ikev1: Set protocol ID and SPIs in INITIAL-CONTACT notification payloads
authorTobias Brunner <tobias@strongswan.org>
Tue, 10 Feb 2015 18:03:44 +0000 (19:03 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 6 Mar 2015 15:50:13 +0000 (16:50 +0100)
The payload we sent before is not compliant with RFC 2407 and thus some
peers might abort negotiation (e.g. with an INVALID-PROTOCOL-ID error).

Fixes #819.

src/libcharon/sa/ikev1/tasks/main_mode.c

index 5065e70..3ea4a2a 100644 (file)
@@ -213,6 +213,10 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
 {
        identification_t *idr;
        host_t *host;
+       notify_payload_t *notify;
+       ike_sa_id_t *ike_sa_id;
+       u_int64_t spi_i, spi_r;
+       chunk_t spi;
 
        idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE);
        if (idr && !idr->contains_wildcards(idr))
@@ -224,8 +228,15 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
                        if (!charon->ike_sa_manager->has_contact(charon->ike_sa_manager,
                                                                                idi, idr, host->get_family(host)))
                        {
-                               message->add_notify(message, FALSE, INITIAL_CONTACT_IKEV1,
-                                                                       chunk_empty);
+                               notify = notify_payload_create_from_protocol_and_type(
+                                                               PLV1_NOTIFY, PROTO_IKE, INITIAL_CONTACT_IKEV1);
+                               ike_sa_id = this->ike_sa->get_id(this->ike_sa);
+                               spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
+                               spi_r = ike_sa_id->get_responder_spi(ike_sa_id);
+                               spi = chunk_cata("cc", chunk_from_thing(spi_i),
+                                                                chunk_from_thing(spi_r));
+                               notify->set_spi_data(notify, spi);
+                               message->add_payload(message, (payload_t*)notify);
                        }
                }
        }