[strongSwan-dev] [PATCH] ikev1: fix fragment size and fragment count

[Volker Rümelin]

Fragment size was 4 bytes too small for the second IKE response
in case of a NATed peer and fragment count was too small in a
few cases leading to an incomplete message.
---
 src/libcharon/sa/ikev1/task_manager_v1.c |   17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c
index 857cb02..c5dde60 100644
--- a/src/libcharon/sa/ikev1/task_manager_v1.c
+++ b/src/libcharon/sa/ikev1/task_manager_v1.c
@@ -413,7 +413,6 @@ static bool send_packet(private_task_manager_t *this, bool request,
 {
 	bool use_frags = FALSE;
 	ike_cfg_t *ike_cfg;
-	host_t *src, *dst;
 	chunk_t data;
 
 	ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
@@ -438,15 +437,19 @@ static bool send_packet(private_task_manager_t *this, bool request,
 		fragment_payload_t *fragment;
 		u_int8_t num, count;
 		size_t len, frag_size;
-		bool nat;
-
-		/* reduce size due to non-ESP marker */
-		nat = this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY);
-		frag_size = this->frag.size - (nat ? 4 : 0);
+		host_t *src, *dst;
 
 		src = packet->get_source(packet);
 		dst = packet->get_destination(packet);
-		count = (data.len / (frag_size + 1)) + 1;
+		frag_size = this->frag.size;
+		/* if neither source nor destination port is 500 reduce fragment
+		 * size due to non-ESP marker */
+		if (dst->get_port(dst) != IKEV2_UDP_PORT &&
+			src->get_port(src) != IKEV2_UDP_PORT)
+		{
+			frag_size -= 4;
+		}
+		count = data.len / frag_size + (data.len % frag_size ? 1 : 0);
 
 		DBG1(DBG_IKE, "sending IKE message with length of %zu bytes in "
 			 "%hhu fragments", data.len, count);
-- 
1.7.10.4