From 94f5335efba1f396a2a96ecb3b7ac0636a01177b Mon Sep 17 00:00:00 2001
From: Filip Tehlar <ftehlar@cisco.com>
Date: Wed, 30 Sep 2020 21:56:01 +0000
Subject: [PATCH] ikev2: fix issue when decrypting packet with no keys

Type: fix

Change-Id: I0e615d5089587992012a0f280ee902b2906f21c2
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
---
 src/plugins/ikev2/ikev2.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index 96b8e7d9b23..bfad2adbd9e 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -858,7 +858,7 @@ ikev2_decrypt_sk_payload (ikev2_sa_t * sa, ike_header_t * ike, u8 * payload,
     ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
   int is_aead = tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
 
-  if ((!sa->sk_ar || !sa->sk_ai) && !is_aead)
+  if (((!sa->sk_ar || !sa->sk_ai) && !is_aead) || (!sa->sk_ei || !sa->sk_er))
     return 0;
 
   while (p < len &&
-- 
2.16.6