Derive IKE keys as IKEv1 initiator, too
authorMartin Willi <martin@revosec.ch>
Mon, 21 Nov 2011 13:36:05 +0000 (14:36 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:30:46 +0000 (17:30 +0100)
src/libcharon/sa/tasks/main_mode.c

index 89ecaf4..8b2b4c0 100644 (file)
@@ -560,6 +560,12 @@ METHOD(task_t, process_i, status_t,
                        }
                        this->nonce_r = nonce_payload->get_nonce(nonce_payload);
 
+                       if (!derive_keys(this, this->nonce_i, this->nonce_r))
+                       {
+                               DBG1(DBG_IKE, "key derivation failed");
+                               return FAILED;
+                       }
+
                        return NEED_MORE;
                }
                case MM_AUTH: