Don't respond to malformed INFORMATIONAL_V1 messages with another INFORMATIONAL_V1 exchange.

author: Tobias Brunner <tobias@strongswan.org> 2011-11-25 18:00:06 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2012-03-20 17:31:08 +0100
commit: 6be8d33daadede559f877adbfe5b21225e27911a (patch)
tree: e135a75e0c4f19f041a435c6423ceb4f3537b128 /src
parent: 37639e94fba52dad26f8205ac3c263b34e697720 (diff)
download: strongswan-6be8d33daadede559f877adbfe5b21225e27911a.tar.bz2
strongswan-6be8d33daadede559f877adbfe5b21225e27911a.tar.xz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/libcharon/sa/task_manager_v1.c b/src/libcharon/sa/task_manager_v1.c
index 5c9c926d8..fe2f7c7ec 100644
--- a/src/libcharon/sa/task_manager_v1.c
+++ b/src/libcharon/sa/task_manager_v1.c
@@ -658,6 +658,12 @@ static void send_notify_response(private_task_manager_t *this,
 	host_t *me, *other;
 	u_int32_t mid;
 
+	if (request->get_exchange_type(request) == INFORMATIONAL_V1)
+	{	/* don't respond to INFORMATIONAL requests to avoid a notify war */
+		DBG1(DBG_IKE, "ignore malformed INFORMATIONAL request");
+		return;
+	}
+
 	response = message_create(IKEV1_MAJOR_VERSION, IKEV1_MINOR_VERSION);
 	response->set_exchange_type(response, INFORMATIONAL_V1);
 	response->set_request(response, TRUE);
author	Tobias Brunner <tobias@strongswan.org>	2011-11-25 18:00:06 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2012-03-20 17:31:08 +0100
commit	6be8d33daadede559f877adbfe5b21225e27911a (patch)
tree	e135a75e0c4f19f041a435c6423ceb4f3537b128 /src
parent	37639e94fba52dad26f8205ac3c263b34e697720 (diff)
download	strongswan-6be8d33daadede559f877adbfe5b21225e27911a.tar.bz2 strongswan-6be8d33daadede559f877adbfe5b21225e27911a.tar.xz