From f8d9aec3f9075dde07456435c79c00a7f40ed7fd Mon Sep 17 00:00:00 2001
From: Hakan Olsson <ho@cvs.openbsd.org>
Date: Tue, 2 Sep 2003 18:14:53 +0000
Subject: Require ISAKMP_FLAGS_ENC on phase 2 messages. ok markus@, deraadt@.

---
 sbin/isakmpd/message.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'sbin/isakmpd')

diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c
index b7edbffaf71..e7eee52a07b 100644
--- a/sbin/isakmpd/message.c
+++ b/sbin/isakmpd/message.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: message.c,v 1.60 2003/06/14 11:47:13 ho Exp $	*/
+/*	$OpenBSD: message.c,v 1.61 2003/09/02 18:14:52 ho Exp $	*/
 /*	$EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $	*/
 
 /*
@@ -1217,6 +1217,14 @@ message_recv (struct message *msg)
       && (flags & ISAKMP_FLAGS_COMMIT))
     msg->exchange->flags |= EXCHANGE_FLAG_HE_COMMITTED;
 
+  /* Require encryption for any phase 2 message. XXX Always?  */
+  if (msg->exchange->phase == 2 && (flags & ISAKMP_FLAGS_ENC) == 0)
+    {
+      log_print ("message_recv: cleartext phase 2 message");
+      message_drop (msg, ISAKMP_NOTIFY_INVALID_FLAGS, 0, 1, 1);
+      return -1;
+    }
+
   /* OK let the exchange logic do the rest.  */
   exchange_run (msg);
 
-- 
cgit v1.2.3