libcharon/bus/bus.h +++ b/src/libcharon/bus/bus.h @@ -111,6 +111,9 @@ enum alert_t { ALERT_PROPOSAL_MISMATCH_IKE, /** CHILD proposals do not match, argument is linked_list_t of proposal_t */ ALERT_PROPOSAL_MISMATCH_CHILD, + /** traffic selectors do not match, arguments are two linked_list_t + * containing traffic_selector_t for initiator and for responder */ + ALERT_TS_MISMATCH, /** IKE_SA deleted because of "replace" unique policy, no argument */ ALERT_UNIQUE_REPLACE, /** IKE_SA deleted because of "keep" unique policy, no arguement */ diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c index f9f719accb..0ded7fcfcb 100644 --- a/src/libcharon/sa/ikev2/tasks/child_create.c +++ b/src/libcharon/sa/ikev2/tasks/child_create.c @@ -454,6 +454,7 @@ static status_t select_and_install(private_child_create_t *this, if (my_ts->get_count(my_ts) == 0 || other_ts->get_count(other_ts) == 0) { + charon->bus->alert(charon->bus, ALERT_TS_MISMATCH, this->tsi, this->tsr); my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy)); other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy)); DBG1(DBG_IKE, "no acceptable traffic selectors found"); @@ -1042,6 +1043,7 @@ METHOD(task_t, build_r, status_t, { DBG1(DBG_IKE, "traffic selectors %#R=== %#R inacceptable", this->tsr, this->tsi); + charon->bus->alert(charon->bus, ALERT_TS_MISMATCH, this->tsi, this->tsr); message->add_notify(message, FALSE, TS_UNACCEPTABLE, chunk_empty); handle_child_sa_failure(this, message); return SUCCESS;