From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 11 Aug 2014 16:12:36 +0000 (+0200)
Subject: child-cfg: Ignore duplicate proposals
X-Git-Tag: 5.2.1dr1~66^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f92399ef1865ae557aa97b61ea3ee2dac6220766;p=thirdparty%2Fstrongswan.git

child-cfg: Ignore duplicate proposals

If ESP proposals are added once with and once without DH groups
duplicates result during IKE_AUTH when DH groups are stripped.
---

diff --git a/src/libcharon/config/child_cfg.c b/src/libcharon/config/child_cfg.c
index 7e4a1433d2..ed7c0d406f 100644
--- a/src/libcharon/config/child_cfg.c
+++ b/src/libcharon/config/child_cfg.c
@@ -163,6 +163,11 @@ METHOD(child_cfg_t, add_proposal, void,
 	}
 }
 
+static bool match_proposal(proposal_t *item, proposal_t *proposal)
+{
+	return item->equals(item, proposal);
+}
+
 METHOD(child_cfg_t, get_proposals, linked_list_t*,
 	private_child_cfg_t *this, bool strip_dh)
 {
@@ -178,6 +183,12 @@ METHOD(child_cfg_t, get_proposals, linked_list_t*,
 		{
 			current->strip_dh(current, MODP_NONE);
 		}
+		if (proposals->find_first(proposals, (linked_list_match_t)match_proposal,
+								  NULL, current) == SUCCESS)
+		{
+			current->destroy(current);
+			continue;
+		}
 		proposals->insert_last(proposals, current);
 	}
 	enumerator->destroy(enumerator);