From c3d98d298ec2238a8a76694587fa1f36b5a1e14c Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 4 Oct 2016 15:15:36 +0200 Subject: ikev2: Don't increase expected MID after handling MID sync message If the responder never sent a message the expected MID is 0. While the sent MID (M1) SHOULD be increased beyond the known value, it's not necessarily the case. Since M2 - 1 would then equal UINT_MAX setting that MID would get ignored and while we'd return 0 in the notify we'd actually expect 1 afterwards. --- src/libcharon/sa/ikev2/task_manager_v2.c | 3 +++ src/libcharon/sa/ikev2/tasks/ike_mid_sync.c | 4 +--- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c index debfe23fa..778349c08 100644 --- a/src/libcharon/sa/ikev2/task_manager_v2.c +++ b/src/libcharon/sa/ikev2/task_manager_v2.c @@ -918,6 +918,9 @@ static status_t build_response(private_task_manager_t *this, message_t *request) /* we don't want to resend messages to sync MIDs if requests with the * previous MID arrive */ clear_packets(this->responding.packets); + /* avoid increasing the expected message ID after handling a message + * to sync MIDs with MID 0 */ + return NEED_MORE; } array_compress(this->passive_tasks); diff --git a/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c b/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c index 9967697dd..d7de11303 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c +++ b/src/libcharon/sa/ikev2/tasks/ike_mid_sync.c @@ -180,9 +180,7 @@ METHOD(task_t, process, status_t, m2 = max(this->send, resp); if (resp != m2) { - /* after responding to this message the expected message ID is increased - * by one so we reduce it here */ - this->ike_sa->set_message_id(this->ike_sa, FALSE, m2 - 1); + this->ike_sa->set_message_id(this->ike_sa, FALSE, m2); } init = this->ike_sa->get_message_id(this->ike_sa, TRUE); p2 = max(this->recv, has_active_tasks(this) ? init + 1 : init); -- cgit v1.2.3