From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 19 Sep 2016 09:16:06 +0000 (+0200)
Subject: ikev2: Don't cache response to MID sync request
X-Git-Tag: 5.5.2dr5~22^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb57904cbffefcfdacedac59676115062d77c37a;p=thirdparty%2Fstrongswan.git

ikev2: Don't cache response to MID sync request
---

diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
index ede908c725..debfe23fae 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -818,7 +818,7 @@ static status_t build_response(private_task_manager_t *this, message_t *request)
 	task_t *task;
 	message_t *message;
 	host_t *me, *other;
-	bool delete = FALSE, hook = FALSE;
+	bool delete = FALSE, hook = FALSE, mid_sync = FALSE;
 	ike_sa_id_t *id = NULL;
 	uint64_t responder_spi = 0;
 	bool result;
@@ -837,6 +837,10 @@ static status_t build_response(private_task_manager_t *this, message_t *request)
 	enumerator = array_create_enumerator(this->passive_tasks);
 	while (enumerator->enumerate(enumerator, (void*)&task))
 	{
+		if (task->get_type(task) == TASK_IKE_MID_SYNC)
+		{
+			mid_sync = TRUE;
+		}
 		switch (task->build(task, message))
 		{
 			case SUCCESS:
@@ -909,6 +913,12 @@ static status_t build_response(private_task_manager_t *this, message_t *request)
 		}
 		return DESTROY_ME;
 	}
+	else if (mid_sync)
+	{
+		/* we don't want to resend messages to sync MIDs if requests with the
+		 * previous MID arrive */
+		clear_packets(this->responding.packets);
+	}
 
 	array_compress(this->passive_tasks);