ikev1: Send INITIAL_CONTACT notify in Main Mode
authorThomas Egerer <thomas.egerer@secunet.com>
Thu, 9 Oct 2014 09:13:43 +0000 (11:13 +0200)
committerMartin Willi <martin@revosec.ch>
Thu, 30 Oct 2014 10:53:56 +0000 (11:53 +0100)
commit11b42933bf3896acaa7fb2efef8689c04d9224b1
tree3934a71752fd4f7ddf2aa26ad0c4870e6b73f615
parent8131d180a81159273c7f6e1aefee85144921453b
ikev1: Send INITIAL_CONTACT notify in Main Mode

We currently send the notify in Main Mode only, as it is explicitly not allowed
by RFC 2407 to send (unprotected) notifications in Aggressive Mode. To make
that work, we'd need to handle that notify in Aggressive Mode, which could
allow a MitM to inject such notifies and do some harm.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
src/libcharon/sa/ikev1/tasks/main_mode.c