fixed payload order (Nonce, KE) for IKE_SA_INIT

diff --git a/src/charon/sa/tasks/ike_init.c b/src/charon/sa/tasks/ike_init.c
index f78b5dd..d145672 100644 (file)
--- a/src/charon/sa/tasks/ike_init.c
+++ b/src/charon/sa/tasks/ike_init.c
@@ -149,10 +149,18 @@ static void build_payloads(private_ike_init_t *this, message_t *message)
        
        nonce_payload = nonce_payload_create();
        nonce_payload->set_nonce(nonce_payload, this->my_nonce);
-       message->add_payload(message, (payload_t*)nonce_payload);
-       
        ke_payload = ke_payload_create_from_diffie_hellman(this->dh);
-       message->add_payload(message, (payload_t*)ke_payload);
+       
+       if (this->old_sa)
+       {       /* payload order differs if we are rekeying */
+               message->add_payload(message, (payload_t*)nonce_payload);
+               message->add_payload(message, (payload_t*)ke_payload);
+       }
+       else
+       {
+               message->add_payload(message, (payload_t*)ke_payload);
+               message->add_payload(message, (payload_t*)nonce_payload);
+       }
 }
 
 /**