From: Martin Willi <martin@revosec.ch>
Date: Mon, 23 Aug 2010 09:30:36 +0000 (+0200)
Subject: Accept encryption payloads with no wrapped payloads
X-Git-Tag: 4.5.0~428
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c49475dae1dd26f49dc5be5bb18a21d21d96c352;p=thirdparty%2Fstrongswan.git

Accept encryption payloads with no wrapped payloads
---

diff --git a/src/libcharon/encoding/payloads/encryption_payload.c b/src/libcharon/encoding/payloads/encryption_payload.c
index 05e1d0e55a..476f88ec7b 100644
--- a/src/libcharon/encoding/payloads/encryption_payload.c
+++ b/src/libcharon/encoding/payloads/encryption_payload.c
@@ -423,7 +423,7 @@ METHOD(encryption_payload_t, decrypt, bool,
 
 	plain = chunk_create(crypt.ptr, crypt.len - icv.len);
 	padding.len = plain.ptr[plain.len - 1] + 1;
-	if (padding.len >= plain.len)
+	if (padding.len > plain.len)
 	{
 		DBG1(DBG_ENC, "decrypting encryption payload failed, "
 			 "padding invalid %B", &crypt);