child-cfg: Ignore duplicate proposals
authorTobias Brunner <tobias@strongswan.org>
Mon, 11 Aug 2014 16:12:36 +0000 (18:12 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Sep 2014 08:18:14 +0000 (10:18 +0200)
If ESP proposals are added once with and once without DH groups
duplicates result during IKE_AUTH when DH groups are stripped.

src/libcharon/config/child_cfg.c

index 7e4a143..ed7c0d4 100644 (file)
@@ -163,6 +163,11 @@ METHOD(child_cfg_t, add_proposal, void,
        }
 }
 
+static bool match_proposal(proposal_t *item, proposal_t *proposal)
+{
+       return item->equals(item, proposal);
+}
+
 METHOD(child_cfg_t, get_proposals, linked_list_t*,
        private_child_cfg_t *this, bool strip_dh)
 {
@@ -178,6 +183,12 @@ METHOD(child_cfg_t, get_proposals, linked_list_t*,
                {
                        current->strip_dh(current, MODP_NONE);
                }
+               if (proposals->find_first(proposals, (linked_list_match_t)match_proposal,
+                                                                 NULL, current) == SUCCESS)
+               {
+                       current->destroy(current);
+                       continue;
+               }
                proposals->insert_last(proposals, current);
        }
        enumerator->destroy(enumerator);