From 1ed482d808dfa188e091363a6701e1947566396a Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 7 Jan 2011 13:32:28 +0100 Subject: [PATCH] Fix nonce comparison in rekey collisions, lowest nonce loses --- src/libcharon/sa/tasks/child_rekey.c | 7 +++---- src/libcharon/sa/tasks/ike_rekey.c | 7 ++++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/libcharon/sa/tasks/child_rekey.c b/src/libcharon/sa/tasks/child_rekey.c index fdaaea4b80..e74ca4eef5 100644 --- a/src/libcharon/sa/tasks/child_rekey.c +++ b/src/libcharon/sa/tasks/child_rekey.c @@ -241,12 +241,11 @@ static child_sa_t *handle_collision(private_child_rekey_t *this) /* if we have the lower nonce, delete rekeyed SA. If not, delete * the redundant. */ if (memcmp(this_nonce.ptr, other_nonce.ptr, - min(this_nonce.len, other_nonce.len)) < 0) + min(this_nonce.len, other_nonce.len)) > 0) { child_sa_t *child_sa; - DBG1(DBG_IKE, "CHILD_SA rekey collision won, " - "deleting rekeyed child"); + DBG1(DBG_IKE, "CHILD_SA rekey collision won, deleting old child"); to_delete = this->child_sa; /* don't touch child other created, it has already been deleted */ if (!this->other_child_destroyed) @@ -259,7 +258,7 @@ static child_sa_t *handle_collision(private_child_rekey_t *this) else { DBG1(DBG_IKE, "CHILD_SA rekey collision lost, " - "deleting redundant child"); + "deleting rekeyed child"); to_delete = this->child_create->get_child(this->child_create); } } diff --git a/src/libcharon/sa/tasks/ike_rekey.c b/src/libcharon/sa/tasks/ike_rekey.c index 1a6c140c44..44c55036ef 100644 --- a/src/libcharon/sa/tasks/ike_rekey.c +++ b/src/libcharon/sa/tasks/ike_rekey.c @@ -255,19 +255,20 @@ static status_t process_i(private_ike_rekey_t *this, message_t *message) /* if we have the lower nonce, delete rekeyed SA. If not, delete * the redundant. */ if (memcmp(this_nonce.ptr, other_nonce.ptr, - min(this_nonce.len, other_nonce.len)) < 0) + min(this_nonce.len, other_nonce.len)) > 0) { /* peer should delete this SA. Add a timeout just in case. */ job_t *job = (job_t*)delete_ike_sa_job_create( other->new_sa->get_id(other->new_sa), TRUE); lib->scheduler->schedule_job(lib->scheduler, job, 10); - DBG1(DBG_IKE, "IKE_SA rekey collision won, deleting rekeyed IKE_SA"); + DBG1(DBG_IKE, "IKE_SA rekey collision won, waiting for delete"); charon->ike_sa_manager->checkin(charon->ike_sa_manager, other->new_sa); other->new_sa = NULL; } else { - DBG1(DBG_IKE, "IKE_SA rekey collision lost, deleting redundant IKE_SA"); + DBG1(DBG_IKE, "IKE_SA rekey collision lost, " + "deleting redundant IKE_SA"); /* apply host for a proper delete */ host = this->ike_sa->get_my_host(this->ike_sa); this->new_sa->set_my_host(this->new_sa, host->clone(host)); -- 2.47.2