From 47a340e1f7fb2f6e05d7ca350969c4b4e0680cdf Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 10 Jun 2015 15:53:08 +0200
Subject: [PATCH] ikev2: Drop IKE_SA_INIT messages that don't have the
 initiator flag set

While this doesn't really create any problems it is not 100% correct to
accept such messages because, of course, the sender of an IKE_SA_INIT
request is always the original initiator of an IKE_SA.

We currently don't check the flag later, so we wouldn't notice if the
peer doesn't set it in later messages (ike_sa_id_t.equals doesn't
compare it anymore since we added support for IKEv1, in particular since
17ec1c74de).
---
 src/libcharon/network/receiver.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/libcharon/network/receiver.c b/src/libcharon/network/receiver.c
index 6902c48478..076233260f 100644
--- a/src/libcharon/network/receiver.c
+++ b/src/libcharon/network/receiver.c
@@ -542,7 +542,9 @@ static job_requeue_t receive_packets(private_receiver_t *this)
 	if (message->get_request(message) &&
 		message->get_exchange_type(message) == IKE_SA_INIT)
 	{
-		if (this->initiator_only || drop_ike_sa_init(this, message))
+		id = message->get_ike_sa_id(message);
+		if (this->initiator_only || !id->is_initiator(id) ||
+			drop_ike_sa_init(this, message))
 		{
 			message->destroy(message);
 			return JOB_REQUEUE_DIRECT;
-- 
2.47.2