From 75122b90bbc5985f1427fcef98742c296da93b94 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 17 Jul 2014 09:32:22 +0200
Subject: [PATCH] receiver: Send a single INVALID_MAJOR_VERSION notify for IKE
 version > 2

We sent both a notify using IKEv1 and IKEv2. This is a little more aggressive
than required, RFC 5996 says we "SHOULD send an unauthenticated Notify
message of type INVALID_MAJOR_VERSION containing the highest (closest) version
number it supports".

Fixes #657.
---
 src/libcharon/network/receiver.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/libcharon/network/receiver.c b/src/libcharon/network/receiver.c
index a2a3b1f..5ce9471 100644
--- a/src/libcharon/network/receiver.c
+++ b/src/libcharon/network/receiver.c
@@ -524,8 +524,7 @@ static job_requeue_t receive_packets(private_receiver_t *this)
 #ifdef USE_IKEV2
 			send_notify(message, IKEV2_MAJOR_VERSION, INFORMATIONAL,
 						INVALID_MAJOR_VERSION, chunk_empty);
-#endif /* USE_IKEV2 */
-#ifdef USE_IKEV1
+#elif defined(USE_IKEV1)
 			send_notify(message, IKEV1_MAJOR_VERSION, INFORMATIONAL_V1,
 						INVALID_MAJOR_VERSION, chunk_empty);
 #endif /* USE_IKEV1 */
@@ -684,4 +683,3 @@ receiver_t *receiver_create()
 
 	return &this->public;
 }
-
-- 
2.7.4