projects / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cf9befc)
ikev1: Inverse check when applying received KE value during Quick Mode 5.3.0rc1
authorMartin Willi <martin@revosec.ch>
Tue, 24 Mar 2015 08:37:38 +0000 (09:37 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 24 Mar 2015 08:37:38 +0000 (09:37 +0100)
Fixes Quick Mode negotiation when PFS is in use.

src/libcharon/sa/ikev1/tasks/quick_mode.c patch | blob | history

diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index b48ace4..982c128 100644 (file)
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -493,7 +493,7 @@ static bool get_ke(private_quick_mode_t *this, message_t *message)
                DBG1(DBG_IKE, "KE payload missing");
                return FALSE;
        }
-       if (this->dh->set_other_public_value(this->dh,
+       if (!this->dh->set_other_public_value(this->dh,
                                                                ke_payload->get_key_exchange_data(ke_payload)))
        {
                DBG1(DBG_IKE, "unable to apply received KE value");
strongSwan - IPsec VPN