diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
| commit | e0e280b7669435b991b7e457abd8aa450930b3e8 (patch) | |
| tree | 3e6084f13b14ad2df104e2ce6e589eb96c5f7ac9 /src/libcharon/encoding/message.c | |
| parent | 51a71ee15c1bcf0e82f363a16898f571e211f9c3 (diff) | |
| download | vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.tar.gz vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.zip | |
New upstream version 5.7.0
Diffstat (limited to 'src/libcharon/encoding/message.c')
| -rw-r--r-- | src/libcharon/encoding/message.c | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 1b8cd76f4..b72a2bf2d 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2014 Tobias Brunner + * Copyright (C) 2006-2018 Tobias Brunner * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2006 Daniel Roethlisberger @@ -2095,8 +2095,8 @@ METHOD(message_t, fragment, status_t, count = data.len / frag_len + (data.len % frag_len ? 1 : 0); this->fragments = array_create(0, count); - DBG1(DBG_ENC, "splitting IKE message with length of %zu bytes into " - "%hu fragments", len, count); + DBG1(DBG_ENC, "splitting IKE message (%zu bytes) into %hu fragments", len, + count); for (num = 1; num <= count; num++) { len = min(data.len, frag_len); @@ -2821,11 +2821,11 @@ METHOD(message_t, add_fragment_v1, status_t, return NEED_MORE; } - DBG1(DBG_ENC, "received fragment #%hhu, reassembling fragmented IKE " - "message", num); - data = merge_fragments(this, message); this->packet->set_data(this->packet, data); + DBG1(DBG_ENC, "received fragment #%hhu, reassembled fragmented IKE " + "message (%zu bytes)", num, data.len); + this->parser = parser_create(data); if (parse_header(this) != SUCCESS) @@ -2842,9 +2842,11 @@ METHOD(message_t, add_fragment_v2, status_t, encrypted_fragment_payload_t *encrypted_fragment; encrypted_payload_t *encrypted; payload_t *payload; + aead_t *aead; enumerator_t *enumerator; chunk_t data; uint16_t total, num; + size_t len; status_t status; if (!this->frag) @@ -2904,15 +2906,30 @@ METHOD(message_t, add_fragment_v2, status_t, return NEED_MORE; } - DBG1(DBG_ENC, "received fragment #%hu of %hu, reassembling fragmented IKE " - "message", num, total); + encrypted = (encrypted_payload_t*)encrypted_fragment; + aead = encrypted->get_transform(encrypted); data = merge_fragments(this, message); + encrypted = encrypted_payload_create_from_plain(this->first_payload, data); + encrypted->set_transform(encrypted, aead); this->payloads->insert_last(this->payloads, encrypted); /* update next payload type (could be an unencrypted payload) */ this->payloads->get_first(this->payloads, (void**)&payload); this->first_payload = payload->get_type(payload); + + /* we report the length of the complete IKE message when splitting, do the + * same here, so add the IKEv2 header len to the reassembled payload data */ + len = 28; + enumerator = create_payload_enumerator(this); + while (enumerator->enumerate(enumerator, &payload)) + { + len += payload->get_length(payload); + } + enumerator->destroy(enumerator); + + DBG1(DBG_ENC, "received fragment #%hu of %hu, reassembled fragmented IKE " + "message (%zu bytes)", num, total, len); return SUCCESS; } |