Ignore IKEv2 packets in pluto with any minor version
authorMartin Willi <martin@revosec.ch>
Tue, 22 Jun 2010 07:16:04 +0000 (09:16 +0200)
committerMartin Willi <martin@revosec.ch>
Tue, 22 Jun 2010 09:14:07 +0000 (11:14 +0200)
src/pluto/demux.c

index fad1450..617353c 100644 (file)
@@ -1215,7 +1215,7 @@ read_packet(struct msg_digest *md)
 
        /* ignore IKEv2 packets - they will be handled by charon */
        if (pbs_room(&md->packet_pbs) > IKEV2_VERSION_OFFSET
-       &&  md->packet_pbs.start[IKEV2_VERSION_OFFSET] == IKEV2_VERSION)
+       &&  (md->packet_pbs.start[IKEV2_VERSION_OFFSET] & 0xF0) == IKEV2_VERSION)
        {
                DBG(DBG_CONTROLMORE,
                        DBG_log("  ignoring IKEv2 packet")