ikev1: Accept IPComp proposals with 4 octet long CPI values
authorTobias Brunner <tobias@strongswan.org>
Tue, 4 Nov 2014 17:24:16 +0000 (18:24 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 5 Dec 2014 14:48:52 +0000 (15:48 +0100)
While they SHOULD be sent as 16-bit values according to RFC 3173
a responder MUST be able to accept CPI values encoded in four bytes.

src/libcharon/encoding/payloads/proposal_substructure.c

index 53e8cf3..fb9e785 100644 (file)
@@ -345,7 +345,7 @@ METHOD(payload_t, verify, status_t,
        switch (this->protocol_id)
        {
                case PROTO_IPCOMP:
-                       if (this->spi.len != 2)
+                       if (this->spi.len != 2 && this->spi.len != 4)
                        {
                                DBG1(DBG_ENC, "invalid CPI length in IPCOMP proposal");
                                return FAILED;
@@ -536,7 +536,7 @@ METHOD(proposal_substructure_t, get_cpi, bool,
                {
                        if (cpi)
                        {
-                               *cpi = *((u_int16_t*)this->spi.ptr);
+                               *cpi = htons(untoh16(this->spi.ptr + this->spi.len - 2));
                        }
                        enumerator->destroy(enumerator);
                        return TRUE;