- Import new upstream release 4.1.8.

1 files changed, 16 insertions, 0 deletions

diff --git a/src/charon/processing/jobs/process_message_job.c b/src/charon/processing/jobs/process_message_job.c
index 6a0921248..ec2e7735d 100644
--- a/src/charon/processing/jobs/process_message_job.c
+++ b/src/charon/processing/jobs/process_message_job.c
@@ -59,6 +59,22 @@ static void execute(private_process_message_job_t *this)
 {
 	ike_sa_t *ike_sa;
 	
+#ifdef P2P
+	// if this is an unencrypted INFORMATIONAL exchange it is likely a 
+	// connectivity check
+	if (this->message->get_exchange_type(this->message) == INFORMATIONAL &&
+		this->message->get_first_payload_type(this->message) != ENCRYPTED)
+	{
+		// theoretically this could also be an error message see RFC 4306, section 1.5.
+		DBG1(DBG_NET, "received unencrypted informational: from %#H to %#H",
+			 this->message->get_source(this->message),
+			 this->message->get_destination(this->message));
+		charon->connect_manager->process_check(charon->connect_manager, this->message);
+		destroy(this);
+		return;
+	}
+#endif /* P2P */
+	
 	ike_sa = charon->ike_sa_manager->checkout_by_message(charon->ike_sa_manager,
 														 this->message);
 	if (ike_sa)