ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

ikev1: Fix PSK lookup for Main Mode initiators 

We need the PSK/identity already when deriving the keys in process_i().

Fixes: 1665a4e050 ("ikev1: Use actual local identity as initiator or aggressive mode responder")
This commit is contained in:
Tobias Brunner 2020-06-05 14:07:43 +02:00
parent 62367f2c01
commit 736ac65554
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libcharon/sa/ikev1/tasks/main_mode.c
View File

@ -250,6 +250,7 @@ METHOD(task_t, build_i, status_t,
{
sa_payload_t *sa_payload;
linked_list_t *proposals;
identification_t *id;
packet_t *packet;
DBG0(DBG_IKE, "initiating Main Mode IKE_SA %s[%d] to %H",
@ -261,6 +262,8 @@ METHOD(task_t, build_i, status_t,
this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
this->peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
this->peer_cfg->get_ref(this->peer_cfg);
id = this->ph1->get_id(this->ph1, this->peer_cfg, TRUE);
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
this->method = this->ph1->get_auth_method(this->ph1, this->peer_cfg);
if (this->method == AUTH_NONE)
@ -331,8 +334,7 @@ METHOD(task_t, build_i, status_t,
id_payload_t *id_payload;
identification_t *id;
id = this->ph1->get_id(this->ph1, this->peer_cfg, TRUE);
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
id = this->ike_sa->get_my_id(this->ike_sa);
id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);