projects / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 10e0faf) | patch
ikev2: Destroy IKE_SA if INVALID_SYNTAX notify is received in response
authorTobias Brunner <tobias@strongswan.org>
Mon, 25 Nov 2019 14:55:54 +0000 (15:55 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 9 Dec 2019 11:26:54 +0000 (12:26 +0100)
commita84aeb01aa6cc0c23788cccda31a796d265d9fdf
tree76de6b58897a54c977fed6106d22b14453125429tree | snapshot
parent10e0faf477edc8064b11471fd94deef2f49167c4commit | diff
ikev2: Destroy IKE_SA if INVALID_SYNTAX notify is received in response

RFC 7296, section 2.21.3:

   If a peer parsing a request notices that it is badly formatted (after
   it has passed the message authentication code checks and window
   checks) and it returns an INVALID_SYNTAX notification, then this
   error notification is considered fatal in both peers, meaning that
   the IKE SA is deleted without needing an explicit Delete payload.
src/libcharon/sa/ikev2/task_manager_v2.c diff | blob | history
strongSwan - IPsec VPN