From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 5 Jul 2018 15:36:21 +0000 (+0200)
Subject: message: Report the size of the complete reassembled IKE message
X-Git-Tag: 5.7.0dr5~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9403320fcaac895180479b20961aed3ab7b0de32;p=thirdparty%2Fstrongswan.git

message: Report the size of the complete reassembled IKE message

This way we see the same size on both ends, namely that of the complete
IKE message as if it was sent in a single packet (excluding UDP/IP headers).
---

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index c0a2b030a9..b72a2bf2dd 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2014 Tobias Brunner
+ * Copyright (C) 2006-2018 Tobias Brunner
  * Copyright (C) 2005-2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  * Copyright (C) 2006 Daniel Roethlisberger
@@ -2842,9 +2842,11 @@ METHOD(message_t, add_fragment_v2, status_t,
 	encrypted_fragment_payload_t *encrypted_fragment;
 	encrypted_payload_t *encrypted;
 	payload_t *payload;
+	aead_t *aead;
 	enumerator_t *enumerator;
 	chunk_t data;
 	uint16_t total, num;
+	size_t len;
 	status_t status;
 
 	if (!this->frag)
@@ -2904,15 +2906,30 @@ METHOD(message_t, add_fragment_v2, status_t,
 		return NEED_MORE;
 	}
 
+	encrypted = (encrypted_payload_t*)encrypted_fragment;
+	aead = encrypted->get_transform(encrypted);
+
 	data = merge_fragments(this, message);
-	DBG1(DBG_ENC, "received fragment #%hu of %hu, reassembled fragmented IKE "
-		 "message (%zu bytes)", num, total, data.len);
 
 	encrypted = encrypted_payload_create_from_plain(this->first_payload, data);
+	encrypted->set_transform(encrypted, aead);
 	this->payloads->insert_last(this->payloads, encrypted);
 	/* update next payload type (could be an unencrypted payload) */
 	this->payloads->get_first(this->payloads, (void**)&payload);
 	this->first_payload = payload->get_type(payload);
+
+	/* we report the length of the complete IKE message when splitting, do the
+	 * same here, so add the IKEv2 header len to the reassembled payload data */
+	len = 28;
+	enumerator = create_payload_enumerator(this);
+	while (enumerator->enumerate(enumerator, &payload))
+	{
+		len += payload->get_length(payload);
+	}
+	enumerator->destroy(enumerator);
+
+	DBG1(DBG_ENC, "received fragment #%hu of %hu, reassembled fragmented IKE "
+		 "message (%zu bytes)", num, total, len);
 	return SUCCESS;
 }