From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 9 Apr 2019 09:42:19 +0000 (+0200)
Subject: message: Enforce encryption except for INFORMATIONALs
X-Git-Tag: 5.8.0rc1~34
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b2236526ca1903ffd0e6587a2ee37673f3b4dd1;p=thirdparty%2Fstrongswan.git

message: Enforce encryption except for INFORMATIONALs

The only messages that are generally sent encrypted but could be sent
unencrypted are INFORMATIONALs (currently only used for IKEv1 and ME
connectivity checks).  This should prevent issues if the keymat_t behaves
incorrectly and does not return an aead_t when it actually should.
---

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index b72a2bf2dd..819f771e56 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1744,12 +1744,25 @@ static status_t generate_message(private_message_t *this, keymat_t *keymat,
 	{
 		aead = keymat->get_aead(keymat, FALSE);
 	}
-	if (aead && encrypting)
+	if (encrypting)
 	{
-		*encrypted = wrap_payloads(this);
-		(*encrypted)->set_transform(*encrypted, aead);
+		if (aead)
+		{
+			*encrypted = wrap_payloads(this);
+			(*encrypted)->set_transform(*encrypted, aead);
+		}
+		else if (this->exchange_type == INFORMATIONAL ||
+				 this->exchange_type == INFORMATIONAL_V1)
+		{	/* allow sending unencrypted INFORMATIONALs */
+			encrypting = FALSE;
+		}
+		else
+		{
+			DBG1(DBG_ENC, "unable to encrypt payloads without AEAD transform");
+			return FAILED;
+		}
 	}
-	else
+	if (!encrypting)
 	{
 		DBG2(DBG_ENC, "not encrypting payloads");
 		this->is_encrypted = FALSE;