Enable Cisco Unity only if Unity vendor id received
authorMartin Willi <martin@revosec.ch>
Thu, 13 Sep 2012 13:09:21 +0000 (15:09 +0200)
committerMartin Willi <martin@revosec.ch>
Tue, 18 Sep 2012 15:17:48 +0000 (17:17 +0200)
src/libcharon/plugins/unity/unity_handler.c
src/libcharon/plugins/unity/unity_narrow.c
src/libcharon/plugins/unity/unity_provider.c

index e48debe..b2aeba6 100644 (file)
@@ -341,7 +341,8 @@ METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t *,
        ike_sa_t *ike_sa;
 
        ike_sa = charon->bus->get_sa(charon->bus);
-       if (!ike_sa || ike_sa->get_version(ike_sa) != IKEV1)
+       if (!ike_sa || ike_sa->get_version(ike_sa) != IKEV1 ||
+               !ike_sa->supports_extension(ike_sa, EXT_CISCO_UNITY))
        {
                return enumerator_create_empty();
        }
index 3ee7f93..6a86fed 100644 (file)
@@ -116,7 +116,8 @@ METHOD(listener_t, narrow, bool,
        private_unity_narrow_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa,
        narrow_hook_t type, linked_list_t *local, linked_list_t *remote)
 {
-       if (ike_sa->get_version(ike_sa) == IKEV1)
+       if (ike_sa->get_version(ike_sa) == IKEV1 &&
+               ike_sa->supports_extension(ike_sa, EXT_CISCO_UNITY))
        {
                switch (type)
                {
index 753cd98..5ebde17 100644 (file)
@@ -108,6 +108,7 @@ METHOD(attribute_provider_t, create_attribute_enumerator, enumerator_t*,
 
        ike_sa = charon->bus->get_sa(charon->bus);
        if (!ike_sa || ike_sa->get_version(ike_sa) != IKEV1 ||
+               !ike_sa->supports_extension(ike_sa, EXT_CISCO_UNITY) ||
                !vips->get_count(vips))
        {
                return NULL;