projects / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ef31254) | patch
ikev2: Include fragment number into message ID passed to IV gen
authorMartin Willi <martin@revosec.ch>
Fri, 17 Apr 2015 12:19:37 +0000 (14:19 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 1 Jun 2015 07:42:11 +0000 (09:42 +0200)
commit62e0abe7591489c563c3d4380054050af9cb4838
treea41f9fd8719a41de32d7ba7ecb52e4cea4a4f4a6tree | snapshot
parentef31254d342d23cfbeb1b0030c9c6293545fca9dcommit | diff
ikev2: Include fragment number into message ID passed to IV gen

When using a cipher with sequential IVs, we never must pass an identical IV
to the IV generator. To avoid it when using IKEv2 fragmentation, use the lower
bits of the 64-bit message ID as the fragment number.
src/libcharon/encoding/payloads/encrypted_payload.c diff | blob | history
strongSwan - IPsec VPN