ikev1: Add an option to accept unencrypted ID/HASH payloads
authorMartin Willi <martin@revosec.ch>
Mon, 14 Apr 2014 12:42:27 +0000 (14:42 +0200)
committerMartin Willi <martin@revosec.ch>
Thu, 17 Apr 2014 06:52:28 +0000 (08:52 +0200)
commitc4c9d291d2aaeccf9d36971de763b0ab60af9e66
tree167bfd78fbf9cd11bb1dcb46da9c6fccf9e34fbb
parent4469e3d0507ad869488d3e7524a061e18fb3ee21
ikev1: Add an option to accept unencrypted ID/HASH payloads

Even in Main Mode, some Sonicwall boxes seem to send ID/HASH payloads in
unencrypted form, probably to allow PSK lookup based on the ID payloads. We
by default reject that, but accept it if the
charon.accept_unencrypted_mainmode_messages option is set in strongswan.conf.

Initial patch courtesy of Paul Stewart.
conf/options/charon.opt
src/libcharon/encoding/message.c