From 5af924a650601bb71889ffb7663ee64cadcf7bdd Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 29 Mar 2019 11:05:42 +0100 Subject: [PATCH] ike-config: If we don't send a CFG_REQUEST, we don't expect a CFG_REPLY Previously, attributes in an incorrectly sent CFG_REPLY would still be passed to attribute handlers. This does not prevent handlers from receiving unrequested attributes if they requested at least one other. --- src/libcharon/sa/ikev2/tasks/ike_config.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/libcharon/sa/ikev2/tasks/ike_config.c b/src/libcharon/sa/ikev2/tasks/ike_config.c index fdccda5f55..3fb4b94461 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_config.c +++ b/src/libcharon/sa/ikev2/tasks/ike_config.c @@ -317,6 +317,10 @@ METHOD(task_t, build_i, status_t, { message->add_payload(message, (payload_t*)cp); } + else + { /* we don't expect a CFG_REPLY */ + return SUCCESS; + } } return NEED_MORE; } -- 2.47.2