From: Tobias Brunner Date: Tue, 4 Oct 2016 13:15:36 +0000 (+0200) Subject: ikev2: Don't increase expected MID after handling MID sync message X-Git-Tag: 5.5.2dr5~22^2~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c3d98d298ec2238a8a76694587fa1f36b5a1e14c;p=thirdparty%2Fstrongswan.git ikev2: Don't increase expected MID after handling MID sync message If the responder never sent a message the expected MID is 0. While the sent MID (M1) SHOULD be increased beyond the known value, it's not necessarily the case. Since M2 - 1 would then equal UINT_MAX setting that MID would get ignored and while we'd return 0 in the notify we'd actually expect 1 afterwards. --- diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c index debfe23fae..778349c08b 100644 --- a/src/libcharon/sa/ikev2/task_manager_v2.c +++ b/src/libcharon/sa/ikev2/task_manager_v2.c @@ -918,6 +918,9 @@ static status_t build_response(private_task_manager_t *this, message_t *request) /* we don't want to resend messages to sync MIDs if requests with the * previous MID arrive */ clear_packets(this->responding.packets); + /* avoid increasing the expected message ID after handling a message + * to sync MIDs with MID 0 */ + return NEED_MORE; } array_compress(this->passive_tasks); diff --git a/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c b/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c index 9967697dd3..d7de113036 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c +++ b/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c @@ -180,9 +180,7 @@ METHOD(task_t, process, status_t, m2 = max(this->send, resp); if (resp != m2) { - /* after responding to this message the expected message ID is increased - * by one so we reduce it here */ - this->ike_sa->set_message_id(this->ike_sa, FALSE, m2 - 1); + this->ike_sa->set_message_id(this->ike_sa, FALSE, m2); } init = this->ike_sa->get_message_id(this->ike_sa, TRUE); p2 = max(this->recv, has_active_tasks(this) ? init + 1 : init);