From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 21 Dec 2012 17:40:23 +0000 (+0100)
Subject: Include source port in init hash for fragmented messages
X-Git-Tag: 5.0.2dr4~8^2~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e645c15b9c918303134b1be63d67dacf51e1945b;p=thirdparty%2Fstrongswan.git

Include source port in init hash for fragmented messages
---

diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index 260da8be1d..2ac8c31233 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -975,7 +975,8 @@ static bool get_init_hash(private_ike_sa_manager_t *this, message_t *message,
 		return FALSE;
 	}
 	if (message->get_first_payload_type(message) == FRAGMENT_V1)
-	{	/* only hash the source IP and SPI for fragmented init messages */
+	{	/* only hash the source IP, port and SPI for fragmented init messages */
+		u_int16_t port;
 		u_int64_t spi;
 
 		src = message->get_source(message);
@@ -984,6 +985,12 @@ static bool get_init_hash(private_ike_sa_manager_t *this, message_t *message,
 		{
 			return FALSE;
 		}
+		port = src->get_port(src);
+		if (!this->hasher->allocate_hash(this->hasher,
+										 chunk_from_thing(port), NULL))
+		{
+			return FALSE;
+		}
 		spi = message->get_initiator_spi(message);
 		return this->hasher->allocate_hash(this->hasher,
 										   chunk_from_thing(spi), hash);