From: Martin Willi <martin@revosec.ch>
Date: Mon, 11 Mar 2013 10:30:47 +0000 (+0100)
Subject: Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0
X-Git-Tag: 5.0.3rc1~60
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f727d8007510839a17796b53afe090a8955e23d;p=thirdparty%2Fstrongswan.git

Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0
---

diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
index 29d8d830e5..a53c06bf7d 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -1175,6 +1175,10 @@ METHOD(task_manager_t, process_message, status_t,
 		{
 			DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
 				 mid, this->responding.mid);
+			if (msg->get_exchange_type(msg) == IKE_SA_INIT)
+			{	/* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
+				return DESTROY_ME;
+			}
 		}
 	}
 	else