ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

child-create: Make sure the returned KE payload uses the proposed DH group

This commit is contained in:
Tobias Brunner 2018-02-09 15:13:54 +01:00
parent 529ffc2fe3
commit ecbcfbdaa1
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/libcharon/sa/ikev2/tasks/child_create.c
View File

@ -981,7 +981,12 @@ static void process_payloads(private_child_create_t *this, message_t *message)
this->dh = this->keymat->keymat.create_dh(
&this->keymat->keymat, this->dh_group);
}
if (this->dh)
else if (this->dh)
{
this->dh_failed = this->dh->get_dh_group(this->dh) !=
ke_payload->get_dh_group_number(ke_payload);
}
if (this->dh && !this->dh_failed)
{
this->dh_failed = !this->dh->set_other_public_value(this->dh,
ke_payload->get_key_exchange_data(ke_payload));