ike: Don't trigger message hook when fragmenting pre-generated messages
authorTobias Brunner <tobias@strongswan.org>
Wed, 25 May 2016 07:42:08 +0000 (09:42 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 6 Jun 2016 12:12:48 +0000 (14:12 +0200)
This is the case for the IKE_SA_INIT and the initial IKEv1 messages, which
are pre-generated in tasks as at least parts of it are used to generate
the AUTH payload.  The IKE_SA_INIT message will never be fragmented, but
the IKEv1 messages might be, so we can't just call generate_message().

Fixes #1478.

src/libcharon/sa/ike_sa.c

index 3a23651..b7d71e4 100644 (file)
@@ -1203,6 +1203,7 @@ METHOD(ike_sa_t, generate_message_fragmented, status_t,
        packet_t *packet;
        status_t status;
        bool use_frags = FALSE;
+       bool pre_generated = FALSE;
 
        if (this->ike_cfg)
        {
@@ -1237,14 +1238,21 @@ METHOD(ike_sa_t, generate_message_fragmented, status_t,
                return SUCCESS;
        }
 
+       pre_generated = message->is_encoded(message);
        this->stats[STAT_OUTBOUND] = time_monotonic(NULL);
        message->set_ike_sa_id(message, this->ike_sa_id);
-       charon->bus->message(charon->bus, message, FALSE, TRUE);
+       if (!pre_generated)
+       {
+               charon->bus->message(charon->bus, message, FALSE, TRUE);
+       }
        status = message->fragment(message, this->keymat, this->fragment_size,
                                                           &fragments);
        if (status == SUCCESS)
        {
-               charon->bus->message(charon->bus, message, FALSE, FALSE);
+               if (!pre_generated)
+               {
+                       charon->bus->message(charon->bus, message, FALSE, FALSE);
+               }
                *packets = enumerator_create_filter(fragments, (void*)filter_fragments,
                                                                                        this, NULL);
        }