From 8f727d8007510839a17796b53afe090a8955e23d Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Mon, 11 Mar 2013 11:30:47 +0100
Subject: [PATCH] Clean up IKE_SA state if IKE_SA_INIT request does not have
 message ID 0

---
 src/libcharon/sa/ikev2/task_manager_v2.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
index 29d8d830e5..a53c06bf7d 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -1175,6 +1175,10 @@ METHOD(task_manager_t, process_message, status_t,
 		{
 			DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
 				 mid, this->responding.mid);
+			if (msg->get_exchange_type(msg) == IKE_SA_INIT)
+			{	/* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
+				return DESTROY_ME;
+			}
 		}
 	}
 	else
-- 
2.47.2